Solved

Trying to create vlan for public wireless using cisco 1130AP and Dell 6248

Posted on 2008-10-22
3
740 Views
Last Modified: 2012-05-05
My current configuration consists of Cisco ASA 5510 firewall. 192.168.1.254
layer 3 switch Dell Powerconnect 6248 which I am using as the main router 192.168.1.1
Cisco 1130AP 192.168.1.30

The configuration for networking is 192.168.1.1 (Dell Layer3) is the gateway so everything outbound is routed to 192.168.1.254 (Cisco ASA).  In order to route through the Dell I placed the management interface on VLAN2 with an address of 192.168.50.2.  The Cisco 1130AP is setup with no VLAN and 1 SSID.  I know that I can create seperate SSIDs on seperate VLANs with the AP.

I am trying to create a VLAN (i.e. VLAN 5) that will be public wireless on the Cisco AP that is outside world only access and blocked from other VLANs.  With that being said I want to keep the private wireless intact on the same AP but on a different VLAN (i.e. VLAN 1)

By default Dell has VLAN 1, and now with management interface VLAN 2, how do I create VLAN 5 and make the Public traffic route directly out?

Thanks in advance,
0
Comment
Question by:blazndog
3 Comments
 
LVL 6

Assisted Solution

by:ajeab
ajeab earned 50 total points
ID: 22815743
who is your dhcp server?? ASA??

on ASA
create 2 scopes for DHCP
make sure the new vlan is in allow in-->out list

on DELL
create vlan 5
on port that connect to AP set it to trunk or similar

on AP
add vlan 5 to AP and assign VLAN to it.
0
 

Accepted Solution

by:
blazndog earned 0 total points
ID: 22895662
I finally got this going after talking to dell support.
For some reason Dell engineers on the 6200 series switches seem to think users will use "General" on port settings to equal "Trunk"
So yes DHCP server for public vlan 5 is ASA for private msDHCP server.  Created vlan 5 on layer 3 6248 assigned to port and directly connected 6248 to available interface on ASA.
On ASA created policy to --> out and created dhcp pool.
on 6248 designated another port as "general" and "untagged" on vlan1(native) and "tagged" on vlan 5 then connected that to AP.
AP created vlan 5 and seperate SSID to traffic public vlan 5 straight out the ASA.
If you use Dell 3400 series you use "Trunk" or "General"
0
 
LVL 1

Expert Comment

by:tacsatfreq
ID: 33628543
Blazendog

Can you send me a possible snippet of your config? I have basically the same network layout and am interested to see how you made your system work.

Thanks
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now