HPE Community
Aruba & ProVision-based
1753505 Members
4813 Online
108794 Solutions
New Discussion

Creating VLANs within a switch to allow 802.1x authenication and DHCP trafic?

 
Jason_Tan
Occasional Contributor

‎05-06-2011 07:10 AM

‎05-06-2011 07:10 AM

Creating VLANs within a switch to allow 802.1x authenication and DHCP trafic?

Hi,

 

I got a design question.

 

Refer to the network diagram.

 

 

Customer environment

-----------------------------------

 

- Flat vlan for existing 192.168.1.0/24 segment, using L2 switch only.

- machines are runnng on static IP address.

- Win2k3 domain

 

 

Objectives

---------------

 

a) Access Point would have 2 SSIDs. One for guest, via WAP. Another for staff, using 802.1x authenication. Guest user are not allowed to access LAN.

 

b) Guest users would get their DHCP scope from SSG20 while staff wireless would get theirs from Exchange server

 

 

Proposed action plan

--------------------------------

 

a) Attach the new Procurve uplink port to ethernet1/ DMZ zone. Hook up AP to the new switch. Leave the switch configuration as default.

 

b) Setup AP and SSG20 as RADIUS clients.

 

c) Setup Exchange server as the RADIUS server

 

d) Create a new DHCP scope on the Exchange server, using the existing 192.168.1.0/24.

 

e) On the SSG20, I create a rule allow AP to talk to Exchange, protocol any.

 

My main concern is, do I need to setup VLANs in the procurve 2910 switch? As for the uplink port and port that connect to AP, do I make them into trunk mode?

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.