• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1287
  • Last Modified:

HP J9022A VLAN configuration

i have an HP J9022A switch and I would like to create a VLAN  for a wireless AP for guest users.

Obviously, I want all traffic off of the wireless AP to be on a private network...192.168.1.1 would be fine.  My current LAN ip scheme won't conflict with 192.168.1.1.
0
tomdlgns
Asked:
tomdlgns
  • 10
  • 7
3 Solutions
 
Rick_O_ShayCommented:
You just need to create a new VLAN:
ProCurve(config)# vlan 2

Then add IP to it:
ProCurve(config)# vlan 2 ip address 192.168.1.1/24
0
 
tomdlgnsAuthor Commented:
the only time i have logged into the switch was when i statically assigned an IP to the switch.

i am assuming i can do all this via the web gui?  i dont have a laptop with a serial port on it, ATM.

also, when a vlan is configured, is it done by port?  do i tell the switch that port 18 is a vlan port?

thanks.
0
 
Rick_O_ShayCommented:
I am not sure if you can do it from the web gui but you can telnet in from there and use the menu or cli.

To add ports:
ProCurve(config)# vlan 2 untagged 10-15
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
tomdlgnsAuthor Commented:
well, i tried getting in via the web gui and i am able to.  however, when i went to add the vlan, it asked for a password.  there must be a few passwords for the switch depending on what you want to do.

what are the default passwords?  i typically change them, but since i havent been in the vlan menu before, it is very possible that, that password is set to default.

also, i never got an answer about the port.  how does the switch know where to assign vlan address to?

or does that not matter?

for example, port 3 is not use right now and that is the port that i want to put the AP on.

0
 
Rick_O_ShayCommented:
The command to add port 3 to VLAN 2 would be:
vlan 2 untagged 3
If the web gui will allow it then it would be in the configuration tab then vlan configuration section.

You can clear the password with the clear button on the front of the switch.
0
 
tomdlgnsAuthor Commented:
i would really like to do this via the web.  i think i know what to do, but the password i use to login to the switch wont work for the vlan config.  do you know what the default password is?

Thanks.
0
 
tomdlgnsAuthor Commented:
actually, i think the u/p i am using is correct, i believe the problem is that i am not filling in all the information.

when i fill in the information, i press create vlan and the u/p screen pops up.  each time i type in a set of credentials, it just blinks and clears out the info.  when i type in the credentials that i know are correct, i get an error message saying it cant create the vlan.  please see my screen shots i attached.

thanks.
vlan-error.JPG
0
 
tomdlgnsAuthor Commented:
ok, well i did a telnet into my switch and i added a 2nd vlan and names it guest.

however, i did not see an option to type out the ip scheme that you advised above.

as i stated, i did this all via telnet, but the screen is of the gui which shows the changes updated.

thanks.


vlan2.JPG
0
 
tomdlgnsAuthor Commented:
ok, i got the second vlan configured and via telnet i went to the IP configuration and assigned 192.168.1.1 and 255.255.255.0

that part seems to be setup properly.

however, back to the webgui, when i go to ip configuration, i see 2 options, the default vlan and guest.

when i click on guest, i see the IP settings i added via telnet.  so far so good.

now, this might be a dumb question, but it is my first time with vlans, but for vlan 2, should i leave the gateway as 192.0.0.2 (that is the correct gateway for my network, it is my firewall) or should it be switched to 192.168.1.1, which is the IP of my wireless router.

i am still confused as to how i configure my wireless router.

i am getting there.
0
 
tomdlgnsAuthor Commented:
see pic for ref.

thanks
vlan3.JPG
0
 
Rick_O_ShayCommented:
If your internet access is through the firewall you will use that as your gateway. But since this is a layer two switch you are going to need another interface on the firewall in the new VLAN and in the 192.168.1.0 subnet. Either a second physical interface or a subinterface on the same physical interface.

The wireless router would be configured to hand out DHCP address to the clients in the 192.168.1.X range. It's uplink would go onto the HP in the new VLAN port 3 I think it is. Just exclude the firewall's and switch's addresses from DHCP.
0
 
tomdlgnsAuthor Commented:
You lost me with all this interface talk

i cany just plug a wireless router into port 3 on the hp switch and statically assign the router to use 192.168.1.1 and dish out 192.168.1.1xx ip addresses?

i have a sonicwall pro 2040, i need to make changes in that as well?
0
 
Rick_O_ShayCommented:
To get to the internet you will need to route the new VLAN through the firewall. You could use the public side of the wireless router and connect it directly to the Sonicwall on a different port configured in the 192.168.1.X subnet or you need to connect the new VLAN on the switch to the firewall port.
0
 
tomdlgnsAuthor Commented:
wow, well in that case, it is probably easier to just create a new LAN instead of a vlan, if i have to mess with the firewall and add a switch...

i must have mis understood the concept of a VLAN.

i was under the impression that i could just plug something into port 3 and have it be under its own vlan.

if i need to create all these new routes and have a new route via the sonicwall, i will just use one of my spare public IPs from the ISP and assign it to the wireless router.

i knew i could always do that, but i figured i could do the same thing with a VLAN with less work.  but that doesn't seem to be the case.

thanks for all of your help.
0
 
Rick_O_ShayCommented:
VLANs are as simple as they sound but since they are by design isolated from each other they need to be on a layer 3 switch, which routes them internally, or you need a ports on an external router to do the routing.
0
 
tomdlgnsAuthor Commented:
i understand.

i suppose a vlan would be the best option in my scenario if i DIDNT have multiple IP addresses from my provider.

0
 
Rick_O_ShayCommented:
That is correct. Or if you were dividing your network up into more than just 2 segments. Or if you wanted everything to go through a single swicth for monitoring traffic, etc.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 10
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now