sThanks for the replies.
I definitely didn’t do that on purpose. Unfortunately, since I wasn’t using VLANs before, everything defaulted to VLAN 1 (as the only (V)LAN that existed.
I’ve got plans to gradually create more VLANs and get as much traffic off VLAN 1 as possible (e.g., an IoT VLAN for the dubious smart TVs that I somehow am surrounded by…), but I’m going to have to go slow with that, and get some more experience building VLANs that won’t annoy anyone else if I screw them up.
Since I’ve got maybe 5 hours a week (on Saturdays) to tinker with this stuff, and doing everything right (the easy way) would require starting from scratch, I’m afraid I can’t really start over at this point. I don’t think work will give me a week off to “figure out how to redo my home network and then how to make that happen across the three different brands of hardware I somehow ended up with.”
Alas.
I’m not trying to get things onto a management VLAN for security purposes so much as I figured this was a relatively safe thing to experiment with for a first VLAN; I’ve got actual serial console access to all the network equipment and a hardware terminal server so I can quickly reverse things I break, but when I do break something, no one notices but me, and it doesn’t impact anyone else in the house as far as actually using their devices. Or me using my production machines for work, come to that.
Instead, you should look into changing the “native vlan” and/or “default vlan” on your switch(es).
This is definitely the way to go. I somehow assumed this would be easy given that I’ve been accumulating small business gear.
Oops.
My core switch has an out of band management port. It was easy enough to put that on an untagged port on the management VLAN.
My FS S3900 is a Cisco-like switch with a dedicated out of band management port that takes a static IP assignment, so I think I can probably make that do what I want, but I haven’t had a chance to test it yet.
But. My consumer/small office non-PoE and small office PoE switches from QNAP don’t have management ports (which is REALLY inexcusable on the PoE switch, IMHO, given its target audience and price point). And QNAP hasn’t yet released firmware for either of those that supports redefining the native/default VLAN (in fact, it’s locked to VLAN 1, I tried).
They also don’t allow the management web GUI to be assigned to a specific VLAN, which would solve my problems neatly.
Rumor is this feature is on the super secret roadmap for the QNAP switch firmware, but rumor is also that these features were suppose to be in version 2.0 and release at the beginning of 2023. It’s almost 2024 and we’re still on the 1.3.x branch, sooooo…
tl;dr I’ve outgrown a pair of very expensive switches because I wasn’t informed enough when I bought them and didn’t realize not all VLAN support was created equal.