Unsolved
This post is more than 5 years old
2 Posts
0
23856
PowerConnect 2848 and VLANs for wireless only
Hello, I have the following setup and am new to VLANs. Managed mode is enabled on all of the switches, but right now nothing else is configured (aside from the password and IP).
Wiring closet 1
Sonicwall TZ200
PowerConnect 2848
PowerConnect 2824
Unmanaged 10/100 switch (this could actually go away)
3 access points capable of multiple SSIDs and VLAN tagging connect at this closet
DHCP server is on a Windows 2008R2 server which connects to this closet
Wiring closet 2
PowerConnect 2824
May add another access point that connects here
What I want
All of the wired computers throughout the building can be on one VLAN with the server.
We want to have two wireless networks, public (open) and private (WPA2). If a guest connects to the public network, they get only internet access (and on a different subnet). If they connect to the private network with the WPA password, then they get access to the servers and the internet. Traffic does not need to flow between public and private networks (other than DHCP traffic, which if it were easier could be moved to the Sonicwall, although for DNS registration via DHCP it would be ideal if it stayed on the Windows server). I may later implement WPA Enterprise.
Can anyone point me in the right direction?
I have read the following posts (and other articles/youtube videos), but don't have clear direction on how you might integrate with and Access Point that is tagging multiple VLANs. I need step by step or 101 level resources, even the user guide for the switch is making assumptions that the operator has basic knowledge of VLANs, LAGs, trunking, STP etc...
http://en.community.dell.com/support-forums/network-switches/f/866/p/19495197/20315531.aspx#20315531
http://en.community.dell.com/support-forums/network-switches/f/866/p/19366342/19827844.aspx
DELL-Willy M
802 Posts
1
July 17th, 2013 11:00
Here is a link to the manuals available for the 2800 model switches.
downloads.dell.com/.../powerconnect-2848.html
You are on the right track. You need VLANs to separate the traffic on the switches. The access points connecting to the 2800 switches will need to have the multiple VLANS needed to be marked as tagged on the port. Like it discusses in the forum pages that you referenced. The PVID that is set on the Access Point needs to be matched on the settings for the same port connection on the 2800.
Example:
AP port has –
VLAN 5, 10, 20 tagged
PVID(native untagged VLAN) - 1
Then the port it is connecting to on the 2800 will need the same set up.
VLAN 5, 10, 20 tagged
PVID(native untagged VLAN) - 1
As far as allowing certain VLANs different access levels. There is a port authentication option on the 2800 where you can have a Guest VLAN and allow it only internet access. Then the authenticated user has access to the local network servers and data. Page 83 of the User Guide discusses the options for port based authentication.
Page 124 of the User Guide discusses how to set VLAN membership on the ports.
Let us know if you have any more specific questions.
Mind IT
2 Posts
0
July 17th, 2013 15:00
Thank you for your reply, I will do some testing to see if I can accomplish what I need.