Setup VLANs between RV220W router and SG200-26 Switch (CISCO)

This is what I did to Set up VLANS Between a RV220W Router and SG200-26 Switch (both CISCO)
This should be the same for any SG200-xx switch.

I had lots of trouble getting it to work (because I did not know nothing on the way to do it)
Well as anything else, when you got it, it then sounds really easy.
I’ll put this as a reminder for me and maybe it could helps others.

The router has 4 gigabits ports, the witch 26 gigabits ports.
The RV220W can handle 16 VLANs.

With VLAN we have to deal with tagged, untagged, forbiden and excluded ports.
There is also “trunk” “access” “general” and “customer” interface settings.
don’t panic we’ll cover ( a bit ) that later on.

1° You do need to have Untagged ports at least on one VLAN.
2° Only one link is needed between the router and the switch, whatever the Number of VLAN you want to create/use.
3° This link MUST be a trunk link.
4° There is always a default_VLAN. but you can choose to exclude it from all ports

I’ll also consider, that like me, you did RTFM a minimum on the web and the CISCO’s admin manuals

Now I’ll cover here what settings worked, and as I go more deeper in fine tuning, I’ll edit this post (or create new one).

1) Setup VLANS

1.1) On the router

1.1.1 ) Create VLAN(s)

login and go to : Networking -> LAN -> VLAN Membership

note : I’ll cover 2 VLAN for now
note 2 : I’ll use the port 1 to link to the switch.

Click add Row, and enter a VLAN ID, a VLAN name, if you want VLAN to be able to talk to each other enable inter VLAN Routing.
then choose tagged (at least for the port you’ll se to link up the switch and the router).

CISCO_VLANs_RV220W_01

1.1.2 ) Setup Networking for the VLAN

login and go to : Networking -> LAN -> Multiple VLAN Subnets

Here you’ll see the VLAN(s) you’ve just created on the previous step.
I usually use the ID as the network “range”
so if my VLAN ID is 2 – I’ll assign 192.168.2.xxx Address – I for now use /24 (aka 255.255.255.0) for the mask.
you can if you like enable DHCP. My default VLAN has no DHCP as it is handled by my Server.
On other(s) VLAN(s) I do enable it (for now)

You’re now ready to go on the switch and configure it.

CISCO_VLANs_RV220W_02

1.2 ) On the switch

I want the ports GE7-GE8-GE9-GE12 to be excluded from the VLAN ID1 and be part of VLAN ID 2.

1.2.1 ) Create VLAN(s)

login and go to :

VLAN Management -> VLAN Settings
Click add Row, and enter same VLAN ID and VLAN name as you did on the router.
I let the defaults for the VLAN interface State and Link Status SNMP traps.

CISCO_VLANs_SG200-26_01

1.2.2 ) Interface Settings

Go to : VLAN Management -> Interface Settings
here you’ll se a list of all interfaces.

CISCO_VLANs_SG200-26_02

1.2.2.1 ) Edit the link between router and switch.
Click on the radio button of the 1 row (GE1) and click the Edit button.
well, actually you won’t change anything as it is already in a trunk mode.
“trunk” means it will accept traffic from any “VLAN”

1.2.2.2 ) Edit other links between switch and your devices.
Click on the radio button of the 1 row (GE7) and click the Edit button. (repeat for GE8-9-12 and so on)

Here I’ve tried different settings that both works. For now I don’t know the real differences.

I’ve tried either in :

– “Access” mode
you can’t edit “anything else” in this mode.

– “General” mode with ingress filtering ON or OFF
here you can specify other settings such as Admit all packets or only tagged packets or only untagged packets
you also can specify the PVID (managing interface I think)

CISCO_VLANs_SG200-26_03CISCO_VLANs_SG200-26_04

For now I’ll see later which one I’ll choose.  But I’ll keep the “Access” setup as it has less options to mess around.
Even if I do suspect benefits of the General Mode and its options.

Once I’ll play more I’ll hopefully understand better the means and PROs and CONs of each setup.

1.2.3 ) Port to VLAN or VLAN Membership table

Go to : VLAN Management -> Port to VLAN
Note : I now have the 1.4.0.88 firmware. So interface may differ a bit if you have older firmware.
(see here on how to update your firmware if you have an older one)

Some details From the MANUAL SG200-26 p175

General:
The interface can support all functions as defined in the IEEE 802.1q specification.
The interface can be a tagged or untagged member of one or more VLANs.

Access:
The interface is an untagged member of a single VLAN.
A port configured in this mode is known as an access port.

Trunk:
The interface is an untagged member of one VLAN at most, and is a tagged member of zero or more VLANs.
A port configured in this mode is known as a trunk port.

Customer:
Selecting this option places the interface in QinQ mode.
This enables you to use your own VLAN arrangements (PVID) across the provider network.
The device is in Q-in-Q mode when it has one or more customer ports. See QinQ.

1.2.3.1 ) VLAN ID 1 Untagged, tagged, Excluded…

On top you’ll see a “filter” with a dropdown menu : VLAN ID equals to “1”
This means you’re dealing with settings for the VLAN ID 1 – which is the default VLAN – unless you’ve allready changed it.

I want the ports GE7-GE8-GE9 and GE12 to be excluded from the VLAN ID1 and be part of VLAN ID 2.
just select the dropdown menu on the ports you choosed and exclude those ports from the VLAN ID 1.

CISCO_VLANs_SG200-26_05

1.2.3.2 ) VLAN ID 2 Untagged, tagged, Excluded…

On the “filter” dropdown menu choose VLAN ID equals to “2”

1.2.3.2.1) Edit the GE1 port
For the GE1 port (the one that links the router to the swicth),
on the dropdown menu choose tagged

1.2.3.2.1) Edit the GE7-GE8-GE9 and GE12 ports
I want the ports GE7-GE8-GE9 and GE12 to be part of the VLAN ID 2.
just select the dropdown menu on the ports you choosed and set them as Untagged.
All others ports should already show up as excluded.

CISCO_VLANs_SG200-26_06

1.2.4 ) Port VLAN Membership

1.2.4.1 ) GE1 (the trunk link)

It will be Untagged for VLAN ID1, and Tagged for VLANID2

1.2.4.2 )

Here it is a bit weird.

— If the port is in Access Mode, it shows up as Untagged on the table.

Click on the Join VLan Button to edit the port GE7 (or GE8-9 or 12) in this example,
and you’ll see it shows Untagged.

— If the port is in General Mode, it shows up as Untagged on the table.

Click on the Join VLan Button to edit the port GE7 (or GE8-9 or 12) in this example,
and you’ll see it shows as tagged.

CISCO_VLANs_SG200-26_07

Weird for me.

Conclusion

Anyway for now, I have a very Basic but working setup for multiple VLAN betwwen my router and my switch.
I can choose what port are part of a given VLAN, and if the router will assign IP addresses via its DHCP server
or if I leave that to other device (my server for example)

I also verified that I can connect to other servers from other VLANs with success.

Important Note : Don’t forget to SAVE your new configuration, or you’ll loose everything at reboot.
Of course it is always faster to redo things once done once, right ? :)

Olivier
About

Product and graphic designer turned to be a Mac SysAdmin.

Posted in Admin Tagged with: , , , ,
One comment on “Setup VLANs between RV220W router and SG200-26 Switch (CISCO)
  1. Thanks for posting about vlan, I will bookmark it

1 Pings/Trackbacks for "Setup VLANs between RV220W router and SG200-26 Switch (CISCO)"
  1. […] did update firmware as I had trouble creating VLANs between RV220W and SG200-26 CISCO devices. But this had nothing to do I was just not getting it […]

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>