ES-2000 Series Switch Support Notes
For Switch-2, port 1, port 2, and port 3 are allowed to communicate back and forth with uplink port 4, but not with other ports.
•Switch-2 VLAN 1 member port: port 1 and port 4
•Switch-2 VLAN 2 member port: port 2 and port 4
•Switch-2 VLAN 3 member port: port 3 and port 4
For Switch-3, port 2, port 3, and port 4 are allowed to communicate back and forth with uplink port 1, but not with other ports.
•Switch-3 VLAN 1 member port: port 2 and port 1
•Switch-3 VLAN 2 member port: port 3 and port 1
•Switch-2 VLAN 3 member port: port 4 and port 1
Host A can't talk to Host B due to the port-based VLAN in Switch-2, and Host C can't talk to Host D due to the port-based VLAN in Switch-3. But both Switch-2 and Switch-3 uplink to the none VLAN Switch-1. Host A and Host B will talk to Host C and Host D via the none VLAN switch because port-based VLAN can't across different switches.
To achieve the security between different switches, you must put another port-based VLAN switch for the uplink. Each port on the uplink switch also should be separated into different VLAN, except for the port to the gateway. So subscribers only can talk to the gateway for Internet access but not communicate with each other.
33
All contents copyright (c) 2006 ZyXEL Communications Corporation.