Connect to wireless vlan with the ip of a different subnet
I have 4 vlans, 3 of the vlans have ssids on our wireless access points. the 1 that is not is basically management.
all of the student laptops connect wireless to the student vlan. These laptops also have a wireless printer they print to. I would like to somehow connect the printer to wireless vlan students yet have a default vlan ip address without showing the world our default vlan.
Can this be done?
all of the student laptops connect wireless to the student vlan. These laptops also have a wireless printer they print to. I would like to somehow connect the printer to wireless vlan students yet have a default vlan ip address without showing the world our default vlan.
Can this be done?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Manuel Flores
I think it is possible if your access point has some firewall capabilities... as from vLan1 to vLan2 IP:x.x.x.x. allow all
ASKER
we do have a watchguard firewall that the vlans are set up on.
ASKER
to be clear, i want to connect to the student wireless signal, so i would be on the student vlan, but give the printer an ip of a different vlan.
So, definitively the configuration is possible... just use firewall rules to allow the correct traffic to that printer.
for example;
FROM: StudentVLAN
IP: ALL
Port/Protocol: ALL (we could restrict more here)
TO: DefaultVLAN
IP: (printer IP)
ALLOW
FROM: StudentVLAN
IP: ALL
Port/Protocol: ALL (we could restrict more here)
TO: DefaultVLAN
IP: (printer IP)
ALLOW
ASKER
so i can be connected to 1 vlan with the ip of a different vlan. when the printer askes what vlan i want to connect to, i select student. then give it a different ip
ASKER
what kind of proxy or packet filter would i use
If everything is connected; laptops, printers, etc... and working in its own vlans properly, you don't need to reconfigure nothing, just give (ALLOW) access from one network (vlan) to another one using firewall rules. The watchguard will take care of IP's and network translations.
By now, to see if the rule works, don't filter any protocol/port... once it work then you could configure to filter exactly the protocols needed...
Print servers may support a variety of standar or proprietary printing protocols including Internet Printing Protocol, Line Printer Daemon protocol, NetWare, NetBIOS/NetBEUI, or JetDirect.
Print servers may support a variety of standar or proprietary printing protocols including Internet Printing Protocol, Line Printer Daemon protocol, NetWare, NetBIOS/NetBEUI, or JetDirect.
ASKER
Just to be clear, i have a wireless printer that is connected wirelessly to student vlan, 192.168.20.5 - 254 but the printer has a static ip address, 191.168.0.21 of a different vlan/subnet. can anyone verify that this will or not work?
No, it won't work. The network has different addressing. To work that must change the printer IP to 192.168.20.x.
Under my point of view you have two main options;
1. Let he printer connected to vlan 192.168.20.x and change its IP.
2. Let the printer to its original network (where it is working now), and using firewall rules allow transit data traffic from vlan 192.168.20.x to 191(?).168.0.21.
..MFlores..
1. Let he printer connected to vlan 192.168.20.x and change its IP.
2. Let the printer to its original network (where it is working now), and using firewall rules allow transit data traffic from vlan 192.168.20.x to 191(?).168.0.21.
..MFlores..
ASKER
i think the problem is that we dont have an ssid, wireless signal for the default lan, 191.168.0.
ASKER
it will not work
Best answer chosen.