HPE Community
Aruba & ProVision-based
1751971 Members
4646 Online
108783 Solutions
New Discussion

Re: BYOD Help!

 
edsa131
Occasional Contributor

‎11-28-2016 09:31 AM

‎11-28-2016 09:31 AM

BYOD Help!

I am looking at implementing a BYOD solution for our Sixth Form.  I have installed 4 Aerohive AP230s and will use Hive Manager Cloud Management to manage the wireless network side of the solution.

I have the following resources:


1 HP Switch 5406zl (J8697A) (Core)
1 HP 2530-48G-PoEP Switch (J9772A) (Edge - Sixth Form)
4 Aerohive AP230 Access Points
1 Aerohive Hive Manager
1 Microsoft Network Policy Server (RADIUS)
1 Smoothwall UPS S8 Appliance


The two switches are linked by a 1GB fibre connection.


I have created 2 VLANs: VLAN 10 and VLAN 20


VLAN 10 is named CORP_VLAN for Teachers and Staff access
VLAN 20 is named BYOD _VLAN for BYOD traffic internet access only


I have a RADIUS Server setup to use 802.1x Windows Authentication for both VLANs


On the core switch B3 connects to port 49 of the Edge switch and this is the fibre uplink connection.


The configuration of the 2 switches is as follows:


Core Switch: VLAN 1 Default_VLAN (Primary)


IP Address: 10.1.0.23
SM: 255.255.0.0
GW: 10.1.0.19
Ports Tagged: None
Ports Untagged: A1-A9,A11-A24,B1-B24,C1-C24


Core Swtich: VLAN 10 CORP_VLAN


IP Address: 10.6.0.10
SM: 255.255.0.0
GW: 10.1.0.19
Ports Tagged: B3
Ports Untagged: None


Core Switch VLAN 20 BYOD_VLAN


IP Address: 10.5.0.10
SM: 255.255.0.0
GW: 10.1.0.19
Ports Tagged: B3
Ports Untagged: None


Sixth Form Switch VLAN 1 Default_VLAN (Primary)


IP Address: 10.1.0.197
SM: 255.255.0.0
GW: 10.1.0.19
Ports Tagged: None
Ports Untagged: 1-24  29-52


Sixth Form Switch VLAN 10 CORP_VLAN


IP Address: 10.6.0.10
SM: 255.255.0.0
GW: No Gateway
Ports Tagged: 49
Ports Untagged: 25-28


Sixth Form Switch VLAN 20 BYOD_VLAN


IP Address: 10.5.0.10
SM: 255.255.0.0
GW: No Gateway
Ports Tagged: 49
Ports Untagged: 25-28


DHCP Config:


Scope 10.1.0.0 (Default Scope | Default_VLAN)
Address Pool: 10.1...0.0 - 10.1.20.254
Router: 10.1.0.23 (Core Switch)
DNS Servers: 10.1.0.125, 10.1.0.126
Domain Name: acaciahighschool.local


Scope 10.5.0.0 (BYOD_VLAN)
Address Pool: 10.5.0.50 - 10.5.20.254
Router: 10.5.0.10
DNS Servers: 10.1.0.125, 10.1.0.126
Domain Name: acaciahighschool.local


Scope 10.6.0.0 (CORP_VLAN)
Address Pool: 10.6.0.50 - 10.6.20.254
Router: 10.6.0.10
DNS Servers: 10.1.0.125, 10.1.0.125
Domain Name: acaciahighschool.local

Hi

The APs are all recieving IP addresses from VLANs 10 and 20, but when probing for VLANs from the AP230s they cannot find any VLAN apart from the Default_VLANs


My question is does the switching and routing look consistent and correct in combination with the DHCP scopes that are setup for the associated VLANs.


I would really appreciate some expert guidance on this

 

 

 

0 Kudos
1 REPLY 1
Richard Litchfield
Respected Contributor

‎03-12-2017 05:29 AM

‎03-12-2017 05:29 AM

Re: BYOD Help!

I think you need to look at your IP addressing first - you have some mismatches with the subnet ranges and the gateways that should be in those ranges based on what you have posted.

eg IP Address: 10.6.0.10
SM: 255.255.0.0
GW: 10.1.0.19 <-- should this be 10.6.0.19?

See http://www.subnet-calculator.com/cidr.php as a good tool for helping with IP addressing

It also looks like the VLANs 10, 20 have the same untagged ports 25-28 - you can only have one untagged VLAN per port. One VLAN should be tagged.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.