After watching several YT’s on VLANS, I give kudos to Chris for doing a better job than all the others combined. Historically, I sparingly used vlans due to weak knowledge. Now, I’ll use them more. His examples and analogies are superb. It’s so good, I watched it twice.
Very good video. Now a video about firewall rules for the vlans. For example how to stream from your secure vlan to the iot lan. How will the Sonos app act on a phone vlan when it needs to stream to the iot vlan and the homeassistant app the same way. 😊💪🏼
Exactly. Currently i have all my security cameras on my default LAN. My Agent DVR is running on a computer on my default LAN as well. I manage it through a web browser on my desktop pc on my default LAN. If i segmented the camera's onto a VLAN (which i cannot do at the moment anyways, Google Wifi nojoy) how would i get that streaming traffic to go from it's own VLAN to my computer running the DVR software? If i segemented the DVR computer onto the same VLAN as the camera's, how would I manage it from my desktop PC? Questions... so many questions. I have never understood traffic routing rules for subnets and firewalls. That's the video you need to make for laymen like me.
@@kurti4432not really anymore. Companies fire expensive cisco network experts nowadays, and move towards dumb SDN. Where they dont need to employ highly paid experts. Its the worst time in history to be a ccie, as no company is willing to pay for networking experts, and after the recent 2-3 years of layoff spree, there are many suxh people on the job market, desperate to find a new job, pushing down the average salary.
Greatest video I ever saw on RUclips. You are the most articulate person I have ever encountered on a complex subject like this. I found you by accident and I will continue with your other videos. I wasn't even looking for a Vlan video but I really did understand 80% of what you talked about. You made a place on my google Drive :) Thanks much
This met me right where i needed. There are plenty of videos on either side of the subject. Either they're too high level, just explaining the concept of VLANs, or too fine grained, for those who already were very familiar with all the terminology and just needed to know a specific ecosystem. This one video bridged the gaps in my skillset perfectly! Thank you!
Honestly the best explanation of VLANs I have seen, especially the difference between tagged and untagged VLANs. Saved me days of going back and fourth on a help forum
I find one the biggest points of confusion people have about a layer 2 VLAN is that they think it is synonymous to a layer 3 Network. One can have multiple VLANs on the same piece of wire. One can have multiple layer 3 Networks on the same piece of wire. One can have a VLAN with multiple layer 3 Networks and vice versa they are independent of each other.
This is by far THE BEST VLAN tutorial I've come across, I was so confused by Untagged/tagged VLAN, you are the only one who explain it clear as day (not mud 😅). Thank you so much for this! You are THE BEST!
I’ve been doing small to medium business sysadmin & networking for over 20 years and always got by with larger subnet blocks. I just now am needing to learn VLAN stuff. This helped significantly. Thank you for taking the time to do this!
I knew a little about VLANs, but often got confused and had to double check on things, this explanation made it much easier to understand and I'm not going to have any issues remembering this. Fantastic content as always!
@@CrosstalkSolutions This video should be shown in colleges and high schools for the younger generation to get exposed to networking concepts and terminology.
Very well explained. The biggest thing to get across to people is the difference between TAGGED and UNTAGGED. By switching UNTAGGED with DEFAULT, and TAGGED with OPTIONAL or/ ADDITIONAL, things start to become very clear very quickly.
By far the best VLAN video I came across. The only missed info for me was about access port, but everything else explained on this video it’s very well clarified !
This was such a helpful video for someone about to set up a new unify based network. Helps make your other unify VLAN setup videos much easier to understand. Thank you.
Hey Chris, great video. As someone who’s been networking for years and been the IT guy for the small companies I’ve worked for, I have set up and use VLANs, but this video did a great job clarifying and simplifying the topic, I feel more confident in my approach now. I’ll refer others to this when I see vlan questions on Reddit. Good job!
Superb! 👏 I have finally properly understood setting tagged vs. untagged VLANs on ports. It's the best explanation I have ever come across so far with multiple real world examples. Very informative video. Kudos and thank you! 🌟 Keep up the good work.
You never AFAICR explicitly mentioned it to drive the point home, but: without VLANs, to achieve the same logical separation of networks, the networks need to be physically separated (dedicated cable runs and switches for each network so that the packets of two networks "never meet"), and that the whole point of VLANs is that there is only one physical network needed, where the separation of the logical networks is achieved "in software" by having the VLAN-aware routers and switches enforce on port-level the logical separation, based on the VLAN tags of the network packets that pass through.
What a great video. Can't tell you how many hours I've spent reading & watching videos on this topic and your presentation caused it all to gel. I suddenly love the new way UniFi does this and I figured out my ancient Dell PowerConnect switch while I was at it with these concepts. So pumped! Fantastic job, Chris. This could be a template for an industry standard.
Great introduction to VLANs. Getting IPs sorted to different LANs is my main goal (while having access to the internet on all ports) without using a switch.
Another great video Chris. Your videos on Ubiquiti products are the sole reason that I settle on Unifi equipment a few years ago. Thanks for all your hard work.
Sorry to say, I feel exactly opposite on the horrible Ubiquiti controller. This week I struggled to resurrect a corrupted USG-3P and get LAN2 to function. It was nightmare flipping back to legacy view UniFi for the necessary menu items because V8 is incomplete. While USG demands a new VLAN for lan2, there’s no way to define tag, untag, or trunk. Very disappointing software and documentation.
One of the things that I absolutely LOVE about Macs is that they have built in functionality to understand VLAN's when given a trunk port by a switch. Even my 20 year old PowerMac G5 has this capability! In System Preferences you add the VLAN ID's and give the ethernet "profile" a name. Add as many VLAN interfaces on you Mac as you have VLANS's. So some of my Mac's have 10+ IP addresses all with using a single ethernet cable. No inter VLAN routing required as the computer is on all the networks at the same time and the traffic stays on the Layer 2 switch.
@@ChasEng-o6y Make sure your Mac is plugged into a trunk port on your switch. By default, your Mac will get an IP address in the untagged VLAN 1 "default" or management LAN. Open System Preferences (System Settings) > Network > and click the dropdown menu (depending on OS X or later version) > Manage Virtual Interfaces > Click "plus" button > New VLAN > Name your VLAN > Enter the VLAN ID created by your router or Layer 3 switch > select the NIC interface > click create. Do this process for as many tagged VLAN's you want your computer to be on. For me, after I do that, I disable ETH0 to get the computer off the untagged / management network.
With L2 switch and vlans when you copy files from pc A in vlan 10 to a pc B in vlan 20 it will be slow as hell because all traffic must go through the router to get data from pc a to pc b. With L3 switch the copy files action will go quick because the switch will do the routing using inter VLAN routing.
Thanks! This was extremely informative. 2 questions keep haunting me: 1) Why do we trust devices to tell us which VLAN they want to be part of? A hacker could simply tag his data with any VLAN in order to exploit that VLAN. Shouldn't the router assign each device to a VLAN based on some sort of pre-determined rules that we set? 2) Why would you have different VLANs available on different switch ports? Wouldn't it be best to make all VLANs available on all ports, with the default/untagged set to the guest VLAN? That would give us ultimate flexibility and convenience, such that any device can be patched into any switch port. Once again, the router would make sure that each device is assigned to the correct VLAN, no matter which port it is connected to.
This is one of the most well done VLAN instructional videos I have ever seen. Is there any chance you can make a tutorial for Chromecast Multicast DNS over VLAN with Ubiquiti? Something that should be easy but never works as expected.
Great presentation. I'm thinking of getting into Unifi in my new house so I've saved this to watch it all again later when trying to set it up as a nooob. 👍
Excellent video! Glad you showed UniFi and then also a hodge podge of equipment as well. I am all UniFi here and have noticed my Flex-Mini is VLAN aware and configurable, but like that router you showed, if you configure a port as Native to a VLAN (not 1/default), you can't have tagged traffic.
When you were talking about VoIP phones, you could have mentioned the phones can also pass through the default LAN, so that a computer can be plugged into the back, so the computer and phone can share a single switch port.
Possible update to the beginning - show 4 switches as the "old school" way we would segregate networks physically for each dedicated usage (maybe use different colours of cables for each). Then show a single "VLAN-enabled" switch with all of those cables plugged into it.
Absolutely incredible video! Well done. I believe you may have misspoke between 30:38 and 30:47. I may be wrong, but I believe you referred to tagged ports as untagged. Easy to do, especially given the number of times you had to say tagged and untagged.
Here’s my idea for a “made easy” explanation: - Think of a switch as a house with multiple doors (ports) and of each device as a person. - Each person wears a T-shirt, and it can have a number printed on it (tagged) or not (untagged). - An access system at each door (port) checks the number on the shirt and dispenses a badge (think DHCP) based on the number on the T-shirt. - Persons with tagged shirts having a number that is allowed entry will get a badge (think IP address) for that group. - Persons with no number on the shirt will get another (default) badge. - Persons with a number that is not whitelisted will not get a badge, and cannot enter.
Fantastic. Future Ubiquiti user in Zambia (gotta get equipment cleared through our version of the FCC) This helped me understand tagged vs. untagged so much better.
I might have missed it, but it seems that there was no mention of PVID values, which are the standard way of indicating the "native VLAN" for a given port. If you aren't using Unifi, PVID is probably the way that the interface refers to the native VLAN ID.
Great video. I thought of some questions while watching, hopefully you (or someone!) can answer: Can you disallow untagged VLAN devices on a port? I.e, require that a VLAN is configured on a device (so someone can't plug in a random device) How do static IPs play into all this? What if you configured a device with a VLAN (or let it default) but set a static IP in the wrong subnet? (I.e, the hacker in the lobby tries to circumvent the allowed VLAN tags by setting a static IP) Can multiple VLANs have the same subnet? What effects would that have?
Again one of the great explaining videos 🎉. Q: Is it also possible to push a device to a VLAN by it’s MAC address? Let’s take the doctors waiting room. Here all devices normally connect to the guests network. But sometimes the doctor itself is in the waiting room and his computer should always connect to the main network. Is that possible (Unifi) ? Other questions: which devices do know / can I train to connect to a special VLAN?
This is so comprehensive and I learned so much! I may need to watch this a few times to fully comprehend it but that is okay by me. In a mixed environment scenario where you may not know what is plugged into what, how would you go about identifying hardware? Would I use something like Nmap?
No wonder so many people are confused about VLANs. If you put multiple VLANs on an Ethernet port that a user connects to, there is nothing to stop that user from seeing all of the other VLANs' traffic. Trunk ports have multiple VLANs because they carry traffic from multiple VLANs to other network equipment (such as switches and routers) which then handle distributing the packets according to their tags. So if you had two 24 port switches, you could configure twelve ports onto VLAN 1, eleven ports onto VLAN 2, and then have one port set up as a trunk port connecting the two switches with both VLAN 1 and 2. Depending on which port a user was plugged into, they would be on VLAN 1 (network 1) or VLAN 2 (network 2) and could not see each others traffic since the switch would not allow packets to cross over.
I think these videos of yours are gonna get me a promotion! =D They are awesome in so many ways! You are realy good when talking, don dont say words like "eeeh.. uuuh.. Uhm.." etc. Great content. Fun to listen to, you make this very very clear! thank you for your work!
I know this video is old but wanted to leave a thank you for the work, finally I understand some basic concepts that didnt make sense before I watched this, specifically the untagged vs tagged difference. I am trying with an Ubiquiti edge switch and a HP v1910, and in the Ubiquiti its very simple, but cant for the life of me make it work on the hp. I will change the hp with a tp link one to test
Thank you so much for doing this video!!! If you could please do a follow up video on firewall configurations in the Unifi Environment to allow or disallow traffic through different vLan setups. For example. Needing guests to be able to print to a printer that is on the untagged lan or Allowing Lan users to be able to talk to an IOT device. Preciate You Sir! Keep up the great work!
id never let that guy in my lobby he looks shady LOL ;). great video and thank you for putting it out there. Clears up some of the confusion I was having.
![Twenty One Pilots - “The Line” (from Arcane Season 2) [Official Music Video]](http://i.ytimg.com/vi/E2Rj2gQAyPA/mqdefault.jpg)
After watching several YT’s on VLANS, I give kudos to Chris for doing a better job than all the others combined. Historically, I sparingly used vlans due to weak knowledge. Now, I’ll use them more. His examples and analogies are superb. It’s so good, I watched it twice.
Very good video. Now a video about firewall rules for the vlans.
For example how to stream from your secure vlan to the iot lan.
How will the Sonos app act on a phone vlan when it needs to stream to the iot vlan and the homeassistant app the same way. 😊💪🏼
Exactly. Currently i have all my security cameras on my default LAN. My Agent DVR is running on a computer on my default LAN as well. I manage it through a web browser on my desktop pc on my default LAN. If i segmented the camera's onto a VLAN (which i cannot do at the moment anyways, Google Wifi nojoy) how would i get that streaming traffic to go from it's own VLAN to my computer running the DVR software? If i segemented the DVR computer onto the same VLAN as the camera's, how would I manage it from my desktop PC? Questions... so many questions. I have never understood traffic routing rules for subnets and firewalls. That's the video you need to make for laymen like me.
@@comradeshadovshkithis is why Network engineers get paid the big bucks
@@kurti4432not really anymore. Companies fire expensive cisco network experts nowadays, and move towards dumb SDN. Where they dont need to employ highly paid experts. Its the worst time in history to be a ccie, as no company is willing to pay for networking experts, and after the recent 2-3 years of layoff spree, there are many suxh people on the job market, desperate to find a new job, pushing down the average salary.
Greatest video I ever saw on RUclips. You are the most articulate person I have ever encountered on a complex subject like this. I found you by accident and I will continue with your other videos. I wasn't even looking for a Vlan video but I really did understand 80% of what you talked about. You made a place on my google Drive :) Thanks much
This is hands down the best VLAN explanation video I have ever seen 🤩. Thanks to this video I finally have a full understanding of VLANs. 🥳
This met me right where i needed. There are plenty of videos on either side of the subject. Either they're too high level, just explaining the concept of VLANs, or too fine grained, for those who already were very familiar with all the terminology and just needed to know a specific ecosystem. This one video bridged the gaps in my skillset perfectly! Thank you!
Honestly the best explanation of VLANs I have seen, especially the difference between tagged and untagged VLANs. Saved me days of going back and fourth on a help forum
This is the BEST VLAN guide available not just on YT!!! Thank you so much!!!
I find one the biggest points of confusion people have about a layer 2 VLAN is that they think it is synonymous to a layer 3 Network. One can have multiple VLANs on the same piece of wire. One can have multiple layer 3 Networks on the same piece of wire. One can have a VLAN with multiple layer 3 Networks and vice versa they are independent of each other.
Thank you! VLANs are virtual broadcast domains.
@@mikelambert4490Bingo
Help
YES THIS EXACTLY
This is by far THE BEST VLAN tutorial I've come across, I was so confused by Untagged/tagged VLAN, you are the only one who explain it clear as day (not mud 😅). Thank you so much for this! You are THE BEST!
I’ve been doing small to medium business sysadmin & networking for over 20 years and always got by with larger subnet blocks. I just now am needing to learn VLAN stuff. This helped significantly. Thank you for taking the time to do this!
The amount of videos I’ve watched on tagged, untagged and trunk ports FINALLY I now understand it thanks to this ❤
As someone who knew almost nothing about VLAN's, this video was super informative. Thank you!
I wish you had made this video 5 years ago. Great job, sir! Thank you.
Would love a follow up video on firewall rules and making sure cloud and local only devices work properly across the vlans. Thanks Chris!
I knew a little about VLANs, but often got confused and had to double check on things, this explanation made it much easier to understand and I'm not going to have any issues remembering this. Fantastic content as always!
Thank you so much. You are a great teacher. I've learned so much from you these past 3 years. Your customers must love you.
Just... WOW! Such clear, precise explanations delivered with a beautifully pleasant voice. Thank you, sir!
This is by far the best Vlan video I have come across. It answered my long time question about tag vs. untag vlans
Excellent presentation. Lots of work went into making this video.
It did actually...not an easy topic to tackle!
@@CrosstalkSolutions This video should be shown in colleges and high schools for the younger generation to get exposed to networking concepts and terminology.
finally a video that clearly explains the tagged/untagged issue.
Very well explained. The biggest thing to get across to people is the difference between TAGGED and UNTAGGED. By switching UNTAGGED with DEFAULT, and TAGGED with OPTIONAL or/ ADDITIONAL, things start to become very clear very quickly.
I new nothing about routers and switches. Now I feel confident about using them. This is a well laid out video. Thank you very much.
Cheers - glad it was helpful!
This video is going to help soooo many people, including myself! :) I know how vlans work, but this just simplifies it and will help me help others.
Selten haben so gute und anschauliche Erklärungen gehört. Wirklich ganz hervorragend! Vielen, vielen Dank!
By far the best VLAN video I came across. The only missed info for me was about access port, but everything else explained on this video it’s very well clarified !
This was such a helpful video for someone about to set up a new unify based network. Helps make your other unify VLAN setup videos much easier to understand.
Thank you.
Hey Chris, great video. As someone who’s been networking for years and been the IT guy for the small companies I’ve worked for, I have set up and use VLANs, but this video did a great job clarifying and simplifying the topic, I feel more confident in my approach now. I’ll refer others to this when I see vlan questions on Reddit. Good job!
Best VLAN principles explanation I have seen on YT. Thank you.
Superb! 👏 I have finally properly understood setting tagged vs. untagged VLANs on ports. It's the best explanation I have ever come across so far with multiple real world examples. Very informative video. Kudos and thank you! 🌟 Keep up the good work.
You never AFAICR explicitly mentioned it to drive the point home, but: without VLANs, to achieve the same logical separation of networks, the networks need to be physically separated (dedicated cable runs and switches for each network so that the packets of two networks "never meet"), and that the whole point of VLANs is that there is only one physical network needed, where the separation of the logical networks is achieved "in software" by having the VLAN-aware routers and switches enforce on port-level the logical separation, based on the VLAN tags of the network packets that pass through.
Give this mam am award
What a great video. Can't tell you how many hours I've spent reading & watching videos on this topic and your presentation caused it all to gel. I suddenly love the new way UniFi does this and I figured out my ancient Dell PowerConnect switch while I was at it with these concepts. So pumped! Fantastic job, Chris. This could be a template for an industry standard.
Great introduction to VLANs.
Getting IPs sorted to different LANs is my main goal (while having access to the internet on all ports) without using a switch.
Another great video Chris. Your videos on Ubiquiti products are the sole reason that I settle on Unifi equipment a few years ago. Thanks for all your hard work.
Ditto for me too!
Sorry to say, I feel exactly opposite on the horrible Ubiquiti controller. This week I struggled to resurrect a corrupted USG-3P and get LAN2 to function.
It was nightmare flipping back to legacy view UniFi for the necessary menu items because V8 is incomplete. While USG demands a new VLAN for lan2, there’s no way to define tag, untag, or trunk. Very disappointing software and documentation.
Well explained video, would love to see an extensive video with firewall rules using vlan
One of the things that I absolutely LOVE about Macs is that they have built in functionality to understand VLAN's when given a trunk port by a switch. Even my 20 year old PowerMac G5 has this capability! In System Preferences you add the VLAN ID's and give the ethernet "profile" a name. Add as many VLAN interfaces on you Mac as you have VLANS's. So some of my Mac's have 10+ IP addresses all with using a single ethernet cable. No inter VLAN routing required as the computer is on all the networks at the same time and the traffic stays on the Layer 2 switch.
coul you expand on that just a bit, thx
@@ChasEng-o6y Make sure your Mac is plugged into a trunk port on your switch. By default, your Mac will get an IP address in the untagged VLAN 1 "default" or management LAN. Open System Preferences (System Settings) > Network > and click the dropdown menu (depending on OS X or later version) > Manage Virtual Interfaces > Click "plus" button > New VLAN > Name your VLAN > Enter the VLAN ID created by your router or Layer 3 switch > select the NIC interface > click create. Do this process for as many tagged VLAN's you want your computer to be on. For me, after I do that, I disable ETH0 to get the computer off the untagged / management network.
With L2 switch and vlans when you copy files from pc A in vlan 10 to a pc B in vlan 20 it will be slow as hell because all traffic must go through the router to get data from pc a to pc b. With L3 switch the copy files action will go quick because the switch will do the routing using inter VLAN routing.
Amazing video! All clear, I can finally say that I understand VLANs - Thank you!
Thanks! This was extremely informative. 2 questions keep haunting me:
1) Why do we trust devices to tell us which VLAN they want to be part of? A hacker could simply tag his data with any VLAN in order to exploit that VLAN. Shouldn't the router assign each device to a VLAN based on some sort of pre-determined rules that we set?
2) Why would you have different VLANs available on different switch ports? Wouldn't it be best to make all VLANs available on all ports, with the default/untagged set to the guest VLAN? That would give us ultimate flexibility and convenience, such that any device can be patched into any switch port. Once again, the router would make sure that each device is assigned to the correct VLAN, no matter which port it is connected to.
Very well explained. VLANs for dummies. Impossible does not understand. Thanks for this video
This is one of the most well done VLAN instructional videos I have ever seen.
Is there any chance you can make a tutorial for Chromecast Multicast DNS over VLAN with Ubiquiti? Something that should be easy but never works as expected.
Bless you for this video!! Been waiting for this one for awhile. Thank you!
Awesome video Chris, best one I've ever seen on the subject to date.
Thanks! Finally an easy to understand explanation of VLANs. Didn't get it before, get it now.
Great presentation. I'm thinking of getting into Unifi in my new house so I've saved this to watch it all again later when trying to set it up as a nooob. 👍
Dude this video is a gift from God
I was confused about untagged and tagged ports. Not anymore! Thank you so much!
Best VLAN explanation ever! Thank you Chris for this vid!
Excellent video! Glad you showed UniFi and then also a hodge podge of equipment as well. I am all UniFi here and have noticed my Flex-Mini is VLAN aware and configurable, but like that router you showed, if you configure a port as Native to a VLAN (not 1/default), you can't have tagged traffic.
Thank you!!! This was so helpful. For the first time, I finally understand VLANS.
Very well presented. Easy to understand and actually USE! Thank you.
When you were talking about VoIP phones, you could have mentioned the phones can also pass through the default LAN, so that a computer can be plugged into the back, so the computer and phone can share a single switch port.
outstanding video! one of the best VLAN videos on youtube. if not, the best video!!!
This was fantastic. I always got confused with the tagging and untagged part of vlans but you explained this very well.
And subscribed… by far the easiest video to understand this subject I’ve found.
Possible update to the beginning - show 4 switches as the "old school" way we would segregate networks physically for each dedicated usage (maybe use different colours of cables for each). Then show a single "VLAN-enabled" switch with all of those cables plugged into it.
This right here. Visually showing what VLANs are logically doing is a great teaching tool.
Greatest VLAN video on RUclips 💪💪🙏
Highly informative! Easy to follow, thanks!
Absolutely incredible video! Well done. I believe you may have misspoke between 30:38 and 30:47. I may be wrong, but I believe you referred to tagged ports as untagged. Easy to do, especially given the number of times you had to say tagged and untagged.
omg I scrolled a lot to find this comment! Thank you. I was struggling to know if it was just misspoken or if I was not understanding something!
Lots a work on that video, great job! thanks for sharing your knownedge
Nicely done Chris, thoroughly enjoyed!
I would love a video explaining layer 3 vs layer 2.
Great video. Thank you for the information. It was clear as mud until the very end when you demonstrated. Then it all came together
Awesome video! Very well laid out to help me better understand VLANs and how to set them up on my Unifi network.
one of the most underrated channel
Needed a VLAN review, this was very clear and thorough!
Okayyyy Now that is an excellent tutorial video. Leaving here ready to go setup my home VLANs; just need to get up to speed with firewalls.
dude!!! the vlan "vans" theme shirt is really cool!
Here’s my idea for a “made easy” explanation:
- Think of a switch as a house with multiple doors (ports) and of each device as a person.
- Each person wears a T-shirt, and it can have a number printed on it (tagged) or not (untagged).
- An access system at each door (port) checks the number on the shirt and dispenses a badge (think DHCP) based on the number on the T-shirt.
- Persons with tagged shirts having a number that is allowed entry will get a badge (think IP address) for that group.
- Persons with no number on the shirt will get another (default) badge.
- Persons with a number that is not whitelisted will not get a badge, and cannot enter.
Respect and many thanks for this video. It's quite some information, but I think it covers it all. Great job!
Thank You especially for the practical examples on how to configure at the end.
Fantastic. Future Ubiquiti user in Zambia (gotta get equipment cleared through our version of the FCC) This helped me understand tagged vs. untagged so much better.
great shirt! should have added "off the LAN" quote though :D
I might have missed it, but it seems that there was no mention of PVID values, which are the standard way of indicating the "native VLAN" for a given port. If you aren't using Unifi, PVID is probably the way that the interface refers to the native VLAN ID.
Really nice video, you are so good in explaining network stuff the way anyone can understand... Chapeau!
Great video. I thought of some questions while watching, hopefully you (or someone!) can answer:
Can you disallow untagged VLAN devices on a port? I.e, require that a VLAN is configured on a device (so someone can't plug in a random device)
How do static IPs play into all this? What if you configured a device with a VLAN (or let it default) but set a static IP in the wrong subnet? (I.e, the hacker in the lobby tries to circumvent the allowed VLAN tags by setting a static IP)
Can multiple VLANs have the same subnet? What effects would that have?
yes, if you make a port tagged for VLAN x , but not untagged .. the device will have to use VLAN x otherwise it will not get an IP.
excellent video with spot-on explanation and the visuals rocked too
thanks for that, helped me understand vlans and tagging in the unifi, especially the new interface, a little better
I learned today that I can manually set the VLAN Tag on my Mac, thank you.
Sir this was the perfect explanation about VLAN, grettings from Romania :)
How does the IP phone know that needs to ask for VLAN 30 only? Great video as always!!!
It's probably manually setup with a static IP address in the "30" VLAN range
@@brightmanfanno he said it gets an ip address
it will option to define a VLAN in its settings, otherwise it will (if defined) use the untagged vlan.
Fantastic video this was the best explanation I’ve seen on VLANs
Fantastic description and presentation.
Awesome video and mega clear presentation
Best video I've seen so far for VLAN beginners. Thank you!
Tomorrow’s my exam you saved me buddy thank you
What a helpful video. Very good job, thank you
I love every second of your video, keep on making more
Thx. I am rookie in this topic, but you inspired me to dig in this area.
Thank you for this excellent explanation...
Great VLAN vid! Thanks a lot. I was able to get my Cloud gateway ultra and Netgear GS110tp talking to each other at least civilly
Again one of the great explaining videos 🎉. Q: Is it also possible to push a device to a VLAN by it’s MAC address? Let’s take the doctors waiting room. Here all devices normally connect to the guests network. But sometimes the doctor itself is in the waiting room and his computer should always connect to the main network. Is that possible (Unifi) ? Other questions: which devices do know / can I train to connect to a special VLAN?
This is so comprehensive and I learned so much! I may need to watch this a few times to fully comprehend it but that is okay by me. In a mixed environment scenario where you may not know what is plugged into what, how would you go about identifying hardware? Would I use something like Nmap?
What a great work and explanation, props to you!!
Great video. Do you have any videos on VLAN and firewall settings on a UDM for PCI compliance?
No wonder so many people are confused about VLANs. If you put multiple VLANs on an Ethernet port that a user connects to, there is nothing to stop that user from seeing all of the other VLANs' traffic. Trunk ports have multiple VLANs because they carry traffic from multiple VLANs to other network equipment (such as switches and routers) which then handle distributing the packets according to their tags. So if you had two 24 port switches, you could configure twelve ports onto VLAN 1, eleven ports onto VLAN 2, and then have one port set up as a trunk port connecting the two switches with both VLAN 1 and 2. Depending on which port a user was plugged into, they would be on VLAN 1 (network 1) or VLAN 2 (network 2) and could not see each others traffic since the switch would not allow packets to cross over.
From Flanders Fields, Belgium : top quality, thank you very much..
One of your best video ! thanks a lot.
I think these videos of yours are gonna get me a promotion! =D They are awesome in so many ways! You are realy good when talking, don dont say words like "eeeh.. uuuh.. Uhm.." etc. Great content. Fun to listen to, you make this very very clear! thank you for your work!
I know this video is old but wanted to leave a thank you for the work, finally I understand some basic concepts that didnt make sense before I watched this, specifically the untagged vs tagged difference. I am trying with an Ubiquiti edge switch and a HP v1910, and in the Ubiquiti its very simple, but cant for the life of me make it work on the hp. I will change the hp with a tp link one to test
Thank you so much for doing this video!!! If you could please do a follow up video on firewall configurations in the Unifi Environment to allow or disallow traffic through different vLan setups. For example. Needing guests to be able to print to a printer that is on the untagged lan or Allowing Lan users to be able to talk to an IOT device. Preciate You Sir! Keep up the great work!
id never let that guy in my lobby he looks shady LOL ;). great video and thank you for putting it out there. Clears up some of the confusion I was having.