How to set up multiple VLANs on a NIC for XP pro, Vista Business and Win 7 Pro.

[robmurphy]

Has anyone setup a single NIC with more than 1 VLAN on the above Microsoft desktop operating systems.

The VLANS need to be tagged. The NICS used are mainly Realtek PCIe, and do have VLAN support.

I did try this on XP with an Intel utility for the Intel Pro GT PCI gigabit cards, but without much success. I have done this on Centos, but would like to be able to do it on the Realtek NICs that support it on the Microsoft operating systems. I have searched Realtek, Microsoft, and Google. I also searched this forum back to Jan 2009.

If this cant be done on XP that's not much of a Problem. I would like to be able to do this on Vista Business and Win 7 Pro though.

I have had many situations recently where the laptop having connections to at least 2 wired networks would be very helpful. For example accessing 2 or 3 separate wired networks, or setting a soft phone to use a different network to the one used for data. The laptops in question do not have the port to add a NIC on a PCMCIA card. Wireless is not really an option as there is no wireless connection to networks I need to access.

I can do this from a Centos desktop machine, but that will unavailable shortly.

Rob.

 

[Bashbelly]

is adding a usb NIC not feasible? they are dirt cheap.

 

[robmurphy]

No way I would use the USB attached NICs, and would not expect any one else to. If it cannot be done with VLANs on a single NIC then it will not work for laptops.

Rob.

 

[drebo]

Your desire to do this just reeks of a terrible network design and inexperience.

Separating voice traffic on to a different VLAN is a separate feature that does not require any special configuration on the workstations or servers.

Additionally, I would NEVER EVER trust VLAN tagging from a workstation. Absolutely abysmal idea. If your network is properly configured, you should be able to route between VLANs without issue and should not need an interface to exist on both VLANs.

You're going to need to expand upon exactly why you think it's a good idea to allow tagged VLAN packets from a desktop computer. It's entirely possible that you're way overthinking this. Diagram out what you really need to do and we can help you redesign your network in a more secure and less ridiculous fashion.

 

[robmurphy]

At present there is one main reason to use the separate VLANS from the laptop. I have to access several different networks. Some use DHCP, some static. At least 2 of those networks are on a single Cisco 2960 switch. I can access both from a from a Linux Desktop machine quite happily, but that machine will be not be available soon. The Switch config may not be 100% correct, but it works fine using a trunk port on the switch and setting up the linux PC to have an ethernet interface for each VLAN. For the moment all I want to do is to be able to to do the same from the laptop. The laptop has as said a NIC which does support VLANS, and tagging.

To have a separate NIC for each network you want to use is a waste of switch ports, and also means much more cabling. For a laptop that only has 1 NIC its a real problem. Swapping cables to different ports, and constantly changing the NIC settings and wastes time.

The VLAN settings appear to be available in server 2008, but what I'm asking is has anyone tried using VLANs on XP pro, Vista Business, or Win 7 Pro.

My background for the last 5 years has been on projects that were heavily dependent on VLANs. VoIP on large installs (and on BT's 21CN) uses VLANs on all data and voice connections. Converged networks use VLAN tagging to separate voice, data, and management networks. I could give many more examples.

My main lack of experience on this is setting up the Cisco switch to use VLANs. I managed to set up simple port based VLANs to separate the switch into 2 separate IP networks with no problems. I've setup port mirroring to one destination port for both networks. I've got the trunk port setup, and this works fine with a linux. PC I'm not asking for double tagged VLANs. Single tags are fine. I may well be inexperienced in this but I've spent more time working with VLANs than I care to remember.

You may well suggest another switch so that each network has its own switch. This would mean another switch capable of port mirroring, and a delay while one was sourced. As far as I can tell the 2960 seems to be fine with 2 port based VLANs, and the port mirroring. The port mirroring is a must. If you are dealing with a SIP service provider and are having problems with calls sooner rather than later you will need a trace of the SIP and the RTP. An analysis of the trace can quickly tell you the location of the problem. I've worked on many projects were a Cisco switch was used, and they all used VLANs, and for the switches that the VoIP endpoint connected to port mirroring was always in use.

As stated at the start of this thread I'm just asking if anyone has managed to get one of Microsoft's pro/business PC operating systems to allow multiple VLANs on one NIC.

Rob

 

[drebo]

I'm going to suggest you hire a consultant to set your network up for you, as you do not have the know-how to properly plan and implement it.

VLAN trunk ports to workstations = bad idea.

Voice VLANs do not require trunk ports (at least not in the traditional sense).

I don't care what your VOIP experience is, if you don't have the capabilities to plan a network properly, you should not be involved in that stage of deployment.

I'm not trying to be mean, I'm simply stating that your goal is extremely open to exploitation and I've seen so many bad network designs that I do everything I can to stop them before they get implemented.

 

[Nothinman]

If your network is setup properly you should be able to access any VLAN like a normal subnet, just make sure whatever device you have set as your default gateway knows where to go to do intra-VLAN routing.

 

[mojodubs]

hey I realize this is an old thread but while doing a search trying to figure out how to use vlan tagging in windows xp, this turns up as a result.

after reading drebo's response I had to chime in.

what a complete jerk this guy is.

I have a really good reason for wanting to have a port in such a condition.
it's called a management port. you might have heard of the concept.

It appears that robmurphy was probably a ip telephony technician looking for a simple way to troubleshoot his networks out in the field, and instead of pointing him in the right direction (you probably have no clue anyway) you resorted to insulting him. SO BRAVE. SO SMART.

It's simple enough to do if you are competent with the command line interface of linux using the "vconfig" utility

If you're using windows xp, the only way that I know of is to use the intel proset utility.

Or if your chipset is broadcom then you need broadcom advanced control suite.

here's a page documenting the process with an intel chipset
(scroll down about halfway)

http://www.formortals.com/implementing-vlan-trunking/

I do not know if there is a way to do such a thing using only the bare metal windows components. if there is, I would like to see it.

*edit*

DHCP option 191 through windows server feature dhcp server configuration could be set but you'd have to be desperate to do something so silly. or only to prove a point.

and if you were going to those lengths then you might as well configure your switch andmanually set the port as drebo suggested.

Hi mojodubs, welcome to the AT Forums. For future reference, please do not necro old threads

-Thanks
ViRGE