this post was submitted on 24 Nov 2023
2 points (100.0% liked)

Homelab

22 readers
1 users here now

Rules

founded 1 year ago
MODERATORS
 

I'm not much of a networking person. But I understand the importance of different vlans. Currently I have 4 separate vlans that I change my PCs ip address to access If I buy a four-port nic and assign each port to a separate lan does the computer know which port to use to access the appropriate traffic or is there something else I should be doing instead?

Only the main network has access to the outside internet and it would be nice to have one system that could access everything. Or even allow my email server access to different vlans to send out alerts.

  1. Main network
  2. NVR & Cameras
  3. KVM & IPMI
  4. Various equipment

My main system is normally powered off so I wouldn't see this as an added security risk But it would definitely save some time when I sit down to check things out

you are viewing a single comment's thread
view the rest of the comments
[–] kaiwulf@alien.top 1 points 1 year ago

The way to do this with an L3 managed switch is to use inter-vlan routing and access control lists.

First part is simple enough, enable IP routing in the switch, then give your vlan interfaces an IP address.

To control which nets can talk to others you build ACLs and attach the policy to the vlan. For instance, you can permit your workstation on the main net to talk to anything on nets 2, 3, and 4, and conversely they can talk back to only your workstation if you wish. Then you can deny anything on nets 2 - 4 from talking to each other.