SBG3500 PPPOE Vlans

Boerk
Boerk Posts: 18  Freshman Member
Friend Collector First Comment
edited April 2021 in Security
Dear readers,

I'm honored that I may be the first to post in the SBG.

I'm having an SBG3500 and am able to create a PPPOE over PTM VDSL connection. The wan IP is obtained from Vlan 6 which contains the internet service. With this configuration I am able to internet through the lan ports (seem to be trunked to the Vlan6).

In the PPPOE connection are 2 additional Vlans (4 and 8). I'lost here, how is the SBG handing the ISP vlans? Are they all 'internal' available?
Do I only have to choose which Vlan has to go to which port (trunked and/or virtual)?

Or do I have to setup a new PPPOE connectiom (does not sound logic)..

Best regards,


«1

Comments

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hello Boerk,
    Just want to confirm that you want to configure Vlan 4 and 8 on the one PPPOE over PTM VDSL interface?
    On the SBG' design, we can set one vlan configuration on the one interface.
    Charlie
  • Boerk
    Boerk Posts: 18  Freshman Member
    Friend Collector First Comment
    Hi Charlie,

    So I have a $300 business broadband VDSL bonding modem only supporting one WAN DSL Vlan?
    Are you making a joke? So, I am not able to retrieve other VLANs trunked to an ethernet interface...



  • Johan
    Johan Posts: 26  Freshman Member
    Friend Collector First Comment
    Hello Boerk,
    Just want to confirm that you want to configure Vlan 4 and 8 on the one PPPOE over PTM VDSL interface?
    On the SBG' design, we can set one vlan configuration on the one interface.
    Charlie

    Hello Charlie,

    If I understood Boerk correctly here his ISP sends multiple VLANs, one for internet, one for IPTV and one for VoIP. It seems the ISP have VLAN 6 as untagged then 4 & 8 as tagged. Can he then not 'simply' create VLAN 4 & 8 and set let's say port lan 2 to VLAN 4 untagged & port lan 3 to VLAN 8 untagged?

    Then the unit(s) that connect to let's say port lan 2 (on VLAN 4) gets IP from the ISPs DHCP server on this VLAN. Which I believe would be the practice for most ISPs when providing IPTV, all IPTV boxes/units get their own IP directly from ISP rather than local IP from the gateway/router.

    This was possible on P-660H-D1 and is possible on AMG1202 (with custom firmware, see AMG1202-T10B-SE01V1F which runs firmware customized to do just this for the provider Telia in Sweden.)

    Kind Regards
    Johan
  • Boerk
    Boerk Posts: 18  Freshman Member
    Friend Collector First Comment
    edited October 2017
    Hi Johan,

    Thank you for your reply. Indeed, you say it just perfect.

    Indeed, the ISP sends tripple play content over ADSL/VDSL on different Vlans.
    Normally, the ISP supplies the modem/routers with a fixed configuration, in Netherlands usually by KPN:
    - Internet through Vlan 6 routed untagged to all LAN ethernet interfaces.
    - IPTV through Vlan 4 tagged on all LAN ethernet interfaces, or somethimes untagged on a fixed LAN ethernet interface.
    - Voip service on Vlan8, which is in most cases an modem integrated service.

    Configuring the Vlans tagged and untagged on the LAN side, that is clear to me.
    But it's not clear to me how to transfer/route the WAN side Vlans to the LAN side.

    The WAN IP, thats needed for the router, is obtained through the internet VLAN 6 through PPPOE as the broadband connection. That works fine (as DHCP client).
    Now I need Vlan 4 and Vlan 8.

    Best regards,

    Boerk

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Thanks @Johan
    Hello Boerk,
    The request "PPPoE on VDSL with multiple VLAN for triple play environment" I would like to move your request to the ideas section.
    Charlie
  • Boerk
    Boerk Posts: 18  Freshman Member
    Friend Collector First Comment
    edited October 2017
    Hi Charlie,

    Ideas section? Well, oke that won't hurt as long as I'll get a working solution ;)

    It seems the ISP have VLAN 6 as untagged then 4 & 8 as tagged. Can he then not 'simply' create VLAN 4 & 8 and set let's say port lan 2 to VLAN 4 untagged & port lan 3 to VLAN 8 untagged?

    Then the unit(s) that connect to let's say port lan 2 (on VLAN 4) gets IP from the ISPs DHCP server on this VLAN. Which I believe would be the practice for most ISPs when providing IPTV, all IPTV boxes/units get their own IP directly from ISP rather than local IP from the gateway/router.
    Johan all services are in Vlans over PPPOE, and the internet service is on the ISP default routers set as untagged (trunked).

          ------PPPOE------\
          === Vlan4 voip ==> \     --------------------------------  ==> VLAN4=> Voip        VLAN4 tagged
    ISP=== Vlan6 Inet  ==>      |Router DHCP_client @ Vlan6|  ==> VLAN6-> default/VLAN6 untagged
          === Vlan8 iptv  ==> /    --------------------------------   ==> VLAN8=> iptv        VLAN8 tagged
          --------------------/






  • Boerk
    Boerk Posts: 18  Freshman Member
    Friend Collector First Comment
    Well, I've found a way to connect using an eth WAN PPPOE with PassThrough on the ISPs modem.
    In this configuration I needed to set the PPPOE connection to use VLAN6, this will become the ' default' (V)LAN.

    And the tripple play content is automaticaly available in VLANs, the fault I made was that I had setup a DHCP on the VLANs while the tripple play Vlans obtain the IP info from the ISP DHCP server.

    When having this configuration, it works just fine (Inet and IPTV). So next step is to switch to the (bonded) VDSL...

  • Kasper
    Kasper Posts: 4  Freshman Member
    First Comment
    Hi Boerk,

    I have had the same issue with this device and a Dutch triple play package on a bonding VDSL line.

    I solved it by creating a second WAN interface on the VDSL line but set it to bridge. Within this interface you tag the relevant VLAN so for example in my case it would be 4 for IPTV.

    I have tested this and this works if you connect a STB directly to the SBG3500-N. However what i can't figure out is how to transfer VLAN 4 traffic to the next switch. Whatever i try in the settings the traffic seems to stop after the Zyxel.

    However if you can in your situation connect the STB directly to the zyxel it would solve your problem.

    For VOIP i haven't tested this yet but in my case VOIP can work on any device because my ISP provides me with the login details.

    Hope this helps,

    Kasper
  • Boerk
    Boerk Posts: 18  Freshman Member
    Friend Collector First Comment
    Hi,

    Have you set it to a LAN vlan or did you trunk it to a lan port? Disabled the dhcp on the iptv vlan?
    I havent sold it yet, its on a marketplace, but i think i'll take it off and re- try it. 
    Zyxel support is very limited (poor).
  • Kasper
    Kasper Posts: 4  Freshman Member
    First Comment
    edited February 2018
    I've had it working by:
    1. Create VDSL WAN interface PPPoE NAT/DHCP etc on that same page enable VLAN 6 (for my provider might be different for you)
    2. Create second wan interface choose VDSL again but this time set it to bridge and tag vlan 4 (in my case for IPTV).
    3. On interface group/VLAN create a interface VLAN 4 tagged on lets say port 4.
    4. Disable EVERYTHING related to DHCP on the newly created LAN interface/VLAN but leave IGMP snooping enabled.

    This works with a STB directly on a port of the zyxel. Strangely enough it works even if I change the STB from port 4 to 3 so maybe step 4 isn't doing anything (bug). The key is the second bridged WAN interface as soon as i remove that while watching TV it stops working.

    It could be btw that your provider recquires routed IPTV in that case you have to add specific routing and DHCP rules. That means that the STB's will get a normal LAN IP but by following the special rules they can connect to the IPTV platform as well.

    That is usually the case for providers that offer stuff as Netflix and youtube on their STB's. In my case my provider offers both and i opt to use the bridge type because then the bandwidth is not shared with my LAN :-)

    I am now trying to figure out how to transport VLAN 4 to the next switch and another 2 switches after that. Zyxel support is very silly indeed. I used to have a draytek (unfortunately no bonding) and on that one it just worked out of the box. This is a 275 euro BUSINESS device and it can't handle vlans properly it seems.

Security Highlight