VLAN setup between GS1920 Switch and Zywall USG20

CagsCags Member Posts: 3  Freshman Member
I have a GS1920 switch I am trying to segregate into 4 seperate vlans and a DMZ. The vlans have been created on a USG20 Router using seperate subnets with their own DHCP servers. I wish to connect the router to the switch along a single LAN2 interface and have the switch separate out the traffic into port groups. At the moment, I cannot get the switch vlan to accept traffic form the router if it is not on the basic LAN2 port.


  • Zyxel_RyanZyxel_Ryan Zyxel Official Agent Posts: 66  mod
    edited May 23, 2018 4:47PM
    Hello @Cags

    I think it should be fine to accomplish your requirement.
    I would like to confirm with you if DMZ on switch is vlan 1 and the other vlan are vlan 2,3,4,5, respectively? 
    If my understanding is correct, I draw a picture below to make it more easier to understand.
    (I assume the devices connected with GS1920 are all end-devices)

    vlan 1: 
        fixed 1, 6
        port 1: pvid 1, untagged out 
        port 6, pvid 1, untagged out
    vlan 2:
        fixed 2, 7
        port 2: pvid 2, untagged out
        port 7, tagged out
    vlan 3, 4, 5: 
    Same concept as vlan 2
    Finally, remember to set port 2-5 and port 7 as normal ports in vlan1 to separate traffic because all ports are members of vlan 1 in default setting.

  • CagsCags Member Posts: 3  Freshman Member
    Thanks Ryan - that worked perfectly.
  • CagsCags Member Posts: 3  Freshman Member
    One more question. Can I set up the vlans so they cannot see each other, but set one of them - say vlan2 to be able to see them all.
  • Zyxel_RyanZyxel_Ryan Zyxel Official Agent Posts: 66  mod
    Do you mean that vlan 3, 4, 5, 6 are isolated, but only vlan 2 can communicate with them? 
    If yes, there is a similar discussion.
    You can refer to: https://businessforum.zyxel.com/discussion/1086/2-xgs2210-52-and-usg-310/p1
    And you can also refer to Zyxel Handbook including some basic settings of ACL as attachment (Topic: 5.10 How to configure ACL to block unwanted traffic). It might be easier for you to pick it up. 
    If your application is not what I assume, can you describe it in more detail? 

Sign In to comment.