Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 111
  • Last Modified:

Correct port settings for separate WiFi VLAN

Our school’s network has always had just one subnet for everything. Now, we want to isolate WiFi.  Thanks to help from user SIM50 on a previous Xperts-exchange question, I’ve done this with one WAP, connected to a switch which is in turn connected to our Sonicwall router as follows:

diagram2.jpeg
VLAN1:192.168.1.1 (LAN)
VLAN100:192.168.0.1 (WiFi)

In the above, the first WAP is working, but I haven’t extended VLAN100 beyond that switch.  I now need to replicate these settings to the above “Room 36” switch, but I believe there are VLAN settings I need to assign to the pre-existing trunks (fibre) between those two rooms (and the comms room switch in the middle so, Room 39 switch -> Comms room (fibre) -> Room 36 switch).

Working on what I learned from the previous question, I guessed I needed to create the same VLAN on the other two switches, make the trunk ports “tagged” for that VLAN and then replicate the port settings for the working WAP to the port for the second WAP.  SIM50 also said I needed to make sure VLAN100 was allowed through the trunk, but aside from adding the ports to the VLAN, I wasn’t sure what he meant. So I gave it a shot yesterday and I’m not sure how (possible mistake), but I managed to remove all administrative access to all three switches! (the SG200s don’t have admin ports).  After reconfiguration, I’m back where I started (first WAP still working).

This is what I think should work:

 settings.jpg
So, I’m looking for some pointers as to where to go from here.
0
mark_D74
Asked:
mark_D74
1 Solution
 
SIM50Commented:
1. Create VLAN 100 on all switches.
2. Port 49 on 192.168.1.96, port 1 and 2 on 192.168.1.201, port 49 on 192.168.1.31 should be configured as trunks. I think it is the default config on the SG switch series. Verify by going to VLAN Management -> port vlan membership. You should see 100T in Administrative VLANs tab. If not there, click on Join VLAN on the bottom and add VLAN 100.
3. Add port 5 on 192.168.1.31 to VLAN 100 as access.
1
 
mark_D74Author Commented:
Worked perfectly
0

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now