- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- 5406zl switch and WAP 530 Wireless, VLAN, security...
Switches, Hubs, and Modems
1753867
Members
7164
Online
108809
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2007 04:16 AM
10-23-2007 04:16 AM
5406zl switch and WAP 530 Wireless, VLAN, security issues
Please bear with me, I am far from an expert when dealing with VLANS.
Here is our scenario. We have 3 HP 5406zl switches which we are in the process of setting up VLANS. The first phase of this project is configuring our HP WAP 530 devices for both â publicâ (internet access only) and â privateâ connections. We would like to have the public and private networks on 2 different IP scopes.
I have the VLANs setup and right now and have successfully setup the WAPâ s for the most part. The one problem I am running into is we do not want to let the â publicâ wireless communicate with our â privateâ network. However we do need communication between the â publicâ VLAN the DHCP server, and firewall which is on the â privateâ network/VLAN. I hope that makes sense. Currently I can ping the private network resources when I am connected to the public wireless system, I only want necessary communication with DHCP server and firewall no other resources.
Is there a way to restrict on the VLAN level communication between one entire VLAN and a set of ports. This way we could still allow communication between the ports that the DHCP server is on. What would be the specific commands for this?
VLAN â 1(private) = 172.200.x.x
This VLAN is currently the flat default VLAN that has all servers, firewall and workstations. DHCP server = 172.200.1.15
VLAN â 19(public) = 192.192.168.x
This VLAN is strictly for public internet access for guests. Only needs to get DHCP from default VLAN 1
Here is a little map:
Firewall - 172.200.0.1
|
Switch 1 5406zl - VLAN 1 = 172.200.1.101, VLAN 19 = 192.192.168.1
|
Port B1(port the WAP is plugged into on the switch)
|
WAP 530 â SSID Private VLAN 1= 172.200.x.x
- SSID Public VLAN 19 = 192.192.168.x
I have also attached our switch configuration.
Thanks so much.
Here is our scenario. We have 3 HP 5406zl switches which we are in the process of setting up VLANS. The first phase of this project is configuring our HP WAP 530 devices for both â publicâ (internet access only) and â privateâ connections. We would like to have the public and private networks on 2 different IP scopes.
I have the VLANs setup and right now and have successfully setup the WAPâ s for the most part. The one problem I am running into is we do not want to let the â publicâ wireless communicate with our â privateâ network. However we do need communication between the â publicâ VLAN the DHCP server, and firewall which is on the â privateâ network/VLAN. I hope that makes sense. Currently I can ping the private network resources when I am connected to the public wireless system, I only want necessary communication with DHCP server and firewall no other resources.
Is there a way to restrict on the VLAN level communication between one entire VLAN and a set of ports. This way we could still allow communication between the ports that the DHCP server is on. What would be the specific commands for this?
VLAN â 1(private) = 172.200.x.x
This VLAN is currently the flat default VLAN that has all servers, firewall and workstations. DHCP server = 172.200.1.15
VLAN â 19(public) = 192.192.168.x
This VLAN is strictly for public internet access for guests. Only needs to get DHCP from default VLAN 1
Here is a little map:
Firewall - 172.200.0.1
|
Switch 1 5406zl - VLAN 1 = 172.200.1.101, VLAN 19 = 192.192.168.1
|
Port B1(port the WAP is plugged into on the switch)
|
WAP 530 â SSID Private VLAN 1= 172.200.x.x
- SSID Public VLAN 19 = 192.192.168.x
I have also attached our switch configuration.
Thanks so much.
1 REPLY 1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2007 04:27 AM
10-23-2007 04:27 AM
Re: 5406zl switch and WAP 530 Wireless, VLAN, security issues
Sorry for the wierd formatting issues in the first post. Here is the body in an easier to read format:
Please bear with me, I am far from an expert when dealing with VLANS.
Here is our scenario. We have 3 HP 5406zl switches which we are in the process of setting up VLANS. The first phase of this project is configuring our HP WAP 530 devices for both PUBLIC(internet access only) and PRIVATE connections. We would like to have the public and private networks on 2 different IP scopes.
I have the VLANs setup and right now and have successfully setup the WAP's for the most part. The one problem I am running into is we do not want to let the PUBLLIC wireless communicate with our PRIVATE network. However we do need communication between the PUBLIC VLAN the DHCP server, and firewall which is on the PRIVATE network/VLAN. I hope that makes sense. Currently I can ping the private network resources when I am connected to the public wireless system, I only want necessary communication with DHCP server and firewall no other resources.
Is there a way to restrict on the VLAN level communication between one entire VLAN and a set of ports. This way we could still allow communication between the ports that the DHCP server is on. What would be the specific commands for this?
VLAN - 1(private) = 172.200.x.x
This VLAN is currently the flat default VLAN that has all servers, firewall and workstations. DHCP server = 172.200.1.15
VLAN - 19(public) = 192.192.168.x
This VLAN is strictly for public internet access for guests. Only needs to get DHCP from default VLAN 1
Here is a little map:
Firewall - 172.200.0.1
|
Switch 1 5406zl - VLAN 1 = 172.200.1.101, VLAN 19 = 192.192.168.1
|
Port B1(port the WAP is plugged into on the switch)
|
WAP 530 - SSID Private VLAN 1= 172.200.x.x
- SSID Public VLAN 19 = 192.192.168.x
I have also attached our switch configuration.
Thanks so much.
Please bear with me, I am far from an expert when dealing with VLANS.
Here is our scenario. We have 3 HP 5406zl switches which we are in the process of setting up VLANS. The first phase of this project is configuring our HP WAP 530 devices for both PUBLIC(internet access only) and PRIVATE connections. We would like to have the public and private networks on 2 different IP scopes.
I have the VLANs setup and right now and have successfully setup the WAP's for the most part. The one problem I am running into is we do not want to let the PUBLLIC wireless communicate with our PRIVATE network. However we do need communication between the PUBLIC VLAN the DHCP server, and firewall which is on the PRIVATE network/VLAN. I hope that makes sense. Currently I can ping the private network resources when I am connected to the public wireless system, I only want necessary communication with DHCP server and firewall no other resources.
Is there a way to restrict on the VLAN level communication between one entire VLAN and a set of ports. This way we could still allow communication between the ports that the DHCP server is on. What would be the specific commands for this?
VLAN - 1(private) = 172.200.x.x
This VLAN is currently the flat default VLAN that has all servers, firewall and workstations. DHCP server = 172.200.1.15
VLAN - 19(public) = 192.192.168.x
This VLAN is strictly for public internet access for guests. Only needs to get DHCP from default VLAN 1
Here is a little map:
Firewall - 172.200.0.1
|
Switch 1 5406zl - VLAN 1 = 172.200.1.101, VLAN 19 = 192.192.168.1
|
Port B1(port the WAP is plugged into on the switch)
|
WAP 530 - SSID Private VLAN 1= 172.200.x.x
- SSID Public VLAN 19 = 192.192.168.x
I have also attached our switch configuration.
Thanks so much.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP