Tech Support Guy banner
Status
Not open for further replies.

Cisco RV042G VLAN Setup

6K views 4 replies 2 participants last post by  jeffros69b 
#1 ·
Hello,

I have a single internet connection with static IP going into a Cisco RV042G.

The RV042G is not running DHCP. It has a static address of 200.200.1.200.

I have a 2012R2 server running domain, DHCP, DNS etc. and everything is working just fine.

Now I am trying to setup a VLAN on RV042G LAN port #2 so that I can plug in a simple TP-LINK TL-WR720N wireless router and have a guest network. I would like this network to be segregated from the main network and would like the router to handle its own DHCP.

This is uncharted water for me as I have never done this kind of setup before. Previously I had a completely separate internet connection for the wireless router but that is no longer on the table.

I created VLAN2 in the RV042G on the "Port Management->Port Setup" page and plugged in the TP-LINK router into port number 2.

Since DHCP is not enabled on the RV042G, I know I need to set a static IP as the WAN source on the TP-LINK.

I tried entering the same static IP info that I used in the RV with no luck, and I tried entering the info of the RV as the static IP-200.200.1.200, Subnet 255.255.255.0, Gateway 200.200.1.200 and DNS 200.200.1.200.

Neither seem to work as I get a few sent/received packets but cant ping www.google.com etc.

So I started looking into further config of the RV042G.

On the RV "Firewall->Access Rule" page I created an access rule for range 192.168.0.1-192.168.0.254 for all traffic to any destination. (this is the default IP range of the wireless router).

That didnt seem to do anything.

Then on the RV "Setup->Network" page I checked off "Enable Multiple subnet" and saved. No dice.

Next on the same page I tried to defined the subnet as 192.168.0.1 and mask of 255.255.255.0.

That also didnt seem to do anything.

Wondering if anyone has some experience creating VLANs on the RV042G and if they have any advice on how I could get my intended config to work.

Notes: internet connection has a static IP

IP of RV042G is 200.200.1.200

IP of TP-LINK (plugged into port2 -VLAN2) is 192.168.0.1

If any further info is required for a meaningful suggestion to my problem just let me know.

Thanks
 
See less See more
#2 ·
Why don't you use the DMZ function of the Cisco router and set the TP-Link to be a DMZ host? A lot less complicated than trying to deal with getting the VLAN setup working. I tried finding documentation on the VLAN function of the Cisco router. It seems to be an afterthought added to the router. From what I gather the VLAN feature is only port based and not 802.1Q. This alone isn't an issue with your setup. But to make this all work with the isolation you desire, you have to set up an internal virtual router interface which sits on the newly set up VLAN. After the basic routing is configured, you would then need to apply firewall rules to limit access to the other LAN segment. Again, much too complicated for what you're trying to do especially since there doesn't seem to be documentation on how to do all the steps I've mentioned.
 
#3 ·
have not had any luck with this DMZ idea. Under the "Setup->DMZ host" I entered the IP address that has been assigned to the wifi router. I connect to the wireless router with a laptop and i can still connect to any PC on the network. So I dont understand how this has isolated the wifi router. seem to literally do nothing.

There is a second WAN port that says DMZ on it. Should I be plugging in wireless router into this second port and somehow direct traffic from WAN1 into WAN2? I think that is what they are talking about in this other post I found:

https://supportforums.cisco.com/t5/small-business-routers/dmz-on-the-rv042/td-p/2000827
 
#5 ·
ok here is a breakdown of what i did to get an isolated wireless guest network on the RV042G.

It should be noted I have a range of static IPs from my ISP to work with. if you do not I am not sure if this will work for you.

1. WAN1 is plugged into my ISP router and is set to my usual static IP info. static IP#1, subnet and DNS all info pertaining to my ISP settings.
2. I have my "main" network (a 48 port switch which all my computers plug into) plugged into ethernet port1 of the router.
3. I have DHCP turned off on the router and I have a server 2012r2 domain server handling DHCP for my main network.

This is good enough to run my main network fine.

To get the isolated wireless network:

1. I plugged in my wireless router into WAN2(DMZ) on the RV042G, other end is plugged into the WAN port on the wireless router.
2. In the RV042g setup-> network page I have "Enable DMZ" checked off
3. just below this on the DMZ interface click on Configuration button.
4. change from subnet to range.
5. in the range I have entered ANOTHER one of my static IPs (I have several static IPs from my ISP) I have the same address in both fields. so "staticIP#2 TO staticIP#2".
REMINDER NOTE: This is not the same IP address I am using on WAN1, it is the next number in the range of IPs I got from my ISP.
6. Click Save.
7. dial into wireless router and configure the WAN to use the static IP#2 info from the ISP (same address specified in step above)
8. configure typical wireless settings and security settings as needed. (change admin username/password, name wireless network, turn firewall on, set max dhcp clients etc.)
9. reboot wireless router.

Your wireless "guest" network should now have internet access, however it will not have access to your "main" network.

IE I cannot ping or browse to any machines or devices on the "main" network.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top