SG-1100 VLAN Switch Configuration

No video

SG-1100 VLAN Switch Configuration

Рет қаралды 38,944

Күн бұрын

lawrence.video...
Amazon Affiliate Store
➡️ www.amazon.com...
Gear we used on Kit (affiliate Links)
➡️ kit.co/lawrenc...
Try ITProTV free of charge and get 30% off!
➡️ go.itpro.tv/lts
Use OfferCode LTSERVICES to get 5% off your order at
➡️ lawrence.video...
Tesla Referral Program Offer
🚘 www.tesla.com/...
Lawrence Systems Shirts and Swag
👕 teespring.com/...
Digital Ocean Offer Code
➡️ m.do.co/c/85de...
HostiFi UniFi Cloud Hosting Service
➡️ hostifi.net/?v...
Protect you privacy with a VPN from Private Internet Access
➡️ www.privateint...
Google Fi Service Referral Code
📱g.co/fi/r/TA02XR
More Of Our Affiliates that help us out and can get you discounts!
➡️ www.lawrencesy...
Twitter
🐦 / tomlawrencetech
Patreon
🔗 / lawrencesystems
Our Forums
🔗 forums.lawrenc...
GitHub
🔗 github.com/law...
Discord
🔗 / discord
Our Web Site
🔗 www.lawrencesy...
Full Netgate Video
www.netgate.co...
How To Setup VLANS With pfsense & UniFI. Also how to build for firewall rules for VLANS in pfsese
• How To Setup VLANS Wit...
Review of the Monoprice Slimrun Cat6 Ethernet Patch Cables Compared 28/32 AWG used in this video
• Monoprice Slimrun Cat6...
Monoprice Cat6 Ethernet Patch Cable - 3 feet - Red | Snagless RJ45 Stranded 550MHz UTP CMR Riser Rated Pure Bare Copper Wire 28AWG - SlimRun Series
amzn.to/2Wda6if
Monoprice Cat6 Ethernet Patch Cable - 0.5 Feet - Orange | Stranded, 550MHz, UTP, Pure Bare Copper Wire, 36AWG - Micro SlimRun Series
amzn.to/2ENPdEw
Monoprice Cat6 Ethernet Patch Cable - 3 feet - Black | Reinforced, Snagless RJ45
amzn.to/2JQK7LC
#pfsense #Firewalls

Пікірлер: 78

@parmalarm1 Жыл бұрын

Spent 3 hours banging my head against the wall trying to get VLAN working on the 1100 because of the tagging. You've saved my sanity and my home network project. Thank you!

@globerunning1437 Ай бұрын

Buddy, this video helped me a lot. I got a working system now after 8hrs of research. I owe you a beer if you ever come to Montréal! Thank you very much

@NSFWHarold 2 жыл бұрын

Been using the 5100/6100 for awhile, but this was my first foray into the 1100, and it's SoC nuances. I was SO close, but you nailed it perfectly at 6:15. I didn't have the ports tagged. You sir, are an asset to the community.

@derrysan 3 жыл бұрын

I've been stuck all day for just simple tag on port 2/LAN. You've saved my day Tom!

@adamd4218 3 ай бұрын

Thank thank you SOO much. I have been BEATING my head on this for hours. Missed the final step.

@adamd4218 3 ай бұрын

Subscribed and liked. I've got to watch more of your videos for some steps to setup blocking. I have everything wide open. All my experience has been with sonicwall in the past. But I had a need for this netgate at a small 5 person office.

@kc0eks 5 жыл бұрын

Can't tell you how frustrating it was to miss this final step months ago when I set one of these up.

@garethwestwood2681 3 жыл бұрын

Just for the record. Just watched this as it's my first time setting up a SG1100 and I was a bit confused by the whole switch thing. All info in the video still up to date, current and works perfectly. Thanks again Tom

@LAWRENCESYSTEMS 3 жыл бұрын

Glad it helped!

@wagnerj01 Жыл бұрын

Thanks so much, At home, I use a 2100. I got an 1100 for another location and was stumped. Thanks so much for this video - like NSFW Harold, 6:15 or so was my sticking point.

@scottfahid3415 4 жыл бұрын

Tom, Your videos are incredible! They are one of my first resources when I am trying to expand my skills. I just deployed an SG-3100 with four VLANS connecting to a Dell X1052P switch and a Unifi system. I could not have done it without your detailed videos. You are a gifted teacher. Thank you

@user-rr3fo6hy9q Ай бұрын

Just throwing this out there, I see a lot of people complain about slow performance from the SG1100 but it could be because they are using the device as an all-in-one. If you invest in some cheap L3 switches (Cisco 2960-X is what I use) you can offload all the routing from the FW to the L3 switch. And if you create a routed port from the Cisco switch to the Firewall, you'll get a lot better throughput to the FW than you will with router on a stick (ROAS). You can keep traffic segmented by using access lists. You could even setup VRF's to keep network segments separated. Just my 2 cents.

@zacharys.8584 4 жыл бұрын

I almost never comment on videos, but I've spent the last two days trying to get this to work, and this video really helped me!

@joshsmith4998 3 жыл бұрын

Thanks for making this! Setting up an SG-1100 for my home and this is definitely tricky without some prior knowledge or experience!

@email16v 5 жыл бұрын

I have the sg 3100 for the office and use the 1100 as my lab testing and use the virtual pfsense in my virtual labs. They are the best!

@vanillacoke899 Жыл бұрын

Thanks for that detail, like everybody else I didn't know about the tag. Weird, but as long as it works. I wonder what more cool tutorials you have made. Subscribed.

@LAWRENCESYSTEMS Жыл бұрын

Thanks for subscribing.

@tomferrin1148 3 жыл бұрын

Tom, a big shout of thanks for making this video! It does an outstanding job at explaining the subtleties of VLANs on the SG-1100 and especially the need to tag the VLANs as belonging to particular switch ports (something I had forgotten to do the first time I set up a guest VLAN).

@Skydiverjoe2871 2 жыл бұрын

Your video was a lifesaver!!! That was the missing component, the switch setting.

@rsluggy6485 Жыл бұрын

*THIS* was the decoder ring I needed! Like several of the other comments, I was SOOOO close to having it, but missing the port tagging. Of course, after that, I found that my Cisco SG200 switches didn't trunk VLANs quite as expected... It's always SOMETHING

@rogerjohnson8969 4 жыл бұрын

Thank you for making this video. I was so confused about ports on the SG-1100.

@RJazz228 3 жыл бұрын

Life saver, thanks Lawrence!

@operationstayalive Жыл бұрын

thank you, this VLAN switch setting did the trick!

@techwhizz Жыл бұрын

Thank Tom, it's my first time working with SG-1100, I went through and set up everything however I couldn't get the Guest network working. I know you mainly use Pfsense and always recommend them. Your videos are always helpful and full of knowledge, the tagging of ports was my issue.

@linad181 4 жыл бұрын

OMG! THANK YOU!!! I have spent two days fighting with this box!

@rockthomas67 10 ай бұрын

Thanks for this guide, the swicth port was what i needed and missed before :-)

@philippe_demartin 5 жыл бұрын

Thank's so much, I was stuck and missed the taging oh the switch port

@tac73 3 жыл бұрын

Tom, Thanks much for this video! I run an SG-3100, but also have an SG-1100, as a backup. IF I were to put the 1100 in service, without having seen this video, I can imagine the potential frustration i might experience, trying to get VLANs to work again. This is a very valuable post! Update: it turns out, the SG-3100 configuration is similar to the SG-1100. Except, you need to add 5t as a member, instead of 0t.

@joshharding6925 3 жыл бұрын

Just set up my first SG-1100. The additional tags for VLANning made perfect sense... probably why the appliance is called pfSense (that is a guess). As usual, excellent video Tom! Keep plugging the pfSense appliances and Ubiquiti kit also.

@nothsa2k 4 жыл бұрын

Thank you so much! The "Switches" piece was what I was missing. Drove me nuts for hours!

@ocedric 4 жыл бұрын

For days here !!

@ThineHolyBacon 3 жыл бұрын

Exactly what I needed to get my homelab DATA vlan set, thanks!

@ocedric 4 жыл бұрын

Thank you so much! I finally find your tip after hours of struggle...

@sean7949 3 жыл бұрын

Thank you for the video I’ve been stuck on this for awhile. The switch port configuration is not intuitive at all.

@hunordori 3 жыл бұрын

Thank you! I know if my fault for not reading the documentation... But thank you!

@Mandolorian84 4 жыл бұрын

Saving lives! Awesome! thank you

@NickRO1989 4 жыл бұрын

This video helped me a lot thanks so much!

@alexnetrover3825 2 жыл бұрын

Thanks!

@lanceeilers5061 5 жыл бұрын

Cool thanks a bunch for that Tom , really enjoyed your vid , keep smiling and keep up the great content :-)

@richardklasens86 Ай бұрын

The netgate video link in your description is dead.. can you make it work again? :) thnx for your vid!

@LAWRENCESYSTEMS Ай бұрын

www.netgate.com/resources/videos-configuring-netgate-appliance-integrated-switches-on-pfsense-244

@sys6x Жыл бұрын

Did you have any luck on the SG-1100 doing this + applying PPPoE on a WAN interface because the ISP requires a specific VLAN? Having to do this and feeling so stupid it isn't working... Your video confirmed me i wasn't crazy that the switch component was important since we only have one networking device/interfaces and not many...

@Exploited89 5 жыл бұрын

Pretty similar to the EdgeRouter X VLAN configuration, nice video BTW!

@MichaelGivens007 5 жыл бұрын

Perfect that was the missing part!

@FirstnameLastname-fy7bl 4 жыл бұрын

Awesome you just explained what I was missing thank you! Those patch cables you are using. Do you have links to those?

@eduardakulov7756 3 жыл бұрын

This thing constantly stops working and won't boot up after a factory reset. Replaced it with a new one, same problem. We have no luck with netgates.

@kameelispha6536 2 жыл бұрын

any pointers on how to configure netgate sg1100 to connect to internet via pppoe. Im using the netgate wan port to a modem, set the vlan 500 which is required by the ISP and linked it up but the pppoe doesnt even attemt a connection confused

@VultUxTube 5 жыл бұрын

Thanks for the video, it helped me a lot, OpenWRT work like this and I always have difficult to understand what is happen. Just for curiosity, where do you get these thin network cables?

@bvandie 4 жыл бұрын

Bless you!

@FirstnameLastname-fy7bl 4 жыл бұрын

Tom where can I get those patch cables you use? Nice video!

@AASAP447 Жыл бұрын

Can someone kindly explain why the new VLAN was tagged to 2? I understand why it's tagged to 0, just not sure why it's tagged to 2 as well.

@troller4jesus 3 жыл бұрын

Do you have to add all VLANs/networks as “tagged” on each port on these?

@ericanderson2376 2 жыл бұрын

I FUCKING LOVE U MAN THANK U SO MUCH

@ERolando78 5 жыл бұрын

Excellent tutorial Question, pfsense is not in the Gartner quadrant, why is that?

@LAWRENCESYSTEMS 5 жыл бұрын

$$$$$$$$$$$$$$$$$$$$$$$

@ERolando78 5 жыл бұрын

@@LAWRENCESYSTEMS Is any amount ($) paid or paid to be in that quadrant?

@LAWRENCESYSTEMS 5 жыл бұрын

I could be wrong, but I think it is a pay to play to be considered for that list.

@MrFunchess1639 5 жыл бұрын

Thanks Tom, can you do router on a stick with the SG1100.

@LAWRENCESYSTEMS 5 жыл бұрын

It has three ports either I don't understand the question or what the goal is.

@davidg4512 5 жыл бұрын

Eric. Router on stick is a Cisco term on what Lawrence is already showing. Aka Vlans on a router. You can then route and do other stuff after Vlans have been set up.

@ffiit5864 5 жыл бұрын

Hi! Nice video .. Can you do a pfSense setup but using a TP-Link Managed Switch Jetstream with UAP-AC-PRO?That's actually what we have but can't setup the VLAN correctly. Thank you

@drurymat 5 жыл бұрын

@FFI_IT I use the same setup as you (albeit with a Unifi-nano, but setup should be the same) First, setup the port(s) that are going from PF to TP as Trunk ports. Set those ports to be Tagged by the Vlans IDs that you are using. The Untagged portion should be either Vlan 1 or set to a useless Vlan ID. Then set the port for the AP to be Trunk as well. This port should also be Tagged by the Vlan IDs that you are using. The Untagged portion would be again either 1 or an arbitrary number if you are only using Vlan traffic. If your LAN is not using a Vlan in PF then on the TP switch, create a vlan ID for that traffic and set the Untagged portions of the earlier steps to the same Vlan ID. This allows any traffic without a tag already to be given one, whilst traveling through the switch. In the Unifi Control Software, setup your wireless networks for each Vlan. Though again, if your LAN is untagged in PF, leave it Untagged in Unifi. I have 3 Wifi networks, 1 with untagged LAN, 2 using Vlans. And all 3 work perfectly with pfSense, TP-Link Jetstream, and Unifi-nano. Example: PF = Interface LAN, Vlan 3, Vlan4 TP = Port 1 is Trunk, Untagged Vlan 2, Tagged Vlan 3&4. Port 2 is Trunk, untagged Vlan 2, Tagged Vlan 3&4 Unifi= Wifi One is untagged. Wifi Two is using Vlan 3. Wifi 3 is using Vlan 4 The Vlan 2 in this example is the arbitrary Vlan ID used for the switch only; for the LAN traffic since when it arrives at the switch, the traffic has no ID.

@ffiit5864 5 жыл бұрын

@@drurymat Thank you sir for your response.. On my pfSense I have 2 Interfaces WAN and LAN, I created 2VLANS which are VLAN30 for WLAN_Secured and VLAN40 WLAN_Guest my Unifi has the same VLANS (VLAN30 for WLAN_Secured and VLAN40 WLAN_Guest) but I'm having problems setting a VLAN ID because 1port consist of 2VLANs... Maybe I missed a step.. I'll try your setup.. Thanks!

@ffiit5864 5 жыл бұрын

@@drurymat Thank you sir. Do you videos to follow?

@LordHog 5 жыл бұрын

I wanted to get an SG3100, but been watching a lot of videos about setting up and configuring a home network to use VLANs. Would I need a EdgeSwitch if I use a SG3100?

@sitte24 5 жыл бұрын

Doesn't have to be a edgeswitch, just a managed switch with vlan capability (802.1Q)

@DapperDuff 5 жыл бұрын

great video. Question, what is that short orange cable you used to plug the Netgate into your Ubiquiti switch?

@LAWRENCESYSTEMS 5 жыл бұрын

I have links and a full review of them here kzbin.info/www/bejne/omfUfGOrhLCffJI

@DapperDuff 5 жыл бұрын

@@LAWRENCESYSTEMS Thanks!

@viaujoc 3 жыл бұрын

As I can see in the description and in many documentation articles, all discrete ports of the SG-1100 are connected to the Marvell switch and are using a single uplink to the system. What happens if someone messes up the switch or uplink VLAN configuration making it impossible to access the Web GUI anymore? On the SG-2100 and up, there is at least one discrete port that is independent from the switch which allows the internal switch to be managed without the risk of cutting off the GUI access, or at least, give an alternative way to access the GUI if the switch/uplink configuration are defective. On the SG-1100, is there a way to configure the switch ports VLANs from the console just like normal ports in order to restore the connectivity between the uplink, the switch and the outside world?

@viaujoc 3 жыл бұрын

I got this reply from Netgate to my question: "You could re-image the device, factory reset via the console, or hit option 15 in the console menu to rollback the config. " So, if you lock yourself out of the GUI on a SG-1100 from a switch/uplink VLAN configuration mismatch, you cannot re-open a new path in. The less destructive way is to restore the configuration to the last known working point. If you think that this is still too risky of losing too much configuration, you better go for, at least, the SG-2100 which has a non-switch port that would allow you to re-open the UI using the console without restoring the configuration.

@user-rr3fo6hy9q 2 ай бұрын

@@viaujoc Thanks for sharing that information it's important to know. I just bought an SG1100 for my home network but only because the SG2100 was out of stock. I'm going to use the SG1100 to get my feet wet but quickly build my own pfSense box to replace the 1100, which is a good device to learn on but I want something a little more robust.