1. VLAN
1.1. How do I configure VLAN when Cyberoam is deployed in transparent mode?

Applicable version - v 9.5.0 build 21 onwards

To configure VLAN in transparent mode, you must add VLAN ID from CLI console.
  1. Logon to CLI console with the default password.
  2. From the Main Menu, go to option 5 VLAN Management > option 1 Add VLAN ID. Please note, VLAN configuration menu will be visible only if Cyberoam is deployed as Bridge i.e. transparent mode.
  3. Screen displays total number of VLANs configured and their VLAN IDs and will prompt to specify new VLAN ID. VLAN ID can be any nymber between 2 to 4094



1.2. Is it possible to deploy Cyberoam as Bridge between two trunk ports and scan VLAN traffic?

Yes, it is possible to deploy Cyberoam as Bridge i.e. transparent mode between two trunk ports and one can also apply content filtering policy, virus and spam  policy and Intrusion prevention policy to VLAN traffic.
 
Configuration steps:
  1. Deploying Cyberoam as Bridge
  2. Define VLAN ID for the bridge interface from CLI console
  3. Apply filtering and scanning policies. If policies are defined before defining VLAN IDs, VLAN traffic will be dropped.
1.3. Does Cyberoam preserve VLAN tags in transparent (bridge) mode?
 
From version 9.5.4 build 16 onwards, VLAN (Virtual LAN) tags are preserved even when antivirus scanning, spam filtering and web filtering using Internet Access Policy (IAP) are applied to VLAN tagged traffic in Bridge mode.

In the earlier versions, VLAN tags were not preserved when scanning or Internet Access Policy was applied on the traffic.

 
Document Version: 1.0-29/02/2008
1.4. Does Cyberoam scan all VLAN Traffic?
Applicable to version 9.5.x.x. onwards
Yes, if the VLAN traffic passes through Cyberoam, all the protocols are scanned.

All the UTM functionalities are also applicable in case of all inter-VLAN communications passing through Cyberoam.
 

Document Version: 1.0-24/09/2007
1.5. What is 802.1q specification in VLAN?

The IEEE's 802.1Q standard was developed to address the problem of how to break large networks into smaller parts so that broadcast and multicast traffic can not grab more bandwidth than necessary. The standard also helps provide a higher level of security between segments of internal networks.

The 802.1Q specification establishes a standard method for inserting virtual LAN (VLAN) membership information into Ethernet frames.

1.6. Are Cyberoam CR series Appliaces VLAN 802.1q capable?
Yes, all CR series appliances are VLAN capable.
1.7. Does Cyberoam support VLAN construction in both the deployment modes?
Cyberoam supports VLAN constructing VLAN trunks between an IEEE 802.1Q-compliant switch (or router) and the Cyberoam appliances only if Cyberoam is deployed in Gateway Mode.
1.8. How many VLAN subinterfaces are supported by Cyberoam?
Cyberoam supports 4096 subinterfaces.