Can VLANs be used to segregate which devices on a Network get to the Internet? [closed] – A server stack is the collection of software that forms the operational infrastructure on a given machine. In a computing context, a stack is an ordered pile. A server stack is one type of solution stack — an ordered selection of software that makes it possible to complete a particular task. Like in this post about Can VLANs be used to segregate which devices on a Network get to the Internet? [closed] was one problem in server stack that need for a solution. Below are some tips in manage your linux server when you find problem about linux, windows, vlan, , .
I have searched and read many posts on this site. None of them directly addresses my problem. I have several Linux boxes which I wish to have unfettered access to the Internet. I have Windows machines which I do not want to have access to the Internet. I do however want to use Samba shares on the Linux boxes from the Windows units.
Is this feasible using VLANs?
Can VLANs be used to segregate which devices on a Network get to the Internet?
No, not by using VLANs alone.
As the canonical Q&A on VLAN’s explains placing specific systems in different VLAN’s is one part of the solution to segregate them, but there is a second part of the puzzle; you will also need a router to provide (and restrict) the connectivity to/from/between those VLAN’s and the internet at large.
By putting your Windows clients in a VLAN that is not routed to the WAN you will effectively have stopped them from accessing the WAN aka “internet”.
Then either give your Samba Host two NIC’s, one for VLAN 1 and one for VLAN 2, or make it “VLAN aware” and trunk both VLANs to it.
Making the host “VLAN aware” is done differently based on what OS the service is installed on.
Windows hosts now cannot access the WAN, and they can access Samba.
The Windows machines also cannot communicate with anything else outside VLAN 2, if you need this you can place a simple FW between the TP-Link and Switch01 to route the networks.
Can VLANs be used to segregate which devices on a Network get to the
Internet?
Yes
