I need to understand guest networks and VLANS
Posted on 2015-01-23
I will try my best to to keep this question simple, however I am a little confused, so bear with me.
Our DHCP scope has run out of IP addresses.
DHCP (on Windows 2008) has been giving out IP addresses to all and sundry.
We have a scope set up for our LAN (192.168.2.x)
We have a scope set up for VOIP (192.168.10.x)
Netgear switches are tagged accordingly.
We have a number of WAPS which allow LAN access to authenticated users and guest/clients access to the Internet.
Our Windows DHCP server has been giving IP addresses from 192.168.2.x to the guest/clients.
My immediate action is to set up a separate scope for these unauthenticated guests/clients so that they get andifferent IP from the authenticated LAN users and just get access to the Internet.
On the WAPS, you can define the VLAN ID.
I am assuming that I can't define the VLAN on the switch because these WAPS also serve LAN users.
I note that there is nowhere in DHCP to define VLANS.
Example: When somebody attaches to the guest/client network with their phone, after entering the key, they can access the internet. Q: If I define this connection as VLAN ID 4 - how is this routed to my firewall and how can I make sure that VLAN4 gets its IP addresses from a specific scope i.e. not the LAN scope?
Lets start with that and see if I can get some direction.
Many thanks in advance!