Hello All,
I have been asked to configure a Peplink 380 in a specific way and I am new to this bit of equipment. We have a Peplink that has VLANs set up on it that correspond to VLANs on our Netgear switches. I assume this is done with tagging although it looks like the Netgear VLANs are untagged.
We have a printer that will go onto its own VLAN and would like all of the other 25 VLANS to access this printer VLAN and vice-versa. However, we do not want the VLANs to be able to talk to each other.
From reading this forum I have gathered that the best way forward with this would be to enable inter-VLAN routing on the Peplink then use the firewall to configure the individual VLANS.
Is this a viable method for 25 VLANS? It might take a while but it’s a one-off config. Is there another way to do it?
Many thanks for your help.
Sam
1 Like
Hi - welcome to the forum!
Yes this sounds right.
Yes.
- Enable inter vlan routing on the vlan config for all vlans
- Deny all routing between vlans in the firewall (by changing the default rule from allow to deny)
- Add specific rules to allow traffic to just the printer
If you have a spare WAN port on the Balance you could put the Printer VLAN on that.
2 Likes
Hi,
Sorry for the late reply, but many thanks for the information on the Peplink. I will let you know how it goes.
Sam
1 Like
As promised, here is the update of how the above setup went when I made the changes.
I had a bit of trouble getting the Netgear switch to talk to the PepLink (to pick up DHCP on the VLAN) until I realised I had to tag the port on the Netgear the Peplink was physically plugged into with the VLAN I had configured for the printer. After that it worked.
I configured the firewall as advised, and configured access only to the printer VLAN. All worked very well and I was about to consider it a success when the user of one VLAN complained that he wa unable to access his web server that was hosted inside the network. I added NAT rules and specific firewall entries in the Pepling, and although I got access from the outside working to the web server, I could not get access from within the VLAN to connect to the server using the external IP or hostname (internal IP was ok).
I had to abandon the settings changes as the user was unable to work properly. I think it was something quite simple that was causing it, but the problem was connecting back through to the web server using the external IP address or hostname so a sort of loopback issue. I did firewall rules that went both ways but is there a missing link that I might have overlooked?
Thanks,
Sam
Hello @sthodgson
Did you enter in the Local DNS Records the server name and local IP address?
This option is found under the menu of Network / LAN - Network Settings
In this example, we have shown a domain name of “ourwebsite.net.id” and the local IP of a server.
Hopefully, you saved your previous config before rolling back, if you did you can reload it and then add this in.
Happy to Help,
Marcus 
Marcus,
Thank you for your response and help!
I didn’t add a local DNS record and that looks like it might work. I didn’t save the config, but it will only take a few clicks to re-apply the firewall and inter-VLAN settings so not a problem. I did save the config before I started working though!!!
I be able to try this in a couple of weeks when I can arrange with the user a suitable time. I will keep you updated.
Regards,
Sam
1 Like
