Wintermute
New Around Here
Objective: I have a large home network that I would like to split into two VLANS, one for my regular devices, and one for an IP camera system. I would like to separate the IP camera traffic from my regular network, but I still need to be able to access the cameras from devices on the other VLAN. I would like to have all of the non-camera devices on the subnet 10.0.0.0/22, and the IP cameras on the subnet 10.0.4.0/24.
Equipment: I have an Asus RT-N66U router running Tomato USB, and a Cisco SG300-28 managed switch (Layer 3 mode). I would have prefered to use a small business router from Cisco, but I had too many instability issues with the RV220W. The router is connected to a modem on its WAN port, and the managed switch on a LAN port. All of the devices and IP cameras are connected to the managed switch on ports GE1 through GE9.
I would like the managed switch to do as much of the heavy lifting as possible. I have tried a number of times to get the VLANs setup, but I am having problems routing the traffic between them. I have gone through a number of tutorials and guides, but I must be doing something incorrectly. Here is what I have done so far:
First I setup the two subnets on the router. I am a little unsure if this step is correct.
http://imageshack.us/a/img18/8574/1network.png
I assigned the SG300-28 a static IP address of 10.0.0.2. There are five Apple Airport Extremes connected to the switch that are being used as wireless access points, I have assigned each of them static IPs on the 10.0.0.0/22 subnet as well. Each of the Sonos devices, and a network printer are also assigned static IPs on the 10.0.0.0/22 subnet. All of the other devices on this subnet are given IP addresses via DHCP. I assigned static IP addresses to each of the cameras on the 10.0.4.0/24 subnet.
http://imageshack.us/photo/my-images/29/2staticdhcp800.png/
I verified that the SG300-28 "System Mode" is set to "L3". I then created a VLAN for the IP cameras through "VLAN Management > Create VLAN".
http://imageshack.us/photo/my-images/717/3createvlan800.png/
After creating the IP camera VLAN, I setup the IPv4 interfaces through "IP Configuration > Management and IP interfaces > IPv4 Interface".
http://imageshack.us/photo/my-images/690/4ipv4interface800.png/
The IP cameras are plugged into ports GE1 through GE9. I added these ports to VLAN 2 (Cameras) as Untagged ports through "VLAN Management > Port to VLAN".
http://imageshack.us/photo/my-images/825/5porttovlan800.png/
I then changed the Interface VLAN Mode for each of the ports in VLAN 2 (Cameras) to "Access" through "VLAN Management > Inteface Settings".
http://imageshack.us/photo/my-images/52/6interfacesettings800.png/
At this point I have tried a number of different settings for routing traffic between the two VLANS, but nothing I have tried seems to work. I have tried setting up static routes between the two subnets without success. I tried creating a rule in the router under "Advanced > LAN Access", but this did not work.
http://imageshack.us/photo/my-images/228/7lanaccess800.png/
I removed that that setting , and tried creating static routes between the two subnets. I am missing something, or have done something incorrectly. I don't think what I am doing is particularly difficult, I just can't seem to get things working. I have read through a number of guides, but they tend to gloss over details, or just haven't worked for my situation. Any help would be greatly appreciated.
Equipment: I have an Asus RT-N66U router running Tomato USB, and a Cisco SG300-28 managed switch (Layer 3 mode). I would have prefered to use a small business router from Cisco, but I had too many instability issues with the RV220W. The router is connected to a modem on its WAN port, and the managed switch on a LAN port. All of the devices and IP cameras are connected to the managed switch on ports GE1 through GE9.
I would like the managed switch to do as much of the heavy lifting as possible. I have tried a number of times to get the VLANs setup, but I am having problems routing the traffic between them. I have gone through a number of tutorials and guides, but I must be doing something incorrectly. Here is what I have done so far:
First I setup the two subnets on the router. I am a little unsure if this step is correct.
http://imageshack.us/a/img18/8574/1network.png
I assigned the SG300-28 a static IP address of 10.0.0.2. There are five Apple Airport Extremes connected to the switch that are being used as wireless access points, I have assigned each of them static IPs on the 10.0.0.0/22 subnet as well. Each of the Sonos devices, and a network printer are also assigned static IPs on the 10.0.0.0/22 subnet. All of the other devices on this subnet are given IP addresses via DHCP. I assigned static IP addresses to each of the cameras on the 10.0.4.0/24 subnet.
http://imageshack.us/photo/my-images/29/2staticdhcp800.png/
I verified that the SG300-28 "System Mode" is set to "L3". I then created a VLAN for the IP cameras through "VLAN Management > Create VLAN".
http://imageshack.us/photo/my-images/717/3createvlan800.png/
After creating the IP camera VLAN, I setup the IPv4 interfaces through "IP Configuration > Management and IP interfaces > IPv4 Interface".
http://imageshack.us/photo/my-images/690/4ipv4interface800.png/
The IP cameras are plugged into ports GE1 through GE9. I added these ports to VLAN 2 (Cameras) as Untagged ports through "VLAN Management > Port to VLAN".
http://imageshack.us/photo/my-images/825/5porttovlan800.png/
I then changed the Interface VLAN Mode for each of the ports in VLAN 2 (Cameras) to "Access" through "VLAN Management > Inteface Settings".
http://imageshack.us/photo/my-images/52/6interfacesettings800.png/
At this point I have tried a number of different settings for routing traffic between the two VLANS, but nothing I have tried seems to work. I have tried setting up static routes between the two subnets without success. I tried creating a rule in the router under "Advanced > LAN Access", but this did not work.
http://imageshack.us/photo/my-images/228/7lanaccess800.png/
I removed that that setting , and tried creating static routes between the two subnets. I am missing something, or have done something incorrectly. I don't think what I am doing is particularly difficult, I just can't seem to get things working. I have read through a number of guides, but they tend to gloss over details, or just haven't worked for my situation. Any help would be greatly appreciated.
Last edited:
