- Community Home
- >
- Networking
- >
- Wireless
- >
- M and MSM Series
- >
- MSM 760, VLAN and Radius
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2011 09:44 AM
08-15-2011 09:44 AM
MSM 760, VLAN and Radius
Hi,
We are working on a setup which in all likelyhood is very basic.
Hardware:
Controller: MSM 760
Radio: MSM 430
Switch: 5406 / 2910
Radius: Windows 2008 R2 (NPS)
What we need to configure is the following
2 distinct SSIDs (SSID101 and SSID102) each on different VLANs (101 and 102). Both VLANs are private VLANs.
1 user group (Group101) needs to have access to just VLAN101
1 user group (Group102) needs to have access to both VLANs
Firewall duties is handled elseware and shouldn't take place in the MSM products.
What we have so far
1. MSM 760 LAN port untagged on the regular server VLAN (VLAN50)
2. MSM 430 APs untagged on various wired VLANs (1020, 1021...)3. 1 SSID with dynamically assigned VLAN (Radius)
4. Radius doing authentication based on group membership and assigning VLAN (101 or 102)
5. VLAN 101 and 102 tagged on switchports in the ProCurve 5406/2910 connecting to the APs and the MSM760 LAN Port
We would much rather have
1. switch ports for APs untagged with just a dedicated management VLAN
2. use "client data tunnel" to tunnel all data from APs to controller
3. Combination of SSID (Called-station-ID) and user group determine if access is allowed
I just can't wrap my head around the correct way of doing this. I've read the MSM Implementation guide a couple of times, but can't seem to get any closer to a working setup and would very much appreciate some assistance.
Sincerely
Mikkel
- Tags:
- VLAN