We need to identify a parent interface before we can start configuring and assigning VLANs. The parent interface refers to the physical interface that will transfer the VLAN tagged traffic. Historically the best practice was to leave the parent interface unassigned due to undefined, unpredictable or inconsistent behaviour by some hardware, depending on the manufacturer. There was a chance that tagged traffic could be stripped of its tags and end up allocated to the parent interface introducing a security risk.

Navigate to Interfaces → Assignments.

Click VLANs.

• Click Add.
• Parent Interface: LAN Interface. Choose whichever interface you want here.
• VLAN Tag: 50.
• VLAN Priority: 0
• Description: CLEAR.
• Click Save.

• Click Add.
• Parent Interface: LAN Interface. Choose whichever interface you want here.
• VLAN Tag: 70.
• VLAN Priority: 0
• Description: IOT.
• Click Save.

• Click Add.
• Parent Interface: LAN Interface. Choose whichever interface you want here.
• VLAN Tag: 99.
• VLAN Priority: 0
• Description: GUEST.
• Click Save.

Create an interface per VLAN.

Navigate to Interfaces → Assignments.

• Select VLAN50 on em1 from the available network ports.
• Click Add.

• Select VLAN70 on em1 from the available network ports.
• Click Add.

• Select VLAN99 on em1 from the available network ports.
• Click Add.

Navigate to Interfaces → Assignments.

• Click on the label next to VLAN50, its likely to be OPT1.

Configure this interface as follows:

In General Configuration:

• Enable: Checked.
• Description: CLEAR.
• IPv4 Configuration Type: Static IPv4.
• IPv6 Configuration Type: None.
• MAC Address: <default>.
• MTU: None.
• MSS: None.
• Speed and Duplex: Default (no preferences, typically autoselect).

In Static IPv4 configuration:

• IPv4 Address: 192.168.50.1/24.
• IPv4 Upstream gateway: None.

In Reserved Networks:

• Block private networks and loopback addresses: Not Checked.
• Block bogon networks: Not Checked.

Click Save and Apply changes.

Navigate to Interfaces → Assignments.

• Click on the label next to VLAN70, its likely to be OPT2.

Configure this interface as follows:

In General Configuration:

• Enable: Checked.
• Description: IOT.
• IPv4 Configuration Type: Static IPv4.
• IPv6 Configuration Type: None.
• MAC Address: <default>.
• MTU: None.
• MSS: None.
• Speed and Duplex: Default (no preferences, typically autoselect).

In Static IPv4 configuration:

• IPv4 Address: 192.168.70.1/24.
• IPv4 Upstream gateway: None.

In Reserved Networks:

• Block private networks and loopback addresses: Not Checked.
• Block bogon networks: Not Checked.

Click Save and Apply changes.

Navigate to Interfaces → Assignments.

• Click on the label next to VLAN99, its likely to be OPT3.

Configure this interface as follows:

In General Configuration:

• Enable: Checked.
• Description: GUEST.
• IPv4 Configuration Type: Static IPv4.
• IPv6 Configuration Type: None.
• MAC Address: <default>.
• MTU: None.
• MSS: None.
• Speed and Duplex: Default (no preferences, typically autoselect).

In Static IPv4 configuration:

• IPv4 Address: 192.168.1.99/24. Alternatively use a completely different IP range for Guests such as 172.16.0.1/24.
• IPv4 Upstream gateway: None.

In Reserved Networks:

• Block private networks and loopback addresses: Not Checked.
• Block bogon networks: Not Checked.

Click Save and Apply changes.