What I wanted

I needed to get back into the configuration page for my Netgear ProSAFE Plus switch so I could keep tuning VLANs without pulling my Mac off its dedicated network.

The environment

  • Netgear ProSAFE Plus
  • Fiber Gateway
  • Netgate 6100
  • VLAN
  • pfSense

The approach

I worked through the likely causes one by one instead of changing everything at once.

  1. The switch was not receiving an IP address because of bridge mode. I checked whether it had no IP at all or had fallen back to a default address that did not match my Mac’s subnet. Since my Mac is my management path into the switch, that mismatch mattered immediately.

    I connected the switch behind the router and assigned it a static IP that matched my Mac’s subnet. That worked, but it still required stepping outside the VLAN setup I actually wanted to keep.

  2. My Mac was on a different VLAN. Because my Mac’s traffic was tagged differently from the switch’s management interface, the packets never reached it. That was the part that finally clarified the problem for me.

    I temporarily connected my Mac directly to the switch on an untagged port so both devices were on the same subnet. From there, I could verify the real issue and work backward toward the VLAN layout I wanted.

The setup

  • I moved the switch behind the firewall
  • I made sure the Mac could reach the switch on the correct subnet while still keeping internet access available
  • I manually configured a Mac IP on a separate network interface that matched the switch subnet, just to keep management access predictable
  • That gave me the access pattern I actually wanted

What broke or surprised me

The surprising part was how completely VLAN segregation did its job. Once the management interface lived on a different network than my Mac, access simply stopped. It was a good reminder that segmentation is not just a design idea; it changes what is reachable in very concrete ways.

What I’d do differently

If I were starting again, I would document port assignments and management subnets much earlier. Writing down which port belongs to which VLAN would have saved a lot of unnecessary guessing.

Where this fits in the system

Reliable switch management matters because it lets me keep refining VLAN placement without turning every network change into a recovery exercise.