HPE Community
Comware Based
1824996 Members
2245 Online
109678 Solutions
New Discussion

Re: Dynamic vlans on Switch 5412zl

 
Rezart_gr
Occasional Contributor

‎05-11-2012 12:00 PM

‎05-11-2012 12:00 PM

Dynamic vlans on Switch 5412zl

Hi

 

I am trying to implement dvlans on our network. My goal is unauthorized users-guests to be moved to another vlan with restricted access. The unauth users are indeed moved to the intended vlan, but they fail to get a dhcp address albeit I have set a scope in my dhcp server.

Networking is a new challenge for me so I might miss something. Please any help or advice to reach my goal would be much appreciated.

 

Thank you,

Rezart

0 Kudos
2 REPLIES 2
Per-Erik Halvardsson
Established Member

‎05-13-2012 11:43 PM

‎05-13-2012 11:43 PM

Re: Dynamic vlans on Switch 5412zl

Hi

 

You should look at the PCm+ and HP Identity Driven Manager.

http://h17007.www1.hp.com/us/en/products/network-management/HP_PCM_Plus_Network_Management_Software_Series/index.aspx

 

http://h17007.www1.hp.com/us/en/products/network-management/HP_Identity_Driven_Manager_Software_Series/index.aspx#tab2

 

SNAC is a  nice feature.

But be sure to check if your HP switches are supported by PCM+ and IDM.

 

If you have switches and/or WiFi from different vendors, why not look more into Microsoft NAP.It's quite easy to setup.

Look at the "Step by step" guide lines.

http://technet.microsoft.com/en-us/network/bb545879

 

You can also integrate Microsoft NAP with HP PCM+ and HP Identidy Driven Manager if you have these products.

http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c02641893/c02641893.pdf

 

Kind regards

Per-Erik

0 Kudos
Rezart_gr
Occasional Contributor

‎05-14-2012 07:10 PM

‎05-14-2012 07:10 PM

Re: Dynamic vlans on Switch 5412zl

Hi Eric,

 

Thank you for your reply.

We have two 5412zl switches, one that the desktops connect and one at the datacenter connected to our firewall. My goal is to distinguish the unautheticated users at the port level of the first switch, deny him access anywhere on my network, drop him on a specific vlan, give him a dhcp address and just give him access to the internet (through the second switch). We are using NAP and NPS, but as far as I can see it gives you the ability to check only autheticated users.

As for now the unauthenticated user, after authetication failing is dropped to the specific vlan but then fails to get a dhcp (although I have set to that vlan to specifically ask my dhcp server) and then fail to move anymore.

I am pretty sure that I miss something simple on my switch..

 

Thank you for your advice in advance.

 

Best,

Rezart

@per-Erik Halvardsson wrote:

Hi

 

You should look at the PCm+ and HP Identity Driven Manager.

http://h17007.www1.hp.com/us/en/products/network-management/HP_PCM_Plus_Network_Management_Software_Series/index.aspx

 

http://h17007.www1.hp.com/us/en/products/network-management/HP_Identity_Driven_Manager_Software_Series/index.aspx#tab2

 

SNAC is a  nice feature.

But be sure to check if your HP switches are supported by PCM+ and IDM.

 

If you have switches and/or WiFi from different vendors, why not look more into Microsoft NAP.It's quite easy to setup.

Look at the "Step by step" guide lines.

http://technet.microsoft.com/en-us/network/bb545879

 

You can also integrate Microsoft NAP with HP PCM+ and HP Identidy Driven Manager if you have these products.

http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c02641893/c02641893.pdf

 

Kind regards

Per-Erik



0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.