M and MSM Series
cancel
Showing results for 
Search instead for 
Did you mean: 

MSM710 Multiple VSCs

 
Highlighted
cemberus
Occasional Visitor

MSM710 Multiple VSCs

Dear All,
We have two seperate VLANs. One for LAN and one for Guests. These two VLANs can not communicate each other. VLAN for Guests has its own seperate Internet router.
We have 7 MSM310 wireless APs and one MSM710. What we wanna do is propagating these VLANs from MSM710. If a client is authenticated by MAC based authentication, it should be directed to LAN. If client is not authenticated, it should be directed to Guest VLAN.
Our network switches have MAC based authentication as well. If a MAC is authenticated by RADIUS, it is being redirected to LAN, if not it is being redirected to Guest VLAN. I would like to configure something similar on wireless network.
I created one VSC for LAN and configured it for MAC based authentication. This VSC is working as expected. Now, I have to create one more VSC and redirect it to Guest VLAN. I have created it already and selected broadcast SSID but our wireless clients can not discover or see it. What should I do to accomplish above scenario?
Thank you very much for your help and support in advance,
Best Regards...

 

 

 

P.S. This thread has been moved from Communications, Wireless (Legacy ITRC forum) to MSM Series. - Hp forum Moderator

2 REPLIES 2
Highlighted
cemberus
Occasional Visitor

Re: MSM710 Multiple VSCs

Hello Again,
Becasue I didn't bind Guest VSC to AP group, SSID was invisible. Once I did it as below, everthing is working fine now.
Binding VSC to AP groups:
1-Select related AP group at the left of the screen under the Controlled APs,
2-Click the VSC bindings tab,
3-Click Add New Binding button,
4-Select related VSC profile from the dropdown list, type VLAN ID to Use Egress VLAN textbox,
5-Click Save.

After above settings, both of the VSCs are visible now and in use. Let me explain what did I do make my scenario works fine in detail:
Network Settings:
*I connected LAN port of the MSM710 to a port which is untagged to LAN and tagged to guest VLAN
*I connected Internet port to a port which is tagged to both LAN and Guest VLANs
*I created two VLANs for LAN and Guest VLANs for Internet port with IP address under Network - Ports menu

VSC Settings for LAN:
*I used default VSC and renamed it as LAN
*No ingress VLAN
*Engress mapping for authenticated is LAN
*Authentication is MAC based authentication
*I have already a configured RADIUS server and used it
*In the VSC binding screen I didn't select egress mapping

VSC Settings for Guest:
*I created a new VSC for Guest
*No ingress VLAN
*Engress mapping for authenticated is Guest
*Authentication is WPA or something different
*In the VSC binding screen I select Guest VLAN for engress mapping

AP Connections:
*All of the APs is connected to ports which are tagged to both VLANs

How to connect:
*If MAC address of client computer's wireless adapter is configured in Active Directory, client computer is being connected to LAN if not connected to APIPA,
*If user wants to connect to Guest network, simply select Guest Wireless network SSID and type WPE shared key then connects to Guest network.

Hope it helps to you,
Regards...
Highlighted
adnano
Frequent Visitor

Re: MSM710 Multiple VSCs

Hi.

 

My name is Ado, and I'm from Sarajevo. I have a very similar problem, and that is to set the MSM710 to enable these goals: 1)Separate O&M (L3 O&M) on L3 or in the separate VLAN 2)Separate wireless user traffic on differenet VLAN from O&M. 3)Configure more VLAN's for more SSIDs and separate them from O&M traffic. 4)Wireless traffic must be set up as a distributed, where only management traffic goes through WLAN controller, and wireless traffic goes from AP directly to ethernet part of the network. I'am kindly ask you to help me to configure (step by step) network elements for tasks from 1)-4) which are showed on a scheme from the attachment. also I would kindly ask to explain me how to possibly configure network elemenets on the scheme from attachment to enable: 5)wireless traffic come to LAN port of the controller with tag 3754, and to exit WLAN controller on Internet port with tag 2068. How to set up the client data tunnel. For all of these tasks from 1) - 5), I'm using external RADIUS/DHCP server. I've read what is written on this topics and that you resolve this, but I still can't find out how you actuall configure access point, switch, wlan controller, and how to configure dhcp external server in my case. So, I need your help to configure everything what is needed so i kindly ask to provide me with detailed step by step configuration.

 

thx in advance, best regards, ado