My company sublets a number of offices to other companies. Thus I am looking for a way to separate individual offices in an office suite so that each office is unable to locate the devices (PC, Printers, etc) in adjoining offices for obvious security purposes. We also have a public wireless network that I need to separate from all of this, as we and clients regularly have outside vendors in for meetings.
Current switches HP Procurve 2600 series layer 2 POE switches. Our firewall is providing DNS / DHCP with a tunnel created for corporate use to our datacenter at a collocation site. I am testing my concepts / design here prior to attempting to implement for obvious reasons of saving time and headaches if my thoughts / design will not work properly.
I can use VLAN's to accomplish this task. VLAN 1 (10.0.x/24 subnet) all other VLANS utilize 192.168.1.x/24 subnet. IP phones are all internet based so no need for a voice VLAN.
Ports 49 & 50 on all switches (3 in all) creating a tagged trunk linking all together and to the firewall for client access.
Switch 1 (first 32 ports VLAN 1 - untagged port 1 links back to firewall for firewall access)
Switch 1 (ports 33 through 38 VLAN 2 Public Wireless - untagged - port 49 / 50 tagged)
Switch 1 (ports 39 & 40 VLAN 3 Printing available to all VLANS except VLAN 1 - tagged all VLANS except VLAN 1 set to NO)
After this each set of 4 ports on a switch coorespond to an office. e.g.,
Switch 1 ports 41-44 office 10 VLAN 10 untagged - tagged ports 49, 50 - NO all other ports
Switch 1 ports 45-48 office 11 VLAN 11 untagged - tagged ports 49, 50 - NO all other ports
Switches 2 & 3 to follow same pattern so that all 26 of our client offices are separated.
Question 1 - am I on the right track?
Question 2 - is there a better, easier, more simple way of accomplishing this?
I am also hoping to procure layer 3 switches within a few months. Should I wait for that or proceed?
Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.
In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg).
If you're interested in additional methods for monitoring bandwidt…