Solved

I need to understand guest networks and VLANS

Posted on 2015-01-23
4
149 Views
Last Modified: 2015-01-29
I will try my best to to keep this question simple, however I am a little confused, so bear with me.
Our DHCP scope has run out of IP addresses.
DHCP (on Windows 2008) has been giving out IP addresses to all and sundry.
We have a scope set up for our LAN (192.168.2.x)
We have a scope set up for VOIP (192.168.10.x)
Netgear switches are tagged accordingly.
We have a number of WAPS which allow LAN access to authenticated users and guest/clients access to the Internet.
Our Windows DHCP server has been giving IP addresses from 192.168.2.x to the guest/clients.
My immediate action is to set up a separate scope for these unauthenticated guests/clients so that they get andifferent IP from the authenticated LAN users and just get access to the Internet.
On the WAPS, you can define the VLAN ID.
I am assuming that I can't define the VLAN on the switch because these WAPS also serve LAN users.
I note that there is nowhere in DHCP to define VLANS.
Example: When somebody attaches to the guest/client network with their phone, after entering the key, they can access the internet. Q: If I define this connection as VLAN ID 4 - how is this routed to my firewall and how can I make sure that VLAN4 gets its IP addresses from a specific scope i.e. not the LAN scope?

Lets start with that and see if I can get some direction.

Many thanks in advance!
0
Comment
Question by:fuzzyfreak
  • 2
  • 2
4 Comments
 
LVL 50

Accepted Solution

by:
Don Johnston earned 500 total points
ID: 40566225
If I understand your question correctly...

Assuming that you have defined the scopes on your DHCP server.  And there is a router (or firewall or layer-3 switch) which is performing inter-VLAN routing. And you have an IP helper configured on the router's interfaces.

When the client sends a DHCP request, the router will forward that to the DHCP server.  The source address (on the forwarded packet) will reflect the network which the request came from.  When the DHCP server receives the request, it will see the network the request came from and offer an IP address on that network.
0
 
LVL 4

Author Comment

by:fuzzyfreak
ID: 40566333
Thanks for your explanation.  Let me try to understand -

A router performing inter-VLAN routing - how can I figure out what is doing this?  I suspect it is either my switches or my firewall.
The source address will reflect the network - I don't understand how if it is simply tagged with a VLAN id - how does DHCP know?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40566349
A router performing inter-VLAN routing - how can I figure out what is doing this?  I suspect it is either my switches or my firewall.
Whatever the default gateway for any of your networks are.  That's what is doing the inter-VLAN routing.
The source address will reflect the network - I don't understand how if it is simply tagged with a VLAN id - how does DHCP know?
The router (or whatever device is doing the inter-VLAN routing), will put the source network as the source address of the DHCP request. That way the DHCP server knows what network the request came from and will offer an address on that network.
0
 
LVL 4

Author Comment

by:fuzzyfreak
ID: 40577267
Thank you very much for your answer, this has helped me immensely.
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question