[ExpertWiFi] How to set VLAN on ASUS ExpertWiFi router? | Official Support

ASUS Support FAQ

FAQ

[ExpertWiFi] How to set VLAN on ASUS ExpertWiFi router?

A VLAN (Virtual Local Area Network) is a logical network that is created within a larger physical network. VLANs allow you to segment a network into smaller, virtual sub-networks, which can be used to isolate traffic and improve network performance.

VLANs are often used in enterprise networks to separate different departments or groups, or to segment different types of traffic (such as voice, data, and video). They can also be used in home networks to isolate different devices or users, or to separate guest networks from the main network.

Trunk port(Tagged):
A VLAN trunk port is a networking port that is used to carry traffic for multiple VLANs (Virtual Local Area Networks) over a single physical connection. It can transfer multiple VLAN groups traffic simultaneously between switches or between switch to router.
Access port(Untagged):
A VLAN access port is a network interface that allows traffic to be transmitted over a single VLAN through a physical connection. These ports are commonly used to connect computers, printers, and other devices to the network, and they are usually set up to only allow traffic for a specific VLAN.

Example illustration

Here is an example to isolate the NBs and PCs in different department

Networking devices:

Router: ExpertWiFi EBM68
Switch: ExpertWiFi EBP15

VLAN ID:

VLAN ID 52 for NB 1 and PC1
VLAN ID 53 for NB 2 and PC2

Router settings:

Set LAN1 port to Access mode with VLAN ID 52.
Set LAN2 port to Access mode with VLAN ID 53.
Set LAN3 port to Trunk mode and allow VLAN 52/VLAN 53 traffics.

Switch settings:

Setup VLAN 52 and VLAN 53。
Setup the Access ports on the Switch and connect the access ports to device on VLAN 52 and VLAN 53 separately.
Setup the Trunk port on the Switch and connect it to the LAN3 port (Trunk port) on the Router to allow the VLAN traffic to pass.

Through the above environment settings and Trunk port connection, devices (NB & PC) in the same VLAN group on the router and switch can communicate with each other.
Note: Devices in different VLAN groups cannot access to each other. In this case, the NB1 in VLAN ID 52 cannot communicate to NB2 or PC2 in VLAN ID 53.

Notice before starting the setup

1). Please note that a VLAN network will be created simultaneously when you create an SDN WiFi Network, please refer to the FAQ [ExpertWiFi] What is a Self-defined Network (SDN) and how do you set up an SDN?

2). Please upgrade your ExpertWiFi router to latest firmware. For more information about firmware upgrades, please refer to [ExpertWiFi] How to update the firmware of ExpertWiFi router? (WebGUI)

Login to ExpertWiFi router before setup the VLAN

1) Connect your computer to the ASUS ExpertWiFi router via Ethernet cable or WiFi. Open a web browser and enter your ExpertWiFi router's LAN IP address or visit http://www.expertwifi.net to access the ExpertWiFi Web GUI.

2) Enter the login account and password and click [Sign In]

Note: If you forget the username and password, you'll need to reset the router to its factory default settings and set up a new account/password.

For how to reset the router to default status, please refer to [ExpertWiFi] How to restore your ExpertWiFi router to factory settings?

There are two ways to create VLAN profiles.

A. Create VLAN profiles via LAN > VLAN page: For users who need to bind separate Ethernet port to specific VLANs.
B. Create VLAN profiles via Self-defined Network (SDN): For users who need to bind both the WiFi SSID and the Ethernet port to a specific VLAN.

A. Create VLAN profiles via LAN > VLAN page

1). After entering the router settings page, go to [Settings] > [LAN] > [VLAN]

2). Click [Profile] > setup a preferred VLAN ID (VLAN ID range from 1 to 4094) and click [+] icon to create the VLAN profile.

Here we take an example with the network name (SSID) as Office and the VLAN ID as 52.

Interface Help:

Network Name (SSID): The name of the VLAN profile.
VLAN ID: VLAN ID is the unique number assigned to different VLAN groups. You can assign any number between 1 and 4094 as a VLAN ID.
Port Isolation: Block the accessibility between different devices in the same VLAN.
Add/Remove: Add to create a VLAN profile or delete a created VLAN profile.

3). After creating a VLAN profile, please go to [VLAN] to continue the setup.

The LAN port number displayed in this page corresponds to the physical LAN port number on the router.

VLAN Mode Interface Help:

(1) All(Default): It allows all tagged and untagged packets.

(2) Access Mode: It allows the packets of theVLAN profile you select to pass through, you can choose the profile you create via SDN or VLAN profile page.

Here we take VLAN ID=52 Office as an example. Set LAN port 3 to Access mode and select the VLAN profile [Office], then device connects to LAN port 3 will be in the [Office] VLAN network.

(3) Trunk mode：

Notice: In Trunk Mode, you can connect a management switch to the router's Trunk port for the allowed packets to pass through, but do not connect a end device like computer.

Allow all tagging(default): It allows all tagged packets to pass through and drops any untagged packets.

If you select a specific VLAN profile in trunk mode, it means that only packets belonging to that VLAN profile are allowed to pass through the trunk port.

B. Create VLAN profiles via Self-defined Network (SDN)

1). Login to ExpertWiFi UI and go to [Self-Define Network]. Here we take [Customized Network] as an example.

2). Set the WiFi SSID and password on the [Network Name] and [Wireless Security] column, and then click more config.

3). Choose your preferred broadcast WiFi band and click Apply to complete the setup.

4). Back to [Settings] > [LAN] > [VLAN], now you can select the corresponding VLAN mode (All (default)/Access/Trunk) in the mode field and the VLAN profile you just created on the LAN port where you want to configure VLAN.

For VLAN mode introduction, please refer to here。

FAQ

1. Why do I see VPN profiles even though I have never set up a VLAN Profile?
If you add a custom network (SDN) wireless network on the ExpertWiFi router, it will automatically add a VLAN network as well.

2. Why don't I see the VLAN feature option in the ExpertWiFi App?
Currently, the VLAN feature option is only available in the router's WebGUI configuration page.

How to get the (Utility / Firmware)?

You can download the latest drivers, software, firmware and user manuals in the ASUS Download Center

If you need more information about the ASUS Download Center, please refer this link.

Was this information helpful?

Yes No

Contact Support

Please contact with us if the above information cannot resolve your problem

Above information might be partly or entirely quoted from exterior websites or sources. please refer to the information based on the source that we noted. Please directly contact or inquire the sources if there is any further question and note that ASUS is neither relevant nor responsible for its content/service
This information may not suitable for all the products from the same category/series. Some of the screen shots and operations could be different from the software versions.
ASUS provides the above information for reference only. If you have any questions about the content, please contact the above product vendor directly. Please note that ASUS is not responsible for the content or service provided by the above product vendor.
Brand and product names mentioned are trademarks of their respective companies.

ASUS Support FAQ