We need to identify a parent interface before we can start configuring and assigning VLANs. The parent interface refers to the physical interface that will transfer the VLAN tagged traffic. Historically the best practice was to leave the parent interface unassigned due to undefined, unpredictable or inconsistent behaviour by some hardware, depending on the manufacturer. There was a chance that tagged traffic could be stripped of its tags and end up allocated to the parent interface introducing a security risk.

Navigate to Interfaces → Assignments.

Click VLANs.

• Click Add.
• Parent Interface: LAN Interface. Choose whichever interface you want here.
• VLAN Tag: 50.
• VLAN Priority: 0
• Description: CLEAR.
• Click Save.

• Click Add.
• Parent Interface: LAN Interface. Choose whichever interface you want here.
• VLAN Tag: 70.
• VLAN Priority: 0
• Description: IOT.
• Click Save.

• Click Add.
• Parent Interface: LAN Interface. Choose whichever interface you want here.
• VLAN Tag: 99.
• VLAN Priority: 0
• Description: GUEST.
• Click Save.

Create an interface per VLAN.

Navigate to Interfaces → Assignments.

• Select VLAN50 on em1 from the available network ports.
• Click Add.

• Select VLAN70 on em1 from the available network ports.
• Click Add.

• Select VLAN99 on em1 from the available network ports.
• Click Add.

Navigate to Interfaces → Assignments.

• Click on the label next to ‘VLAN50’, its likely to be OPT1.

Configure this interface as follows:

In General Configuration:

• Enable: Checked.
• Description: CLEAR.
• IPv4 Configuration Type: Static IPv4.
• IPv6 Configuration Type: None.
• MAC Address: <default>.
• MTU: None.
• MSS: None.
• Speed and Duplex: Default (no preferences, typically autoselect).

In Static IPv4 configuration:

• IPv4 Address: 192.168.50.1/24.
• IPv4 Upstream gateway: None.

In Reserved Networks:

• Block private networks and loopback addresses: Not Checked.
• Block bogon networks: Not Checked.

Click Save and Apply changes.