Easy VLAN configuration

Toggle sidebar Toggle sidebar
D

doof205

Commendable
Nov 3, 2016
3
0
1,510
I install CCTV equipment and I'm running into an issue with IP cameras where the customer doesn't want them on their network and can't create me a VLAN. I can run IP cameras if they're plugged directly into the back of the recorder as there is a smart switch on the back but otherwise I'm not able to install IP cameras.

What options do I have in terms of running an independent network? Could I fit a switch where 1 port goes to their network and the rest go to my network running a DHCP server on those ports? I could then run out to more basic switches from these ports to run my cameras.

I've actually bought a cisco switch but it's all looking pretty complicated for what appears to me on face value to be a pretty basic requirement. I'm pretty IT savvy and used to be a programmer so should be able to sort this.

Are there any straightforward options for me?

Thanks.
 
Your main problem is do you really want it completely separate. That is easy you buy switches that support vlans and assign the ports to the proper vlan. They act as though you have multiple switches physical switches in the same box.

The problem comes if they need to communicate in any way. At that point you need a actual router that can move the traffic between them. In most cases the router understands vlan tags but it does not have to.

 
I would need some devices (the recorders) to be able to communicate with the other VLAN. Can this all be done with a switch like a Cisco SF302-08pp
 
That appears to be a layer3 switch from a brief look. It can in theory do what you want but it requires you to have a pretty good understanding of subnets and basic routing.

The main issue is going to be that a layer 3 switch does not support nat. So if you were to use the switch as your default gate for both subnets they could talk but when you then routed the traffic to the router to go to the internet the router would need to be able to nat the subnet you need. A commercial router has no issues doing this a consumer router only can nat the ip block assigned to its lan ports. If you hook a layer 3 switch behind it and have multiple subnets it will be hard to get it to function.

 


Inter VLAN routing is possible on this model if you know how to do it, I would imagine you would need to set up access lists.
 
So what is the problem with them creating a VLAN, is it that they don't want one, or their equipment just doesn't support it, or they don't know how?

If they just want one standalone PC to view the cameras then all you needs is a standalone POE switch and connect the camera's and the computers to it.

Ideally you would use VLANs and have the camera's one one VLAN, and the NVR/DVR (whether hardware or pc running software) on another VLAN that can talk to the camera VLAN (and the NVR being the only device that can talk to that VLAN). Then of course restrict that VLAN to only the http/rstp/onvif ports you need.

Are they using any sort of NVR or are they just trying to use the camera's as standalones?
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom