Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

2524 vlan with same IP range

Audrius B.
Occasional Visitor

2524 vlan with same IP range

Hi,
I have some networks connected through wireless.
My Linux server eth1 device connected to HP 2524 swich`s 25th port.
One Access Point (192.168.5.1) connected to 1st port, second (192.168.5.2) to 2nd port. My clients have address 192.168.0.0/24. This is how i did:
# Swich configuration
config t
vlan 2
untagged 1
tagged 25
exit
vlan 3
untagged 2
tagged 25
exit
# Linux router configuration
vconfig set_name_type VLAN_PLUS_VID
vconfig add eth1 2
ifconfig vlan0002 192.168.0.254 netmask 255.255.255.255
ifconfig vlan0002:1 192.168.5.254 netmask 255.255.255.0
route add 192.168.0.1 dev vlan0002
vconfig add eth1 3
ifconfig vlan0003 192.168.0.254 netmask 255.255.255.255
ifconfig vlan0003:1 192.168.0.254 netmask 255.255.255.0
route add 192.168.0.2 dev vlan003
# done
Is any other way to isolate users from each other with ip's from same range? Maybe is any "port based" vlans?
3 REPLIES
Matt Hobbs
Honored Contributor

Re: 2524 vlan with same IP range

Hi Audrius,

At the moment, you already have port based VLANs configured. What is happening is that these clients are able to talk to each other through the Linux router - which means you would need to setup some kind of access control list on the router to prevent access between VLANs.

Another solution you may be interested in is the isolated port groups feature. This way you can keep everyone in the same VLAN, but you can prevent ports from talking to one another.

The release notes have more info on this - ftp://ftp.hp.com/pub/networking/software/2300-2500-RelNotes--f0552-59903102.pdf

Matt
Sergej Gurenko
Trusted Contributor

Re: 2524 vlan with same IP range

I think it is much better to use separate sub-net for each AP. You will fill more comfortable then.
Did not try to maintain you crafted design. Just spend some time and redesign it. :)
Audrius B.
Occasional Visitor

Re: 2524 vlan with same IP range

Thank You for reply, i think i'll use Sergej`s solution.
Audrius.