Nov 8, 2016 - VyOS offers four ways to configure network addresses on interfaces: static, DHCP (DHCPv6), IPv6 autoconfiguration, and IPv6 EUI. We are telling VyOS that outbound connections from our internal networks should use eth0 to connect to the outside world. Firewall Settings. VyOS can operate in a couple of different firewall modes, but I’m finding the zone-based approach the simplest solution.
Hi guys,I have a Cisco 3750x switch. I basically need to set up a trunk port on one of the ports.
Vyos Nat
It is a stacked switch and it is port number 35 on switch 2, which reads as Gi2/0/35 when I type 'show vlan'.As it stands, this port is currently on VLAN3. But it is set to untagged. I believe I need to set it to be capable of receiving traffic tagged traffic on VLAN3 and also untagged traffic. The untagged traffic is on a network range that is not set up as a VLAN.
Vyos Review
Does it make sense?Thanks for helpingYashy. Sir Johnston, thank you for responding back. I've confused myself and others recently.I've attached a diagram of what my set up looks like. We have an AP. This AP gives two SSID's. One for guests, one for staff.Staff wifi SSID is associated with VLAN ID3.Guest Wifi SSID is associated with network 10.0.5.0/24 that is connected directly to our firewall.Our firewall which provides DHCP for the 10.0.5.0 network is connected to our Draytek P1100 switch.Our Access point is connected by one cable to the Draytek P1100 switch.One ethernet cable is connected from Draytek P1100 to VLAN3 on our Cisco switch.The Cisco switch VLAN3 is set for untagged traffic at the moment.
I got help from one of the EE's, Mas, in the last post I made that in order for people to be able to connect to both staff wifi and guest wifi, I have to trunk the port on the Cisco.Now, one thing I wanted to understand is if people connect to the Guest-Wifi, the Draytek P1100 will need to route that traffic to our firewall directly. If someone connects to the Staff-Wifi, they will need to be routed directly from the Draytek P1100 to VLAN3, right?Sorry if I have written more than the initial subject. I've been recently baffled by the whole VLAN stuff, that's all. Now this makes more sense.Create VLAN3 on your Draytek. Once you've done that, you want port 8 (where your Cisco is connected) to only be a member of VLAN3, and to be untagged. Then port 2 on the Draytek only needs to be a member of VLAN1 (no need for tags, etc). The port on the Draytek that is connected to the AP needs to be a trunk port, VLAN1 untagged and VLAN3 tagged.
That should clear things up, as long as you make sure on the AP to cite that the SSID that needs to use VLAN3 has that tag in the settings.