HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

Dynamic vlans on Switch 5412zl

 
Rezart_gr
Occasional Contributor

Dynamic vlans on Switch 5412zl

Hi

 

I am trying to implement dvlans on our network. My goal is unauthorized users-guests to be moved to another vlan with restricted access. The unauth users are indeed moved to the intended vlan, but they fail to get a dhcp address albeit I have set a scope in my dhcp server.

Networking is a new challenge for me so I might miss something. Please any help or advice to reach my goal would be much appreciated.

 

Thank you,

Rezart

2 REPLIES
Per-Erik Halvardsson
Established Member

Re: Dynamic vlans on Switch 5412zl

Hi

 

You should look at the PCm+ and HP Identity Driven Manager.

http://h17007.www1.hp.com/us/en/products/network-management/HP_PCM_Plus_Network_Management_Software_Series/index.aspx

 

http://h17007.www1.hp.com/us/en/products/network-management/HP_Identity_Driven_Manager_Software_Series/index.aspx#tab2

 

SNAC is a  nice feature.

But be sure to check if your HP switches are supported by PCM+ and IDM.

 

If you have switches and/or WiFi from different vendors, why not look more into Microsoft NAP.It's quite easy to setup.

Look at the "Step by step" guide lines.

http://technet.microsoft.com/en-us/network/bb545879

 

You can also integrate Microsoft NAP with HP PCM+ and HP Identidy Driven Manager if you have these products.

http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c02641893/c02641893.pdf

 

Kind regards

Per-Erik

Rezart_gr
Occasional Contributor

Re: Dynamic vlans on Switch 5412zl

Hi Eric,

 

Thank you for your reply.

We have two 5412zl switches, one that the desktops connect and one at the datacenter connected to our firewall. My goal is to distinguish the unautheticated users at the port level of the first switch, deny him access anywhere on my network, drop him on a specific vlan, give him a dhcp address and just give him access to the internet (through the second switch). We are using NAP and NPS, but as far as I can see it gives you the ability to check only autheticated users.

As for now the unauthenticated user, after authetication failing is dropped to the specific vlan but then fails to get a dhcp (although I have set to that vlan to specifically ask my dhcp server) and then fail to move anymore.

I am pretty sure that I miss something simple on my switch..

 

Thank you for your advice in advance.

 

Best,

Rezart


Per-Erik Halvardsson wrote:

Hi

 

You should look at the PCm+ and HP Identity Driven Manager.

http://h17007.www1.hp.com/us/en/products/network-management/HP_PCM_Plus_Network_Management_Software_Series/index.aspx

 

http://h17007.www1.hp.com/us/en/products/network-management/HP_Identity_Driven_Manager_Software_Series/index.aspx#tab2

 

SNAC is a  nice feature.

But be sure to check if your HP switches are supported by PCM+ and IDM.

 

If you have switches and/or WiFi from different vendors, why not look more into Microsoft NAP.It's quite easy to setup.

Look at the "Step by step" guide lines.

http://technet.microsoft.com/en-us/network/bb545879

 

You can also integrate Microsoft NAP with HP PCM+ and HP Identidy Driven Manager if you have these products.

http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c02641893/c02641893.pdf

 

Kind regards

Per-Erik