VLANs provide a powerful means to connect to separate address spaces for security and the isolation of traffic. Managed networks provide VLAN capability. Assuming you have created one or more VLANs on your managed router, there is an easy way to connect to them.
A normal switch port is normally set to the “ALL” profile meaning that you can connect to any VLAN on your network even though your PC may have a single ethernet adapter and a single wire leading to your switch. VLANs create many networks on the same wire.
There is an advanced connection editor in Linux that is installed usually by default, but if not:
sudo apt install network-manager-gnome
From a terminal:
nm-connection-editor
This brings up the connection editor.
You can see from this screen that I don’t have any VLAN connections. If I press the “+”, the connection editor gives me the ability to add a new connection.
The drop down above list all the types of connections that you can create.
So, for example, if you have a Unifi Switch port set to Profile “ALL” then your PC ethernet port can have a device that can access that VLAN.
In my case, VLAN 50 is my Labnet VLAN.
I then have a VLAN device for my PC to connect to tagged VLAN 50.
If I go to a terminal and list my network interfaces, you can see it.
Notice how “Labnet” got an address in the VLAN 50 address range at 192.168.50.112. The LABNET VLAN 50 runs through the same “enp4s0” device as my untagged VLAN which gave my PC an address of 172.16.1.224. I can now have programs that direct traffic to either ethernet interface.
Internally this VLAN 50 interface would be specified as “enp4s0.50” as the tagged VLAN.
I could remove the interface by going back into connection manager, highlighting LABNET and pressing the “-”.
When you connect your PC to an ethernet port on a managed network, by default the network interface connects to the untagged VLAN unless you have changed the port profile to a particular VLAN. If the port profile is set to “ALL” then a PC interface connected to it can potentially connect to any VLAN by following the procedure above.