The money shot!! 16 minute mark As a holder of an expired CCNP I credit you for reorienting my understanding about Tag vs Untag. My assumptions were the reverse After hours of frustration as to why I was not receiving an IP address from my firewall through my Netgear mini switch - and watching multiple videos : YOU were the only presenter to “nail it” Tag ports forward trunked VLAN tags between switches. Untag ports - are Members of the VLAN but strip the tag off because , IE: most people do not set the VLAN ID on their Windows NIC, so the tag would prohibit connectivity. You should do a new video specifically hammering home this point. Because Multi-Vendor VLAN trunking is a humbling experience Thank you sir!!

Thanks for these guides/tutorials/reviews that do not stop at showing the product but actually show the configuration and how to do stuff with pfsense :)

In the past 5 years, nobody has made as comprehensive a video to describe the interconnection between these two exact devices. At least I know that I'm doing the same things someone else did, even if they aren't working. Cheers!

@pygmaelion

4 ай бұрын

And 30 minutes later, I found the part of the video where you specifically talk about PVID settings on the switch AND on the NetGate. You're a pre-covid hero, riding out of the past to heal the networks of admins yet to ride.

You are the best. I've been struggling to set VLANs up for my home network, and you explained it so clear. "Tagged ports are for smart devices, untagged are for dumb devices" What a genius!

Thanks Lawrence for posting these videos, this one help me understand VLAN's, and tagged and untagged. Now I have my WIFI on a different VLAN and my Security system on another VLAN.

White glove service, my favorite. Thanks for the break down, I was looking at this device.

Love how you open the cases. Something I never do but should try sometime.

I have an 8 port PoE (TL-SG2210P) in my homelab for AP's and VoIP phone and for that it's excellent. It's a little higher end than that one I believe, really like it for home use. Would not put in in a corporate network. Liked the review! Nice overview and very complete. 10/10 for shiny box!

No kidding 2 weeks ago I set up my first home pfSense box with this switch and my first unifi ap's. You're running about a week behind when i need you lately! Thanks much though, love the videos.

Love your videos..New to VLANS and your videos give me ahead start...Was able to get my SSID's on different VLANS :)

Thank you for the clear example with hardware. This is the first video where I had an ah-hah moment with us tagged/tagged options as I have this switch and was going to start to configure for vlan traffic

Thanks for an easy to watch quick review, just what I was looking for, a managed switch to play with VLANs at home.

Thank you very much! This was succinct and comprehensive. It was also relevant easy to understand. I have Network Chuck, but I've also been looking to add some other quality channels who discuss networking. I look forward to more videos from you.

Many, many great videos, Lawrence. I think the last combination video to do is have this switch work ESXi where the VLANs are configured on the switch and the firewall is giving out IPs from the DHCP server running on it and the VMs getting them. That's going to be the ultimate video **chef's kiss**

Great video! Really liked your description of tags vs untangled...network engineer myself but its been 15 or so years so I have forgotten a few things :)

Thanks for the review. It is a very basic looking, but reliable, low power use, bit of gear. I've used it mainly in bedrooms where I just wanted to run a single connection up to the main stack, but have a few drops in a bedroom, one for IOT like a FireTV, another for connecting a printer, another for laptop or other networked stuff. In LATAM, this model plus the unmanaged 24 port GBit switches are pretty popular, with DLink often used for managed switches at 3x the cost. Not ever had a problem, and the firmware has received updates over time. I agree with you that I probably wouldn't put this into a massive network, but for a smaller setup, these things would do the job. As they have no fans and are fairly temperature-robust, they are probably ideal for a small install that needs a VOIP and non-VOIP VLAN, perhaps a wifi for guests. I still have to set up my VLANs at home to do the IOT VLAN with the EdgeRouter Pro I have, but I need to plan that out beforehand. Appreciate you guys making videos and sharing your knowledge.

Thanks for this video, and many of your others too. Im a 100% network noob and 6 weeks after buying a protectli vault for pfsense I still can’t get it working properly and am certain my network is still compromised. None of my slow and painful progress would have been possible without your videos, so once again, Thank you

Thank you for the video! You give very good instructions and are easy to understand. I have brain damage and brain cancer and could follow your instructions perfectly. Again, thank you!

Thanks for this video. I have the 5 port version and was having an impossible time getting it set up to use VLANs. I was even working with their tech support and they weren't able to communicate how to get it working. Followed your video and had it working in 5 minutes.

Tom that ‘odd’ cable test says ‘cable fault’. It is there to tell you the distance to a cable fault = broken cable. Gives you an indication on where to examine your walls/cable trays if you loose connection. Like when someone two rooms away decided to drill a whole right where there is a hidden cable channel. behind the plaster wall.

Excellent review...just the right length and content. I was just about ready to purchase until you talked about the security vulnerabilities. This probably is still just fine for my application (home network), for the price, and for the time being.

Thanks for this!! Couldn't get an ip assigned because I had the ports tagged wrong. This video helped me get everything working!!

Time domain reflectometery. That's what the faulty line test is doing to determine the length of the broken/open cable. Very very cool feature to be included in the switch. Send a pulse down the cable, time the reflected signal and analyse the phase. A shorted cable, would be inverted. An open cable would not be.

@bryanarnold8543

Жыл бұрын

Wow. You're dropping some knowledge here. Sounds like you've worked with low voltage wiring quite a bit.

Brilliant video ... you unpicked the weird ui that was confusing the hell out of me.

Thanks L-man! This is exactly what I was looking for to separate my IOT and guest networks from my main lan.

@williamlau7179

3 жыл бұрын

Ya, good features and effective

Hi Tom, thanks for this. I'm really strungling with setting up unraid, pfsense vm on unraid and this top link switch. I understand now. Thank you. *subscribed*

Thanks, dude! Successfully configured 2 WLAN & LAN for pfsense with just two NICs.

Would love to see you review the DLink DGS-1100-08... It's going for about $35 as of this post, but has quite a few more settings than this does. I picked up one of those for my little home lab and it works GREAT, and the VLAN setup is much more sane.

still watching the video, only a minute in just purchased this myself a few days ago. From what I can tell so far is that they seem to have taken your review to heart and the box is no longer shiny

Thank you, this really helped me make a decision on what to do in my home network.

A while back I had the management bleed over problem described and where I had the switch made this a deal breaker. Today, I upgraded the Firmware (I have V3 hardware revision) because I was encouraged by the bug fix text. After wrestling with the .1q VLAN interface, I was able to eliminate access to the MGMT web interface on the non-Default VLAN! The key was assigning the Port as untagged on the new VLAN (add/update button), then removing VLAN 1 from that Port (add/update button) followed by Apply.

@defilogic6726

Жыл бұрын

oh. good advice! I will have to try that!

@TheCoolLama

9 ай бұрын

Nah, I don't believe that. I got the v5 with latest firmware and still can access management interface from any vlan (even when no ports use default/native vlan1). I just tested it. I checked forums discussing this issue from several years back until now still active (@ netgear forum) and problem is still there for v3 as well. You probably didn't test using same subnet as management, do this and report back. I dare to bet you can still access it.

@timrobertson8242

9 ай бұрын

I tested again and you appear to be correct. I have replaced my TP-Link with a D-link DGS-1100 that has an explicit lock down of the MGMT.

@TheCoolLama

9 ай бұрын

@@timrobertson8242Thanks for getting back to me so fast. I never heard of the D-link DGS-1100, but I've checked it quickly and it seems this should work from the datasheet and documentation, as you can specify the management interface's vlan under L2 features, so thank you very much for your fast reply, as this managed switch doesn't cost that much more than the tplink and netgear with their security flaws, so I've it on my list to order next (always looking for affordable managed switches that don't break the bank), excellent!

@Khundire

9 ай бұрын

I have a TL-SG108E v4.0 but not using VLANs at all (for the time being) and after seeing this video I also wanted to confirm this Admin webUI "leak". The first thing that crossed my mind is precisely that in the video ou keep Default VLAN1 on ALL ports (1-8). I went to my switch, added port 7 to another VLAN, removed port 7 from Default et voilá. No access to webUI (like supposed to). I have seen this comment being repeated all over youtube (other channels) and I would even consider buying another brand Zyxel if it wasn't the fact of already having this little TL-SG108E and being able to test it on the spot.

Thanks...this really helped...the PVID part was what I was missing....for home vlans.

Just picked the 4xPoE version up for a wireless bridge to detached garage with AC LR +2 PoE cameras. Thanks!

Great video I have been using one of these for a while now so far so good. They also make a poe version that I plan on buying.

Oh, man, my Netgear ProSafe "Smart Managed" GS116Ev2 has the same issue with the web management. It runs straight HTTP like the TP Link you reviewed; and I was able to connect to the web console from a different VLAN than the one hosting the switch's IP address like you did by just mapping a static IP address in the same range as the switch. Doh. For the moment I guess I'll have to make sure that my admin password (with no user id, BTW), is as complex as I can make it. Thanks for pointing out this deficiency in SOHO VLAN switches!

Love that "Rage against the virtual machine" sticker. :) My 10-year-old Dell 610 whomps on almost every hosted VM I've played with.

So informative and the explanations were clear. Thank you!

I know this is an old video, but I enjoyed watching it. Primo content. Thank you sir.

either terminal you use I loved the configuration and Linux which distribution? or how you customized?

Thanks for the great informative video. I have a question, on this switch I noticed that you did not remove port 3 from being a member of the default network, but on another video you did with a the Edge switch, you did. Is it just different for this switch?

Seems to be very similar to the Netgear GS108T, although the GS108T seems to have more features. The TP Link SG108E has very similar features and a more simple user-interface compared to the GS108T. The LAG, QOS and VLAN configuration is almost identical - including the VLAN and PVID settings being on two pages - which means it's super easy to lock yourself out of the switch. But the enhancements on the GS108T includes allowing you to set the VLAN that the management interface is on, which is one security issue you found on the SG108E.

good video i have this exact switch, however unable to get it to work with a cisco router with multiple dhcp pools setup. not sure whether its the router or the switch which is configured wrong it is not pulling an address from router.

I have two of those same switch. One is attached to the firewall with several devices in the livingroom and the second is in my office fed off one of the livingroom ports. How do I set the livingroom switch to trunk the VLAN's to the office and then how do I set the uplink port in the office to provide the VLAN's to the office? I cannot figure out how to push the VLAN's between the switches.

I'm a little surprised by that - D-Links DGS1100-08 (rev B1) doesn't have https support, but it's very good when it comes to being able to lock out the administration stuff from untrusted sources. I just don't like how limited the D-link is in it's setup (no lag support, but does have trunk aggregation support, but too many limits on configurations like vlans, and some other really confusing things in it's interface if your looking to set up physical port security, etc). It's not bad, but I out grew it extremely fast. Of the budget switches, it's def a step up in price, but honestly for small soho style managed switches for small networks, I find Netgears tiny GS108T (V2) switch to be a real gem. Anyways, thanks for the review!

great video, might pick one up to play around with vlans and get to know them

10:10 Have you tested Link Aggregation with Synology NAS? (DS 918+ etc.) with this switch?

Hello, I have an sg105E. I'm trying to configure the vlan. Port 1 ISP unttaged. I want to create two vlans the first one on port 2 and 3 and second one in ports 4 and 5 . Both vlans access the internet but the computer in one vlan cannot access the computer in the other vlan. I tried several ways, either one vlan loses internet or computers from different vlans fill up. Do you have any idea what I did wrong and how to do it? Thank you!

Shout out to you from a Solarwinds Engineer! Just noticed your sticker!!

@LAWRENCESYSTEMS

3 жыл бұрын

Hello there!

The management interface is weird though, you can't set on which VLAN it listens. So if you would have it between your router and modem for VLAN tagging, and have it pull its IP from DHCP, it could actually get a internet routable IP adress from your ISP. Or did I miss something obvious? Either way, I just set it to static. It's reachable without problems over HTTP/S, but the ICMP based monitoring is a bit flakey.. But for 30-40 bucks a no brainer. Works great.

i have the managed switch netgear GS308E v1 and it says its capable of vlan. however i keep trying to do vlans and nothing. devices are not getting ip address when adding the vlan ids on the switch, do you know if there is a known issue for this sw? im running pfsense virtually and have 2 ethernet ports, 1 as Wan and 2nd as Lan and connected to sw, all works but vlans

How do you actually get the vlans to communicate? I have vlan 1 / port 1 connected to my pfsense router, vlan 11 as my workstation and vlan 12 as my access point. From vlan 11, i cannot access the web interface of vlan 12. I have setup the vlans and firewall rules correctly in pfsense.

I just purchased this switch and it'll be in on Monday, but my question is, I'm going to be running pfSense, I was wondering if you could use this switch, along with a VLAN to bond two WAN connections together.

Sorry if this is mentioned in another video but what distro is this? I recognize Gnome but not the distro. Thanks in advance!

Nice security discovery at the end there. Worrying yes, I guess but it is ok for a home network.

I think the management interface is probably tied to the default vlan of 1 which is probably where your traffic goes since you statically changed the client's IP to a subnet other than what that port's Vlan is supposed to be on. Could be that is a vulnerability of the switch.

Hi, I really appreciate your videos. Do you have recommendations on high quality switches for a large size building with over 90 devices connected to (wired and wireless)?

Untagged traffic defaults to VLAN 1. So does all of your layer 2 control traffic. It's defined in the specification and covered on both the CCNA and Net+ certifications.

@SomeTechGuy666

2 жыл бұрын

So this switch is not suitable for connecting PCs to directly ? PCs generally send untagged packets. All untagged packets go to the VLAN1 group, which is every port on the switch ? Or how does that work ?

Probably a stupid question but if your having multiple dhcp pools for vlans. What IP addresses should you use for the AP, would they come under management VLANS? So for example if I had 192.168.10.0 network for management would I set IP address on ap part of that network.

it seems that 8021q pvid vlan settings is something cisco refers as "native vlan" = the vlan that will not be tagged in a trunk port

@phil.4688

4 жыл бұрын

This can be a little confusing because terms vary from manufacturer / switch software indeed. Afaik, it's security *gospel* that "VLAN Trunk ports should NEVER be on the native VLAN 1" (by "be on a native VLAN 'x'" we mean their PVID 'x' here), and as a corollary *"Thou shall NOT use native VLAN 1 for anything in prod."* Basically, the underlying idea is that Native VLAN 1 (this means, NO VLAN, it's the default / untagged VLAN) is insecure as an attacker reaching the switch would either reach it untagged or be able to untag itself from any VLAN header. This is why neither data (traffic passing through the switch) nor management (traffic aimed at administrating the switch) should ever be on VLAN 1. Obviously, neither should a trunk port. So take away, compared to Tom's video, where the Trunk to pfSense is Port 1: - PVID for this port should be some VLAN =/= 1, e.g. VLAN 10 named "LAN". - By extension, you'd put all the other used ports PVID to this "base" VLAN 10, and add them as "untagged" for VLAN 10 (do NOT add trunk ports to untagged anything otherwise you "break" the trunk on entry; only tagged traffic goes into trunk ports). This would ensure that all machines connected to the switch are on VLAN 10, never 1. Including pfSense and the Wi-Fi station, which would communicate over VLAN 10, not 1 (for instance if the wifi AP is set to DHCP for its own address, it would get an IP from pfSense's interface on VLAN 10 by default, since port 4 where it's connected, a trunk port, has PVID 10 by default). This means all ARP traffic, DNS, ICMPv6 etc is *always* on some VLAN, 10 by default, another one if specified. ____ You can go 1 step further for security. The management port (should you dedicate one) and IP of the switch itself could be entirely segregated, e.g. port 5 on VLAN 55 (no interference between "data" and "management" traffic, the latter (VLAN 55) never goes into data trunks (VLANs 10, 20, 30, etc). Such a setup is easy and doable with this $40 switch. It's imho the next best thing after "out-of-band" i.e. physically different network for management, using a dedicated VLAN and never sharing ports (you're just "spending" 1 port per switch or router for this. I think it's worth it in terms of security because unprotected switches seem like a low-hanging fruit for hacking bots afaik.

FYI. On the cable test. If your plugged in LAN Cable that has any broken strands then it will show up under cable fault. It tells you how far down the cable length you will find the broken aria so you can fix it. That is why it does not show under the cable fault when a working cable is plugged in.

@PankajSharma-ir7fb

4 жыл бұрын

Finally someone got the logic behind it.

Question, I got a TP-link TL-WA1201 access point that supports VLAN. I was assuming it would just work out the box without anything else. Now I think I actually need a switch to configure the VLAN protocols. If I purchase the TP-link TL-SG108PE V3 switch, will I be able to successfully set up a VLAN network/wireless network without anything extra like a Pfsense? Currently have : ISP Router/Modem >> TP-link Acces point.

do you indicate some low-power hardware with 3 port rj45 for pfsense? I would like a PC! the network cards already have!

would love a follow up video of this switch I bought this switch & have nothing but problems with vlan's on itI have pfsense setup & running as well. if I create a vlan 40 say it gets an ip from dhcp. gets on the internet but if I try to access anything on my LAN it craps its self and gives access copy errors galore. Firewall rules are basically allow all from anywhere for troubleshooting. What am I doing wrong? It does has the latest firmware. Is this a flaw in the switch of my setup??????? If I use a cisco switch it doesn't do it. cisco switch is 100mbit :/ :(

Congratulations on the video. In case if I want to make two trunk ports I could? One coming from my pfsense and the other going to another manageable switch?

I purchased a pre loaded pfsense box and I want to access it Lan port with a laptop. How do I connect

Been using these switches for yeeaaaars for small 5 and 8 port switches (Usually just get 8 as they are like 10 bucks more than the 5) and never had an issue ever with them! Probably used a hundred of them.

I've read on TP-Link site that this switch uses static link aggregation and not LACP.. So what corresponding setting should be used in FreeNAS link aggregation (Load Balance or Round Robin) and will the performance be worse than LACP..?? Also it would be helpful if you could make a video showing link aggregation using this switch with FreeNAS.. Thanks..

Awesome. ive been looking for something managed and very cheap. Great that it has LAGG and VLAN and QOS. I will be buying one of these. To use between my PFSense and FreeNAS boxes and my desktop. That way all 3 can have 2 connections, and still have 2 ports for the rest of my network

@mrlithium69

6 жыл бұрын

Also, Subbed. Nice to see a fellow networking geek. You really seem to know your stuff

Great video, I am experimenting with networking and have collected a mix of devices, this one looks good for its price.

I know this is old, so I am going to apologize beforehand about bringing this up again. I tried setting the VLANs just as you mentioned here (I had one of these with hardware V.4 used as a dumb switch) but the moment I set port 1 (from my PFSense) to VLAN 55 Tagged and Port 8 to VLAN 55 Untagged (that's my Wyze cam outdoor hub) every VLAN stopped working on my Aruba AP 22s, they all lost connection to the internet. I left all other port as "Not Member" just to test that port 8 would assign an IP to the Wyze hub, but that never took. Any suggestions? I'm completely lost here.

Towards the end of the video I tried to vlan hop as well. Maybe they patched it? I can't ping the IP or get to the web interface configuration page like you did on port 8 with your laptop.

Would like to know if TL-ER6120 from tp-link is any good for using as main router?

Thanks Tom, I have been glued to your channel for the last month as I'm just getting acquainted with pfSense. Are you configuring pfSense handle the vlans and firewall rules? (I'm using the TL-SG2016P Managed PoE Switch). Or should I be using pfsense just for the WAN and LAN firewall, VPN, PFBlocker etc... and using the switch and controller to manage my VLANs and related firewall rules? Thank you!

@LAWRENCESYSTEMS

4 ай бұрын

Firewall rules in pfsense

Thanks! If only I would have found this video 8 hours ago...

just bought and got the v4 hardware and it does not include the shiny box.....dammit

Going to the way back machine for this one. I have been using your videos to get acquainted with myself pfsense. I was looking for something inexpensive but with updated firmware an got the V.4 16 port version of this switch (TL-SG1016DE). So far does ok just set it up on my laptop with static IP on the same subnet. Plugged it in switched cables from 16 port dumb switch and away we go. Backed up the config before reboot but it held config. I will be doing VLANs next. I have pfsense with 4 port Intel nic with one as WAN from Cable provider and 2nd one to LAN. Any suggestions out there on how to manage the VLANs on this sort of setup? Welcome good advice. I already read all of the replies-comments here to this video so anything new would be great! Thanks Tom for all the informative videos and to the community for their great comments!

Hi Where can I get stickers like the ones on your notebook?

It seems that port 7 and 8 are "untagged" for both vlan 1 and 30. That might be the reason you can ping 192.168.1.2. Try to mark port 7 and 8 as "non-member" for vlan 1 to see what will happen.

@Printcrashrepeat

6 жыл бұрын

I'd like to know the same thing, or move management to another vlan besides 1.

@schossel

6 жыл бұрын

I have a Zyxel switch and that was my first thought, too. It's the same there, you set your pvid etc. but if you don't want the default net to be able to reach the management, you have to unmember VLAN 1 for these ports. I think this is a universal thing and nothing special or is it? As far as I know, Zyxel even mentions this either in the manual or in one of their youtube videos.

@timstallard468

6 жыл бұрын

I'm not familiar with this exact switch, but it appears to be very similar to the equivalent Netgear product (the GS108Ev3), and I suspect it may use the same chip. On the Netgear at least, the management interface is available on any untagged port, regardless of the pvid and tagged/untagged setting on VLAN1. This also means that ethernet frames with a VLAN tag of 1 will not be treated as management traffic, which can cause issues if you intend to tag all of your VLANs on a link back to a router and then manage the switch from another VLAN, for example. You end up having to leave VLAN 1 (or whatever is your management vlan) untagged, and every other VLAN tagged. I ended up replacing that with a GS108Tv2, which has support for management on a VLAN, SNMP, 802.1x etc as mentioned in another comment.

@GavinPeters

6 жыл бұрын

It makes no sense to me to be able to have more than one untagged VLAN on a port. However I agree that the Management access 'issue' is linked to this.

@IvanHall03041986

6 жыл бұрын

I know that you are right, I had the same issue occur on a netgear - if you have multiple untags, it actually bBRIDGES the vlans _ i was super confused until I remembered it wasnt a fully managed switch. where ACCESS/UNTAGGED explicitly means only = 1 vlan on the interface

I am generally happy with these but I had gotten the 24-port PoE model for a project and found a couple of disturbing things. There was not anywhere to change management VLAN or default from PVID1 and to top it off the switch would allow access from any VLAN *and* someone had found that ALL MANAGEMENT TRAFFIC WAS BROADCASTED ... in all VLANs (wtf?). Ive yet to verify that one but if securing management interface is important, look at equivalent Zyxel or Netgear switches. Then it would not accept alphanumeric characters into login passwords (I hate it when devices don't allow that)

The NETGEAR GS308E VLAN config works the same way like this. I tried everywhere and could not figure it out. This video was very helpful.

@cornellrpgdrums

Жыл бұрын

i have the same netgear sw and unable to do vlans, did you find a way?

@demabkr

Жыл бұрын

@@cornellrpgdrums yes I did.

Did you try rebooting the switch? Perhaps the VLAN hopping was due to caching of the MAC address.

I use their 8 port non-managed gigabit switch and it has been working extremely well!

@pratwurschtgulasch6662

3 жыл бұрын

i would not even bother with unmanaged switches these days, the cost is about the same but you get so much more out of a managed switch, just saying.

for home network is better this switch TL-SG108E or TL-SG1008P? First one is cheaper - 28 euros, second - 57 euros. desktop model looks better and ports are in back, which is better too, but doesnt have easy smart function....

It's my understanding that LAG only reduces congestion by allowing for more simultaneous transmissions. It does not increase speed.

Lag. So can you lag ports 1 and 2. Both of those lines go to the router as redundancy?

I have same switch but seems that I can ping vlan devices and all but no internet connection if connected to wifi access point as that's what I have set up for my vlan.

is the link aggregation function the standard IEEE 802.3ad?

HI, thanks ... whats the difference between sg108e & sg608e?

I have learnt so much from you. Thank you

Thanks mate! the video is way less complex than all other out there.

Can these be powered by PoE? or are the PoE versions just for powering PoE devices?

Would it be the same to hook up the tp-tl sg2008p in the same way?

Great job. Happy New Year.

@xenonwx

5 жыл бұрын

Stephen Douglas why are you verified

It is common for switches without "management vlan" option to allow traffic to the management IP on all vlans. It is more of a feature, especially for an office switch. Even when the pvid of 1 is not there .. It could be worse, you could have a Catalyst that forwards any traffic with destination port 179 to the management CPU.. That is fun ..

@Khundire

9 ай бұрын

To my understanding Default VLAN is the one that gives access to Admin WebUI. It sort of makes sense to not be able to removed it but you can configure it and limit which ports have access to WebUI. From the other small business/home switches I have seen so far I would still go with TL-SG108E.

I thought I did the same exact step as you, but when I plug my PC into port 8, it fails to get an IP address. I have everything setup correctly, the same as you, with the exception of my VLAN IP, it's .50 instead of .30, .30 is actually my regular lan. I also have a wifi network that's supposed to be using VLAN 50 and my phone is also failing to get an IP address.

Could the router be the cause of vlan hopping? Couldn't we set up a firewall to prevent the vlan hopping?

the issue with 192.168.1.9 being able to ping the man interface is a feature called untagged management found in a lot of switches.. most only work in the first port.

I have an application where I'd like to have devices, lets say 4 devices, set for DHCP each plugged into its own port on a switch/DHCP router and it would be the only device on that port. I would like any DHCP device I plug in to a specific port to always get assigned the same IP address from that port. Essentially, I need to be able to set the DHCP range to a single IP address per port and all devices need to be able to talk to each other between ports. Can I do this with this switch, or comparable, using VLANs and DHCP? If not, what budget friendly device would allow me to do this? Hopefully my desired application description made sense.

the cable fault distance would help to find broken cable (based on the length where it ended)

Would have been more interesting if you had verified the actual through put and total bandwidth of the switch as well .. Why? I have had some of these small switches that aggregated 1GB connection overrun the baseboards capability.