Unsolved
This post is more than 5 years old
2 Intern
•
126 Posts
0
13458
October 3rd, 2006 18:00
Create VLAN on 3448 to Isolate Internet Traffic
Hello all,
I know how to create a VLAN on the 3448 but not sure the correct configuration to use. I have two wireless access points connected to ports 45 and 46. I would like to create a VLAN for these two ports to segrate the internet traffic from our domain. I want users connected to the wireless access points to only have internet access and not be able to ping our internal network or access any internal resources while connected through the wireless network.
Is this possible? How might I achieve this?
Thanks
I know how to create a VLAN on the 3448 but not sure the correct configuration to use. I have two wireless access points connected to ports 45 and 46. I would like to create a VLAN for these two ports to segrate the internet traffic from our domain. I want users connected to the wireless access points to only have internet access and not be able to ping our internal network or access any internal resources while connected through the wireless network.
Is this possible? How might I achieve this?
Thanks
No Events found!
gregmer
1 Message
0
October 4th, 2006 15:00
Canada101
2 Intern
•
126 Posts
0
October 4th, 2006 16:00
Canada101
2 Intern
•
126 Posts
0
October 5th, 2006 11:00
I have read through the document that was linked to above but I still cant quite nail down the configuration I am looking to do. I know its got to be pretty simple and I think I am just missing something quite obvious but cant put my finger on it.
My router is connecting to port e48 of this particular switch, my Wireless Access Points are connecting to ports e40 and e41. I want all ports EXCEPT e40 and e41 to be public and communicate freely with e48 and each other. I want only ports e40 and e41 to be restricted to communicating with only port e48. e40 and e41 should not be able to communicate with any other ports on this switch.
I am trying to use the web interface in this case only because I am trying to train one of our junior level systems administrators on managing these switches and its easier for him then learning ios. When we have this configuration working correctly they will be putting the same configuration in place at six other locations.
Your help is appreciated.
ValidScreenName
19 Posts
0
October 13th, 2006 19:00
The router in your description I assume is the one providing an internet connection to the entire lan?
You configuration should probably work something like this:
You put you access points on VLAN 2 and your pirate network is on VLAN 1 with your internet router.
At this point there is no way for devices on VLAN 2 to connect to VLAN 1 but VLAN 1 has internet.
You then need to install a router between VLAN 2 and VLAN 1, you setup this router so that it only routes traffic from its VLAN2 port to the address of the Internet Router on its VLAN 1 port.
Another way would be if your Internet router had more than one LAN port, then you could do all the routing on it connecting it to you internet connection, then one LAN interface to a port on VLAN1 and another on VLAN2
ValidScreenName
19 Posts
0
November 3rd, 2006 21:00
http://www.dell.com/downloads/global/products/pwcnt/en/howto_config_private_vlans.pdf