Switches, Hubs, and Modems
1748084 Members
5256 Online
108758 Solutions
New Discussion юеВ

Re: DHCP Scope for VLAN

 
SOLVED
Go to solution
Ezugo
Advisor

Re: DHCP Scope for VLAN

Good morning,

right, changing the Default Gateway on the DHCP solves the problem of clients getting DHCP IP addresses - however causes authentication problems with OWA - I have ISA in DMZ authenticating OWA access.

is there a way round this?
Ezugo
Advisor

Re: DHCP Scope for VLAN

I can use the 2nd NIC card on the server?
cenk sasmaztin
Honored Contributor

Re: DHCP Scope for VLAN

please send me network layout
cenk

cenk sasmaztin
Honored Contributor

Re: DHCP Scope for VLAN

and current switch config
cenk

Ezugo
Advisor

Re: DHCP Scope for VLAN

my current network attached - I still need to set up lan interface 0/3 on the firewall

also need to connect second DHCP NIC to switch probably on port A2

module 2 type J9033A
ip default-gateway 10.14.40.254
ip routing
ip irdp
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged A1-A24,B1-B17,B21-B24,C1-C24,D1-D24,E1-E24
ip address 10.14.10.254 255.255.0.0
no untagged B18-B20
exit
vlan 2
name "Guest"
untagged B18
ip address 10.15.10.254 255.255.0.0
ip helper-address 10.14.10.4
tagged A1,A18,B17,B19-B20
exit
vlan 10
name "management"
ip address 10.0.10.1 255.255.255.0
tagged B17
exit

ProCurve Switch 4208vl#
cenk sasmaztin
Honored Contributor

Re: DHCP Scope for VLAN

all lan user default gateway address 10.14.40.254
and connecting internet
but user unreachable isa server

is their true ?
cenk

cenk sasmaztin
Honored Contributor

Re: DHCP Scope for VLAN

Your firewall may make the task of the dhcp server?
cenk

Ezugo
Advisor

Re: DHCP Scope for VLAN

Yes ISA server unreachable more or less.
using firewall as the DHCP will solve the issue.

port 0/3 will now go straight to the internet with a seperate external IP mapped to VLAN2.
on VLAN 2 i setup ip-helper to point to port 0/3 configured as DHCP

the other problem I haven't given much thought to is how users using SSID 2 (internal) will access the LAN?

thanks Cenk for all your help.
I'm almost there.
cenk sasmaztin
Honored Contributor

Re: DHCP Scope for VLAN

4200 series switch unable access control list between vlan's or ports


when enable ip routing on switch all vlan's between routing so vlan 2 users reachable vlan 1 user

this will be cut with normal access acl
but your switch do not support acl

so we had to make such a configuration

but inside me is not comfortable because this config not very safe

if vlan 2 user change default gateway address manually then may connect vlan 1 user


I'd like to change this konfigrasyonu, but you should fire wall served as a dhcp server



cenk

cenk sasmaztin
Honored Contributor

Re: DHCP Scope for VLAN

can you create two dhcp scope on fire wall
cenk