- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
MX WAN Interface accepting multiple VLANs
Hi everyone, I know I can set a VLAN ID on the WAN uplink of my MX. However is it possible to allow multiple VLANs or create sub-interfaces under the WAN uplink?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No this is not possible. Depending on your use case, you could put a breakout switch in front of the MX and be able to create multiple access ports on the various VLANs that could then be used by devices, but the MX wan interfaces can not have sub-interfaces.
Can you explain more about what you are trying to do?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Understand, I need to pass down 3 VLANs from the ISP equipment for data, management, and VOIP to my MX. Would creating a trunk and using the trunk VLAN ID work or not?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can create a trunk on a switch and then select a switch port in access mode for each VLAN and logically one of these ports will be assigned to the WAN interface of the MX.
It should work without any problems.
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What @alemabrahao said is right, but I'm not sure I am understanding what your ISP is providing. Kinda sounds like they are providing a managed firewall with a direct handoff for your LAN. I'd try to understand better there as I've often seen where what you want and what the ISPs sales team enters into the system are not translated properly.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'll get back to you on this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If possible, please share it here in the discussion, so we can try to help you.
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can connect the wan to a switch trunk port for example vlan x ,y on port 1.
Then port 2 you can use a port with vlan x( internet to mx).
And port 3 you can use vlan y( data to your lan?)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think this won't work for MX, because the WAN port doesn't support trunk. Correct me if I'm wrong.
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
With that approach, you build a physical bypass around your firewall. With the slightest mistake by the ISP your internal network is openly exposed to the internet. I would not do this.
