HPE Community
Communications and Wireless
1836590 Members
1208 Online
110102 Solutions
New Discussion

wireless and vlan help

 
scale
Occasional Contributor

‎01-23-2009 12:41 PM

‎01-23-2009 12:41 PM

wireless and vlan help

ive got a procurve 5304xl with a wireless service module in slot C of the device.

my network has a class b range of 172.16.0.0

VLAN1 runs our lan and all wireless stations just fine.

I have 20 or so access points that i would like to have working as follows:

I am trying to create a seperate SSID on a seperate VLAN 50 for guest services.

So far i can create the SSID on VLAN1 and the machines can connect to the VLAN1 and get an ip address of 172.16.x.x via our dhcp server

When i setup a VLAN 50 and put the guest SSID on VLAN50 i would like it to be able to contact a different DHCP scope of 10.x.x.x addresses from our DHCP Server.

When i try this i can get connected to the Guest-SSID but i cant get ip from the DHCP server. This same DHCP server is handing out the 172.16.x.x addresses on VLAN1 just fine.

I have been through the switch and enabled ip routing, ip helper-address 172.16.x.x-->ip of the dhcp server) and the dhcp-relay command.

None of these are allowing my workstations to connect to the wireless Guest SSID on vlan50.

I am not sure why. Can anyone help?
0 Kudos
3 REPLIES 3
Pieter 't Hart
Honored Contributor

‎01-26-2009 02:10 AM

‎01-26-2009 02:10 AM

Re: wireless and vlan help

most likely the access-point passes the vlan-1 packets as "untagged" packets to the connected switchport.
The switch treats this packets as entering the default-vlan configured for this port (this will also be vlan-1). it adds the vlan-tag for internal processing and propagates this within vlan-1.

vlan-50 packets from the accesspoint will be passed WITH vlan-tag.
so you need to configure the connected switchport correspondingly. packets with vlan-50 tag must be accepted by the switchport and forwarded into vlan-50.

So the switchport where an accessport is connected must be able to send and receive vlan-1 (untagged) and vlan-50 (tagged) packets.

have you done any test with a fixed vlan-50 adress?

Pieter
0 Kudos
scale
Occasional Contributor

‎01-26-2009 08:20 AM

‎01-26-2009 08:20 AM

Re: wireless and vlan help

so you are saying that the wireless access points that run on VLAN1 should be Untagged...where VLAN50 Should be TAGGED?


All access points should run both vlans yet communicate out the same default gateway on VLAN1 for internet access.

0 Kudos
Pieter 't Hart
Honored Contributor

‎01-27-2009 12:28 AM

‎01-27-2009 12:28 AM

Re: wireless and vlan help

No i don't want to say "they should be", but (from your description) i think they probably are in the current configuration.

Its not a bad idea to configure all vlans as "tagged" to avoid miscommunication between vlan-enabled devices.
Then they need to be tagged on both connected sides (acces-point and switch-port).

There are also advisories to leave vlan-1 as it is (just a default vlan) and NOT use it for any data traffic (create a third vlan).

Pieter
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.