DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Possible? 2850Vn/2830n,2 companies,shared internet+printers
- jsp
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
11 May 2012 12:28 #72198
by jsp
Possible? 2850Vn/2830n,2 companies,shared internet+printers was created by jsp
Hello,
I was wondering if someone could give me some advice on whether this config would work on a 2850Vn. I have no experience with Draytek equipment but plenty with vanilla Linux networking so I was hoping someone could confirm this is possible.. I've read through the manual and toyed with the online demo, but until I can write the changes I can't actually know I've got this right and that it is indeed possible..
I have two small companies (2-3 hosts each) which would like to share an ADSL2+ uplink (maybe VDSL2) and two printers. The hosts will be connected over wired LAN, and sometimes over the wireless so I'd like to have three SSIDs - one for guests (guestSSID), one for company1 (mySSID10) and one for company2 (mySSID20). The company's LANs should not be able to send each other packets, but should have access to the printers and the internet. I was thinking of connecting a Netgear GS108Tv2 to P1 on the 2850Vn. The remaining ports on the GS108Tv2 will be configured as belonging to either VLANid10 (for company1) or VLANid20 (for company2). The switch port connected to P1 on the 2850Vn will belong to both VLANid10 and VLANid20. The two printers will be connected to P2 and P3 on the 2850Vn.
I'd like to configure the 2850Vn thusly:
Under "LAN >> General Setup" I'd like to configure four LANs - one for the printers (LAN 1), one for company1 (LAN 2), one for company2 (LAN 3) and one for the guest wifi (LAN 4) . Each will have the DHCP server configured to supply addresses from different subnets to each LAN.
Under "LAN >> VLAN Configuration" I'd like to configure VLAN1 (VLAN for printers), VLAN2 (VLAN for company1), VLAN3 (VLAN for company2), VLAN4 (VLAN for wifi guests).. so P2 and P3 belong to VLAN1, SSID1 (mySSID10) and P1 with VID VLANid10 belong to VLAN2, SSID2 (mySSID20) and P1 with VID VLANid20 belong to VLAN3, and finally guestSSID belongs to VLAN4.
Finally, to configure routing between the VLANs.. and this is where I'm unsure..
Create a Service Type object for Jetdirect (dest TCP/9100) under "Objects Setting >> Service Type Object Setup"
Under "Firewall >> Edit Filter Set >> Edit Filter Rule" I set direction to "LAN/RT/VPN -> LAN/RT/VPN", set VLAN2 and VLAN3 as source and the printers as destination (would be nicer to be able to set src and dest as VLANx rather than address, but no matter).
Under "LAN >> General Setup" I may have to enable inter-LAN routing between LAN1 and LAN2, and LAN1 and LAN3.
I may have skipped over a small detail or two in the firewalling, but I hope you get my gist.
So would this work on a 2850Vn? Also, would this set-up also work on the 2830n? I only really wanted VoIP and VDSL2 for future flexibility, but it isn't immediately necessary.
The 2850Vn looks like a very capable and well priced box, but without personal experience I'm seeking your help.
Many thanks in advance,
Jason.
I was wondering if someone could give me some advice on whether this config would work on a 2850Vn. I have no experience with Draytek equipment but plenty with vanilla Linux networking so I was hoping someone could confirm this is possible.. I've read through the manual and toyed with the online demo, but until I can write the changes I can't actually know I've got this right and that it is indeed possible..
I have two small companies (2-3 hosts each) which would like to share an ADSL2+ uplink (maybe VDSL2) and two printers. The hosts will be connected over wired LAN, and sometimes over the wireless so I'd like to have three SSIDs - one for guests (guestSSID), one for company1 (mySSID10) and one for company2 (mySSID20). The company's LANs should not be able to send each other packets, but should have access to the printers and the internet. I was thinking of connecting a Netgear GS108Tv2 to P1 on the 2850Vn. The remaining ports on the GS108Tv2 will be configured as belonging to either VLANid10 (for company1) or VLANid20 (for company2). The switch port connected to P1 on the 2850Vn will belong to both VLANid10 and VLANid20. The two printers will be connected to P2 and P3 on the 2850Vn.
I'd like to configure the 2850Vn thusly:
Under "LAN >> General Setup" I'd like to configure four LANs - one for the printers (LAN 1), one for company1 (LAN 2), one for company2 (LAN 3) and one for the guest wifi (LAN 4) . Each will have the DHCP server configured to supply addresses from different subnets to each LAN.
Under "LAN >> VLAN Configuration" I'd like to configure VLAN1 (VLAN for printers), VLAN2 (VLAN for company1), VLAN3 (VLAN for company2), VLAN4 (VLAN for wifi guests).. so P2 and P3 belong to VLAN1, SSID1 (mySSID10) and P1 with VID VLANid10 belong to VLAN2, SSID2 (mySSID20) and P1 with VID VLANid20 belong to VLAN3, and finally guestSSID belongs to VLAN4.
Finally, to configure routing between the VLANs.. and this is where I'm unsure..
Create a Service Type object for Jetdirect (dest TCP/9100) under "Objects Setting >> Service Type Object Setup"
Under "Firewall >> Edit Filter Set >> Edit Filter Rule" I set direction to "LAN/RT/VPN -> LAN/RT/VPN", set VLAN2 and VLAN3 as source and the printers as destination (would be nicer to be able to set src and dest as VLANx rather than address, but no matter).
Under "LAN >> General Setup" I may have to enable inter-LAN routing between LAN1 and LAN2, and LAN1 and LAN3.
I may have skipped over a small detail or two in the firewalling, but I hope you get my gist.
So would this work on a 2850Vn? Also, would this set-up also work on the 2830n? I only really wanted VoIP and VDSL2 for future flexibility, but it isn't immediately necessary.
The 2850Vn looks like a very capable and well priced box, but without personal experience I'm seeking your help.
Many thanks in advance,
Jason.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek