IP Camera's and VLANs

debremus

Junior Member
Oct 30, 2014
8
0
0
I have been Googling the crap out of this, but I can't seem to make sense of it.

Here is my setup:

At our facility, we get our internet through a fiber connection to another building. It comes in to a SonicWall router, of which I have no admin access to. The SonicWall has an IP address of 192.168.1.1, and acts as our Gateway.

The SonicWall is directly connected to an HP V1810-48G switch. We currently use an IP subnet of 192.168.1.X. I have just installed 10 IP cameras, which are all connected to an Ubiquiti EdgeSwitch 24-Port 250W which has Layer-3 routing capability. The NVR is also connected to the Ubiquiti switch.

I am looking to setup a seperate VLAN to try to isolate as much for the video traffic as possible for security and bandwidth reasons. My plan is to setup the EdgeSwitch on its own network, then route it to the HP Switch. We will call the new network 192.168.2.X

Considering I have no admin access to the SonicWall, how do I setup my network for the best traffic management for the IP Cameras? How do I route from 192.168.2.X to the already existing 192.168.1.X, when I don't have access to that router?

Thanks in advance, I am certainly scratching my head with this one.
 

Mushkins

Golden Member
Feb 11, 2013
1,631
0
0
Considering I have no admin access to the SonicWall, how do I setup my network for the best traffic management for the IP Cameras? How do I route from 192.168.2.X to the already existing 192.168.1.X, when I don't have access to that router?

Thanks in advance, I am certainly scratching my head with this one.

Short answer- you don't.

Different VLANS are by definition different networks. Different networks need a router to route the traffic between them. If you want to set this up you need access to that sonicwall to properly configure the routes and quality of service for traffic on that separate VLAN.
 

Yayo3p

Member
Mar 11, 2015
65
0
0
Why not have the IP cameras on the same network. How many MB of internet do you have as to why you are concerned about your bandwidth?
 

debremus

Junior Member
Oct 30, 2014
8
0
0
Internet bandwidth isn't my primary concern. My concern is that some of the cameras are dropping frames for no apparent reason. The NVR is on the same switch as the IP cameras, and then that switch is trunked to a separate switch. I had a theory that perhaps broadcast traffic or something is slowing down the cameras, which is why I wanted to try segregation.
 

Mushkins

Golden Member
Feb 11, 2013
1,631
0
0
Segregating them is the "right" way to do it, though considering the size and amount of cameras it doesn't really make much of a difference.

Either way, unless you can get into that Sonicwall there's no way to configure what you'd like to do.
 

debremus

Junior Member
Oct 30, 2014
8
0
0
They are being powered through the Ubiquiti Edgeswitch, which offers POE on all 24 of it's ports.

I am starting to think there is an issue with a single camera, as it seems to be the only camera with a pretty serious frame dropping issue. I am going to try swapping out the camera to narrow down the possibility that its the wire itself that's the issue. Out of the 10 Cat5e cables I ran and terminated, I wouldn't be surprised if I botched one of the ends or bent the cable enough to cause intermittent issues.
 

debremus

Junior Member
Oct 30, 2014
8
0
0
Also, I keep throwing an idea around in my head about how the routing could be done without the SonicWall. If I put the Ubiquiti switch on a different subnet then 192.168.1.0, and put the rest of my devices on the different subnet, I should be able to use the current gateway, 192.168.1.1 as the Next Hop, which would allow me to start my own subnet. Am I completely off base with that idea?
 

Mushkins

Golden Member
Feb 11, 2013
1,631
0
0
Also, I keep throwing an idea around in my head about how the routing could be done without the SonicWall. If I put the Ubiquiti switch on a different subnet then 192.168.1.0, and put the rest of my devices on the different subnet, I should be able to use the current gateway, 192.168.1.1 as the Next Hop, which would allow me to start my own subnet. Am I completely off base with that idea?

This sounds more like you've got an improperly terminated cable going to the one camera than anything else.

That being said, unless the Sonicwall is configured to route between the two networks you're not gonna get anywhere. The setup you just described would only allow traffic outbound from the subnet the cameras are on, nothing on any other network would be able to send traffic *to* the cameras. And without knowing the network information from that Sonicwall, you could potentially overlap the two and cause all sorts of IP conflicts.
 

Carson Dyle

Diamond Member
Jul 2, 2012
8,173
524
126
If the IP cameras and NVR are placed on a separate network (192.168.2.x) and that network has its own dedicated switch, I don't see the role of a VLAN. I suppose we're assuming that external access to the NVR and/or cameras is necessary, otherwise couldn't an additional router (or the Edgeswitch, if it offers layer 3 routing) just be used to route between the two internal neetworks?
 

debremus

Junior Member
Oct 30, 2014
8
0
0
Yeah I am going to re-terminate the cable. There is definitely an issue there. That's an easy fix.

As far as the network, I think I am just going to keep the NVR and cameras on the EdgeSwitch on its own subnet, give the NVR a second IP address on the current subnet, which will allow external access, but prevent anyone from directly accessing the cameras, as well as cut down on unnecessary broadcast traffic TO the cameras.