windows

Passing VLANs through in Windows 10 (Realtek)

Laurie Kirkcaldy

2 min read
  • NB, this guide is specific to the realtek series of networking cards *

Let's say you have a managed switch or two and you want to be able to connect things on your computer onto a different VLAN. Normally you would have to have a seperate NIC on your computer to tie into an untagged VLAN port on the switch, however you can setup a virtual NIC within windows that takes tagged packets coming in off your main interface!

Step 1

Setup your managed switch to send tagged packets of the VLANs you want to access onto your computer. This varies from manufacturer to manufacturer but in the case of our 3Com switch, you set the port as a 'Trunk' port allowing tagged packets to be sent down it.

3Com Screenshot

It is also important to verify that the port's PVID is 1 (or whatever VLAN number your main network is). This allows any untagged packets coming from your computer under normal cases to pass onto your LAN.

It should also be possible to connect this trunk port through an unmanaged switch and then your computer, but I haven't completely tested this yet.

Step 2

Your computer is now receiving some VLAN tagged packets, but is rejecting them. For realtek network interfaces, download the tool from their website here.
Browse to your interface, select VLAN and then click add typing in the number of the VLAN you want to receive on this interface. The utility will hang for a few seconds and your network adapters will drop and reconnect with a new interface!
Realtek Diagnostic Utility

Now you have an extra interface, but windows will probably decide to send most (if not all) your traffic over this newly created interface. To fix this, we can set the priorities of the network interface.

  1. Open up 'Network Connections' (in windows 10 easiest shortcut is Win+X -> Network Connections).
  2. Open properties on your normal interface
  3. IPv4 Properties -> Advanced
  4. Uncheck Automatic Metric and type in 10
  5. Close and Save all the windows and now do the same for the new VLAN interface but with a metric of 20

This gives a lower priority to the VLAN interface and sends your traffic properly over your main interface (untagged).

Disabling your main interface will also disable the VLAN interface, to test something on the VLAN, simply set the VLANs metric to a lower number than your main interface.