Comware Based

Re: Configure default ports for vlans

Garett Montgomery
New Member

Configure default ports for vlans

Is it possible to configure default ports for vlans? I'm trying to send all traffic with a particular vlan to an ips/ids (set to promiscuous mode - I.e. No ip address). Using 3com 5500, but open to recommendations for hardware.


P.S. This thread has been moved from Switches, Hubs, Modems (Legacy ITRC forum) to Comware-Based. -HP Forum Moderator

Diego Castelli
Trusted Contributor

Re: Configure default ports for vlans

I think u mean with 802.1x, right?

It's possible to configure the behavior of the switch to push all the unauthenticated clients to the guest vlan.

Then you can do redirection three ways:

1)ARP poisoning in the guest vlan.
2)Separate guests in that vlan and set (by using DHCP) the GW for other vlans to be your IDS host (that is multi-homed).
3) Use some sort of ARP rewriting feature that i heard about on 3com switches, but i don't remember anymore.

I think the more fast/effective is ARP poisoning on the guest vlan.
Diego C.

MS MCSA Server 2003

HP Accredited Integration Specialist