Aruba & ProVision-based

VLAN Question with Sonicwall Sonicpoints

 
Rumrunner
Occasional Visitor

VLAN Question with Sonicwall Sonicpoints

Hi All,

 

I am having an issue with some ProCurve 2510G switches and a Sonicwall with SonicPoint radios / AP's.

I have a bunch of VLAN's configured for wired networks and all is working great except...

 

I have a sonicwall physical port (x5) configured for their WLAN zone and it has four sub-interfaces configured

as vlan's for the  virtual AP networks. The phys port x5 and the AP's all connect to the ProCurve ports that are marked

as untagged in their respective vlan (WLAN on the procure)

 

I am running with GVRP off and using port based vlans.

 

The AP's see the sonicwall just fine but the clients are unable to receive DHCP from the internal sonicwall DHCP server for their zone. If I directly connect the sonicwall to the AP than it works just fine. Packet dumps on the sonicwall show that it never receives the DHCP request so I smell a vlan config issue.

 

Do I need to configure the sonicwall's vlan ID's on the procure also and then run the WLAN in tagged mode?

The radios and firewall port are all on the same physical switch.

 

My understanding is that the untagged should pass ALL traffic regardless of what it came in as (tagged or not).

 

Any other ideas?

 

Thanks in advance!

 

Rumrunner

 

 

2 REPLIES 2
Chrisd131313
Trusted Contributor

Re: VLAN Question with Sonicwall Sonicpoints

Hi Rumrunner,

 

It realy depends on how your APs are configured. Are you statically setting the VLANs on the AP for each WLAN? As an example, I have APs which I use for Business LAN and Guest LAN. Busines LAN connects back to the untagged VLAN on my switches and the Guest VLAN has a statically assigned VID which is tagged on the AP switch port.

 

Business LAN - VLAN#11

Guest LAN       - VLAN#12

 

AP Switch port - VLAN#11 untagged, VLAN#12 tagged.

 

AP Config - Business LAN - Network default (VLAN#11).

                   - Guest LAN - Static VLAN assigned (VLAN#12).

 

So as you are using sub-interfaces on your firewall you will need to setup the same VLAN ID on the switch that you want the DHCP to run on and tag the port that the AP is connected to to this VLAN. That should then do the job.

 

If this doesn't work, please post your switch config and sub-interace config so we can look at it in a bit more detail.

 

 

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
Rumrunner
Occasional Visitor

Re: VLAN Question with Sonicwall Sonicpoints

Thanks Chrisd,

 

Each AP has multiple virtual AP's (vlans) and they are defined on the sonicwall's x5 port) and they will pass back through the firewall and its rule base to access any inside services etc. 

 

I believe you are correct and I will test this in a few weeks (the site is a 2 hour drive away and no qualified on site people to move cables for me ...)  

 

I will create matching VLAN ID's on the switch and tag them in the switch to match the sonicwall.

 

Thanks!

 

Rumrunner