MSM760 - allow a single VLAN to the internet

Gregory Dickinson
MSM760 - allow a single VLAN to the internet


I'd like to know if what I'm trying to do is even possible, and if so the best way to go about it.

What I have is this: an MSM760 controller running approximately 20 MSM422 APs. I use the controller basically to sync config and firmware on the devices, I don't do anything too fancy right now. The school is wanting to set up a "teacher" VLAN that only the staff has access to. I've set up the VSC with VLAN egress settings for the proper VLAN, and the traffic is tagged and goes through the firewall on the proper VLAN interface.

Now the Tech Director wants to make this particular VLAN "unfiltered" - basically bypassing the firewall and proxy server and go straight to the internet. I'd like to do this through the MSM760 - have the internet traffic go out the internet interface (currently disconnected) and pass all the private network traffic to the firewall. Is this possible?

Trevor Commulynx
Re: MSM760 - allow a single VLAN to the internet

Yes you can do this. just connect you internet port to where you want it to go out bound. I always out it into a DMZ or subinterface on my firewalls. Setup and IP network on the interface and off you go.

I would also recommend reading the Manual for the 5.3.x on the controllers on setting up this type of network.

Re: MSM760 - allow a single VLAN to the internet

check the implementation guide in my.procurve.com , it has the exact same setup and step by step to configure that.