1

I bought TP-Link T2500G-10TS L2 switch. My intention is to establish 3 VLANs.

Company A - IP range starts from 192.168.1.1 to 255

Company B - IP range starts from 192.168.2.1 to 255

Guest - IP range starts from 10.0.0.1 to 255 (for Wi-Fi)

This is an 8 port switch. Port assignments;

Internet cable will be plugged into 1st port so all VLAN can access to the Internet.

2nd port can remain same for accessing TP-Link admin panel (192.168.0.1 as default)-but I don't know I can reach admin panel from other VLANs such as Company A or Company B. If this is the case so we can pass this step.

3rd and 4th port will be assigned for company A

5th and 6th port will be assigned for company B

7th and 8th port will be assigned for Guest

I want Company A and Company B can interact with each other while guest should be isolated.

How can I configure my switch according to this?

I have no experience on networks so I don't know if this question is hard or not. I don't even know my switch is capable of doing this, but I need your help?


I read all manuals but since i don't know the terminology, i couldn't understand what should i do to achieve this configuration. If i know what should i do, i can find where i can make it from the manual. I asked network guy, he said that it is impossible to achieve this by layer 2 switch. It should be at least layer 3 switch. Then i make 2 different LAN configuration with static ip ranges from TILGIN branded modem easily. However, i still can't understand that basic modem can handle this kind of job but L2 switch can't. I think smart switches and L2 switches are totally same with regular switches. L3 switches are different as we can see from the price range. Anyway, thank you for you help.

sysadmin1138
  • 131,083
  • 18
  • 173
  • 296
ONDER
  • 11
  • 1
  • 1
    DLink provides MANUALS.... [READ THEM](https://www.tp-link.com/en/support/download/t2500g-10ts/) – djdomi Jul 27 '21 at 04:39

1 Answers1

1

internet cable will be plugged into 1st port so all VLAN can access to the internet.

No, there's no magic that'd do that. Only those VLANs that share a subnet with the router can access the Internet. For that, you need to trunk all VLANs to the router and configure the appropriate subinterfaces on the router port.

A VLAN is like a virtual switch. Access ports with a single, untagged VLAN are connected to that single virtual switch. Trunk ports connect multiple, tagged VLANs between devices, so you'd need just a single, physical link between switch and router.

If the WAN router cannot be configured with subinterfaces you'll need another, VLAN-capable router or a layer-3 switch. There, you'd set up your user VLANs and another transfer VLAN towards the router.

Zac67
  • 8,639
  • 2
  • 10
  • 28