- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- Re: Configure VLAN in Aruba 2540 Switch
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-05-2019 08:22 AM
тАО11-05-2019 08:22 AM
Configure VLAN in Aruba 2540 Switch
Hello,
today I want to create my first VLAN in Aruba switch, but I need some kind of help.
My environment:
Router, Switch1, Switch2, some Unifi Access Points
I need for the unifi APs a guest network (192.168.1.0), which is seperated from main network (192.168.0.0).
The router has 2 interfaces with both networks and both are connected with Switch1 (Port 1+2). Switch1 has fiber connection to Switch2 (Port 25). Unifi APs are connected to switch2. (Port 23+24)
First I create in Switch2 a VLAN (ID2) with (Port 23 + 24). Then I create in Switch1 a VLAN (ID2) with Port 2 (guest network)
Primary VLAN is the default, no management VLAN is configured.
What I need to do in next step?
Goal: Both unifi APs should connected the router guest network without seeing any other device. The router is dhcp server for the guest network.
I hope that somebody could support me a little bit
Greetings
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-05-2019 05:47 PM
тАО11-05-2019 05:47 PM
Re: Configure VLAN in Aruba 2540 Switch
Hello Daniel,
I think a similar setup for a PoC with Ubiquity UniFi AP (I've done one exactly yesterday although without a proper WiFi for Guest) would be setup by permitting the Router to be the IP Router device for your network (that's to semplify things a little bit):
- Your Router will perform IPv4 Routing for all your VLANs
- Your Router will own the ownership of VLAN's SVI (it means that each VLANs will have its IP interface on the Router LAN's sub-interface, in other words your Router will be the Default Gateway on each VLAN's Subnet)
- VLANs needs to be defined on each Switch
- The downlink between your Router LAN 1 will carry all VLANs except for VLAN dedicated to Guest-WiFi SSID (See below)
- Uplink port to Router LAN 1 on the Switch directly connected to your Router will be a tagged member on all those VLANs (you can remove the Untag on VLAN 1 Default since, basically, VLAN 1 will not be used)
- The downlink between your Router LAN 2 will carry only VLAN dedicated to Guest-WiFi SSID
- Uplink port to Router LAN 2 on the Switch directly connected to your Router will be tagged member on just that VLANs (you can remove the Untag on VLAN 1 Default since, basically, VLAN 1 will not be used)
- Switch ports where WiFi AP are going to be connected need to be configured as untagged member of a "WiFi Management" dedicated VLAN id y (to over semplify it can be the very same VLAN id in which you're going to deploy your wired Clients, as example) and tagged member of any other VLAN dedicated to your WiFi SSIDs (example: Trusted-WiFi SSID will bind to VLAN Id x and Guest-WiFi SSID will bind VLAN id y)
- the above step (8) will require you configure LANs on Ubiquity UniFi APs to cope with that VLAN assignments (VLAN id x and VLAN id y)
- Inter-Switch link (Up/Down-link) between Switch 1 and 2 need to carry all VLAN Ids (so involved ports on both ends need to be tagged member of all VLAN ids you defined on your Router
- All VLAN ids you defined on your Routers need to be also defined on each involved Switch (here I consider both Switches as Layer 2 extensions of LAN1 and LAN 2 so Switch 1 and 2 are basically equals).
- Access ports (except those reserved for Uplinks and WiFi APs) clearly need to be untagged members of VLAN id dedicated to your wired clients
- All clients need to be configured (statically or via a DHCP Server) to have Default Gateway the respective VLAN id IP Address defined on the Router and the Router needs to have routes to let the traffic back (and between, if required) VLANs it manages (except for Guest-WiFi dedicated VLAN, it doesn't partecipate to inter-VLANs routing since it should be "logically" isolated).
That would be an approach and, clearly, your mileage may vary significantly.
Personally I approached enabling the IP Routing on one of our PoC Switch and using a Transport VLAN /29 to uplink to a Router (which is instructed to route back to our VLANs behinds our Layer 3 Switch acting as the LAN's router)...that's very similar but all the VLAN SVI (IP addressing) is set on that "router" Switch...and the rest is pretty much similar (connected Switches are just Layer 2 extensions from that "router" Switch. As written we haven't a Guest-WiFi so we didn't worked to carry it VLANs directly to the router through another physical uplink (as you want to do).
Technically you would also reach the same target by using just one LAN on your Router (LAN 2 is not strictly necessary) since you can carry WiFi-Guest dedicated VLAN packets tagged directly to it and let it to policy inter-VLAN routing and NAT to your ISP.
I'm not an HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-05-2019 09:51 PM
тАО11-05-2019 09:51 PM
Re: Configure VLAN in Aruba 2540 Switch
Good morning from Salzhausen in Germany,
I will try in some hours to implement your solution. Thank you very much for your detailled guidance. Its my first vlan, so I am a little bit unskilled
Greetings
daniel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-06-2019 03:59 PM
тАО11-06-2019 03:59 PM
Re: Configure VLAN in Aruba 2540 Switch
Hi Daniel, no worries...we're here to help so do not hesitate to ask further support.
I suggest you to first plan VLAN id, then their SVI (IP interface of each VLAN which will be routed by the Switch) and tagging pattern of involved ports (uplink to Firewall, uplink between Switches, access ports for VLAN-unaware hosts, etc.) and you will have 80% of the challenge already covered.
I'm not an HPE Employee