Expanding IP addresses
We have a Class C network and are running out of IP addresses. We have multiple switches throughout our company and don't want to incur the expense of upgrading all of them to be VLAN capable. In order to expand our addresses, is it possible to only upgrade one of our switches to a VLAN capable switch and configure it as follows:
1.) The DHCP server is plugged into one of its ports which is configured to be on the default VLAN.
2.) Any other switch plugged into it will be plugged into a port configured to be on the default VLAN.
3.) Any other device (printer, computer, etc.) plugged directly into it will be plugged into a port that is configured to be on a secondary VLAN.
4.) The DHCP server is configured to hand out a different scope of addresses for devices on the secondary VLAN.
5.) The switch is configured so the VLAN's can communicate with each other.
Again, if all we need to do is expand out addresses, is it necessary that any of the other switches are VLAN capable? Does anyone have a alternate, perhaps simpler way of expanding the addresses? We could convert to a Class A or B network. Please advise, and thanks in advance.
1.) The DHCP server is plugged into one of its ports which is configured to be on the default VLAN.
2.) Any other switch plugged into it will be plugged into a port configured to be on the default VLAN.
3.) Any other device (printer, computer, etc.) plugged directly into it will be plugged into a port that is configured to be on a secondary VLAN.
4.) The DHCP server is configured to hand out a different scope of addresses for devices on the secondary VLAN.
5.) The switch is configured so the VLAN's can communicate with each other.
Again, if all we need to do is expand out addresses, is it necessary that any of the other switches are VLAN capable? Does anyone have a alternate, perhaps simpler way of expanding the addresses? We could convert to a Class A or B network. Please advise, and thanks in advance.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security Officer
Just a follow on comment on the VLANs, you can use those to segregate your traffic depending on your needs.
ASKER
We do have guest internet access. Right now there's a wireless router for guest access connected directly to the same cable modem that our security appliance is connected to so there's no way of it seeing our LAN, however we want to install more access points for guest access. If we installed more access points for guest access to the internet only (i.e. no access to our LAN), would we need to have a VLAN to accommodate that? Also, is 510 hosts too many to have on one network segment? Would one VLAN with 254 hosts + another VLAN with 254 hosts perform better?
I can think of a scenario that would work... what type of access points and switches so you have? And security device?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
If we add more access points for both guest access and for LAN access and continue to keep the guest network physically separate from our LAN network, wouldn't we have to have two access points wherever there's an access point, one for LAN and one for guest access, along with having to run two Ethernet cables?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We have a Fortigate 101E Security appliance, a PowerConnect 6248 switch, a PowerConnect 5448 switch, a Netgear R6200 wireless router, and another managed switch that I don't know the model number of unless I take a scissor lift to the ceiling of the production floor, and several unmanaged switches.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
In order create a separate VLAN for guest access: If we have a "VLAN Capable" Access Point connected to a "VLAN Capable" switch (SWITCH 1) connected to another "VLAN Capable" switch (SWITCH 2) connected to our firewall, it shouldn't matter if any of the other switches/equipment are "VLAN Capable", correct? For example, suppose a Switch (SWITCH 3) was connected to SWITCH 2 but wasn't "VLAN Capable". It wouldn't matter because it's not connected in-line between the access point and the firewall, correct?
Also, a consultant is recommending that we get Dell N2048 switches even though they're almost $4,000 each. Yet a friend of mine said he uses a VLAN capable switch that only costs $600 and it works great. What benefits does a N2048 have that makes it worth the extra money? Is it really necessary to spend that much on a switch?
Also, a consultant is recommending that we get Dell N2048 switches even though they're almost $4,000 each. Yet a friend of mine said he uses a VLAN capable switch that only costs $600 and it works great. What benefits does a N2048 have that makes it worth the extra money? Is it really necessary to spend that much on a switch?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone for the comments. As Steve said, this post expanded to a lot of different topics. I'll analyze the situation and ask more specific questions in the future pertaining to either super netting or implementing VLAN's.
ASKER
Thank you everyone for your comments.