• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 181
  • Last Modified:

I need to understand guest networks and VLANS

I will try my best to to keep this question simple, however I am a little confused, so bear with me.
Our DHCP scope has run out of IP addresses.
DHCP (on Windows 2008) has been giving out IP addresses to all and sundry.
We have a scope set up for our LAN (192.168.2.x)
We have a scope set up for VOIP (192.168.10.x)
Netgear switches are tagged accordingly.
We have a number of WAPS which allow LAN access to authenticated users and guest/clients access to the Internet.
Our Windows DHCP server has been giving IP addresses from 192.168.2.x to the guest/clients.
My immediate action is to set up a separate scope for these unauthenticated guests/clients so that they get andifferent IP from the authenticated LAN users and just get access to the Internet.
On the WAPS, you can define the VLAN ID.
I am assuming that I can't define the VLAN on the switch because these WAPS also serve LAN users.
I note that there is nowhere in DHCP to define VLANS.
Example: When somebody attaches to the guest/client network with their phone, after entering the key, they can access the internet. Q: If I define this connection as VLAN ID 4 - how is this routed to my firewall and how can I make sure that VLAN4 gets its IP addresses from a specific scope i.e. not the LAN scope?

Lets start with that and see if I can get some direction.

Many thanks in advance!
0
fuzzyfreak
Asked:
fuzzyfreak
  • 2
  • 2
1 Solution
 
Don JohnstonInstructorCommented:
If I understand your question correctly...

Assuming that you have defined the scopes on your DHCP server.  And there is a router (or firewall or layer-3 switch) which is performing inter-VLAN routing. And you have an IP helper configured on the router's interfaces.

When the client sends a DHCP request, the router will forward that to the DHCP server.  The source address (on the forwarded packet) will reflect the network which the request came from.  When the DHCP server receives the request, it will see the network the request came from and offer an IP address on that network.
0
 
fuzzyfreakAuthor Commented:
Thanks for your explanation.  Let me try to understand -

A router performing inter-VLAN routing - how can I figure out what is doing this?  I suspect it is either my switches or my firewall.
The source address will reflect the network - I don't understand how if it is simply tagged with a VLAN id - how does DHCP know?
0
 
Don JohnstonInstructorCommented:
A router performing inter-VLAN routing - how can I figure out what is doing this?  I suspect it is either my switches or my firewall.
Whatever the default gateway for any of your networks are.  That's what is doing the inter-VLAN routing.
The source address will reflect the network - I don't understand how if it is simply tagged with a VLAN id - how does DHCP know?
The router (or whatever device is doing the inter-VLAN routing), will put the source network as the source address of the DHCP request. That way the DHCP server knows what network the request came from and will offer an address on that network.
0
 
fuzzyfreakAuthor Commented:
Thank you very much for your answer, this has helped me immensely.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now