This post is more than 5 years old
7 Posts
0
3462
Guest WLAN with VLAN (Dell PC 6248)
Hello Community,
i want to set up a Guest WLAN using 2 VLAN's.
Setup: IPFire, Dell Power Connect 6248, Netgear WNAP 320 Access Point
The Blue Interface on the Firewall tag all frames with the ID 15.
On the Switch near all Ports are untagged and in the native VLAN 1.
The "Guest-VLAN" has the VLAN ID 15.
Port Settings
G36: Trunk
G22:
All untagged frames from the Native-VLAN 1 get the ID1 when they reaches Port 22.
VLAN Membership
In Native VLAN 1
In "Guest VLAN" 15:
So, on the Port 22 who is connected to the AP, the Frames with the ID15 (Guest) and the Frames who get the ID 1 should transmitted to the AP.
On the AP, I set up 2 SSID's.
The Staff-WLAN has the VLAN ID 1 and the Guest-WLAN the VLAN ID 15
But only the Staff-WLAN works. I don't get an IP-Adress when i connected with the Guest-WLAN.
Another Setup on the Access Point:
I'm a Beginner in this topic and English is not my favorite language, so please apologize little mistakes :)
Do you have any ideas?
Thanks. :)
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 28th, 2016 06:00
One thing that I did not think about until just now. You said when you plugged your workstation directly into the blue connection, it obtained an IP and worked fine? By default a workstation is going to send untagged frames, so perhaps the firewall is set to be untagged on that interface. In which case we can try the following config on port 36.
# switchport mode access
# switchport access vlan 15
The native VLAN is going to send and receive untagged packets. You said everything in VLAN 1 is working, right?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 25th, 2016 12:00
I would test connectivity on VLAN 15 by setting a static IP address and then trying to ping the default gateway address for VLAN 15 and any other devices on VLAN 15. If you have connectivity, then move on to the DHCP issue. If there is no connectivity, then continue to troubleshoot as a connectivity issue and not as a DHCP issue.
Is the IPfire device acting as a DHCP server for VLAN 15?
Noah_77
7 Posts
0
October 26th, 2016 02:00
I setting a static IP address but i can't ping the default gateway address for VLAN 15.
Yes, the blue interface of the IPfire acting as a DHCP Server for VLAN 15.
If i plug the cable from the blue Interface directly in my laptop, i get a IP address and all works fine.
But if i plug the cable in G36 and want to connect with the Guest WLAN, i didn't get a IP address.
Is the setup on the switch (Port Mode etc.) correctly?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 26th, 2016 07:00
On the 6248, are ports 15 and 36 in the up status? If you plug your laptop into a port on the 6248 that is set to be untagged for VLAN 15, can your laptop reach the gateway? This would further help identify if the issue is occurring on port 36 or port 22.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 26th, 2016 08:00
The status as in either up or down. You can use the command # show interfaces status, and it will show you all the interfaces and whether they are down or up.
Noah_77
7 Posts
0
October 26th, 2016 08:00
"up status" means untagged aren't ?
You can see all port status on the screenshots in my original post.
I will check this tomorrow. Here in Germany is another time :D
Noah_77
7 Posts
0
October 27th, 2016 01:00
No, I can't reach the gateway, if i plug my laptop into a port on the switch that is set to be untagged for VLAN 15.
Sorry, where i have to use the command # to show the interface status?
I don't know what you mean...
Noah_77
7 Posts
0
October 27th, 2016 07:00
ok, here's the log.
[View:/cfs-file/__key/communityserver-discussions-components-files/866/2311.putty.log:550:0]
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 27th, 2016 07:00
I think a good test would be to change port 3/g36 to be the same as port 3/g22.
interface ethernet 3/g36
switchport mode general
switchport general ingress-filtering disable
switchport general allowed vlan add 15 tagged
Try that out and see if the behavior changes at all.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 27th, 2016 07:00
The command line of the switch can be accessed through a Telnet session. You can use a program such as Putty, to initiate the connection.
http://www.putty.org/
With putty running, ensure that the connection type is set to telnet. Enter the IP address of the switch, and then click open. The session should start and allow you to enter the show command.
I would also like to take a look at the current config on the switch.
Console> enable
Console# show run
Be sure the putty session is being saved to a text file.
Thanks
Noah_77
7 Posts
0
October 28th, 2016 01:00
No, it doesn't help at all.
Another Question: Is the configuration of the native VLAN1 the right one? (G22 on "T" and G36 on "Blank")
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 28th, 2016 07:00
Excellent! glad to hear it worked.
Noah_77
7 Posts
0
October 28th, 2016 07:00
That was the final hint :D
Now it works, thank you!
But now i have to configure the other switches with the VLAN 15. I hope, i can get it on my own.
If i need any help, i will post here.