I'm about to buy a switch which handles VLANs.
Before I buy that switch, I'd like to know :
Is it possible to connect two VLAN on a L2 switch ?
I am aware of the topic : Connecting two VLANs together on a single switch but my situation isn't with a L3 switch.
Herer is my plan :
I thought I could connect a cable from VLAN 1 to VLAN 2 to connect them but I found I may need a router to handle the different IP address.
I need to separate one special computer, and control (the most strictly I can) the access to this computer. My boss wants that computer to be on a separate network.
I plan to buy a NETGEAR GS108Ev3 (the model on the image isn't a GS108Ev3)
Is it possible to do so ?
Best Answer
If you are using a separate IP network (ie, with disjoint addresses), then something must have an address, and a connection, on both sides.
You say you want to control access "as strictly as you can", but you don't say what kind of service the special computer is intended to perform, so it's hard to guide any further without guessing. If I were to guess, I'd suggest a small router with two ethernet interfaces. Put special computer on its own on one side, other side into your main LAN.
[EDIT] ... it's also possible to do this kind of thing with private VLANs on some ethernet switches, which make some ports of the switch only able to commuinicate with certain other ones. The purpose of these is, for example, to make it that all hotel guests' laptops can communicate with the router and thus the internet, but not directly communicate nor see each others' broadcasts etc. Different switch manufacturers do these in different ways, and they appear to be non-standard. You'll have to check your switch manual to see what it offers in this. I'd advise against them unless you have compelling reasons. From your description of your task, this won't achieve what you want: you can't filter by protocol UDP and port, for example.