Hi..
I have the following:
local lan 192.168.180.0/24 (vlan10)
mgmt lan 192.168.199.0/24 (vlan99)
internet DHCP ISP (vlan2) LAN1
trunk to L2 swtitch LAN4
Everything exceot the mgmt lan doesn't work. I have issues with add L3 to mgmt vlan.
Changing the protocol from managed to static and setting 192.168.199.254 , is that the way? Or should it be an bridged interface?
It worked with just changing protocol to ip address.
the only question I have must the vlan 2 and 99 stay tagged on CPU (Eth0)?
regards Richard
Proto "unmanaged" means that the kernel will not hold an IP address on that network, thus it is impossible to connect with ssh or http since those are IP-based protocols. This is useful in routers with built in wifi to set up a dumb AP for untrusted guests. It will make a bridge between wifi and a wired VLAN which has no IP interaction between the network and the OS, thus it is theoretically impossible to hack.
The management LAN should be static IP usually with a DHCP server and a .1 IP for easy access. Generally you'd put it alone untagged on one port which you would plug in a laptop only when needed for management. It does not need a firewall association since it is only for local use.
All VLANs where the network needs some interaction with the CPU need to be tagged to the CPU. The only exception would be where you hardware switch between two external devices, which is common where you have TV service from your Internet company and they set up an IPTV box that needs only to link directly to a VLAN on the modem.
