Setting up VLANs
-
At the moment Wireless access point is bridged to WAN. Would I have to connect that to OPT3 on the Firebox or create a seperate VLAN?.
Sleeps
-
it depends what you want to achieve with it.
you can also add it to switch with some vlan portconfiguration, from the switchport of that access point. and it's sharing that vlan over wifi.
but if you like manage that, you should change ip-address to that device(manual ip-address)And it also depends what is your accesspoint, that how it handles the vlans. is it Cisco aironet or some buffalo air-station. Cisco handles very well vlans but it's not the case with buffalo.
One primary thing in networking is to know what you want to achieve, then you design and implement it. And when you design, you'll have to think also that what happens in failureconditions, who is going to change devices and what kind of devices.
example of our customers: they have over 500+ computers and 50+ servers and everything is in same vlan. they also also have different departments, but everything is at default vlan, because if switch is going to break down middle of the night, any instrumentmanager can change that device without knowing configs or vlan settings from those ports.
-
I understand that you have to design and then then implement. This is so new to me and don't really understand but willing to learn also because I'm not using the system it makes it difficult. Later this afternoon I will get my hands dirty and hopefully make a little more sense.
I'm using a Tenda router with dual SSID and want to set it up so that all wireless equipment have access to the Internet. I have order a minipci card (which is going to take 2 weeks to arrive) for the firebox so will use this to replace the router.
Sleeps
-
start from basic configuration, check that it works. add some features(if it's not working simplify your config), check what was the problem and add the features..
if you're going to use wlan(ssid)/vlan in that tenda, you'll have to check how that support vlans in switch side of it, and does your switch also allow same kind of trunking usually IEEE802.1Q is used, but some manufacturers is using their propietrary versions.
-
Yes IEEE802.1Q is supported by the switch. I will give it a go once I finish work. thanks
Sleeps
-
Don't forget next thing. Usually devices with webgui supports gui to be working with native(default) vlan, so you'll have to check that you add also native vlan in that box. and from the switch side, dont tag that traffic.
native vlan traffic is always send without vlan tag.
-
You don't HAVE to use vlan1… If you only want 2 vlans you can just use vlan10 and vlan20. Just make sure you set all your switchports to access the vlan's you want.
I'm reading Metu's stuff... Are you trying to have two physical lans with one split by VLAN's?? I thought you just wanted one LAN with multiple VLAN's.
-
That's correct I want one LAN with multiple VLAN's. However I'm having serious problems with the switch (TL SG1209) been reading the PfSense Guide and having problems creating a trunk port. (In the manual it says Each Trunk should contain 2 to 4 ports. Trunk 1 = 1234 Trunk 2 = 5678) Only want to create 1 trunk and its not possible.
Any advice - driving me crazy.
Sleeps
-
Might help http://pfsense.site88.net/mysetup/switch/HP1800-8G_vlan_setup.htm
-
You only need one trunk per switch.. A trunk just carries information from multiple VLAN's accross it.
I work with Cisco gear.. So I don't know exactly on yours.
But for Cisco…
int e0/0
switchport mode trunk
switchport mode trunk encap dot1qAnd that port is now trunking whatever VLAN's you have created on it... You can get a lot more advanced than that. But you basically set the port into trunk mode... give it an encap mode. And you have a basic trunk.
If you only have 1 vlan there's nothing to trunk...
So you need a minimum of 2 for a trunk to have a point. -
@Keith: I didn't mention that vlan1 should be used, I only mentioned that default vlan might be "must to use"-list. As Procurves allow to change default vlan to someone else..
-
Might help http://pfsense.site88.net/mysetup/switch/HP1800-8G_vlan_setup.htm
Much appreciated. Looks simple and it was nearly the same sample (different switch) as in the book.
Sleeps
-
Created VLAN 10 and 20 (No trunk ports). Using port 8 on the switch to connect to the Firebox but not getting an IP address via DHCP. I have looked through the config and can't see anything wrong on the Firebox. Not sure what I'm doing wrong.
Sleeps
-
That port 8 what is connected to pfsense needs to be trunk
trunk means that it allows multiple vlans go in it, those cannot mixup, so thats why you have atleast OSI Layer 3 device to connect two vlans, in this case it's Pfsense.
IN SHORT: switch port 8 trunk and both vlans in it
-
I understand now will give it a go, thanks
Sleeps
-
Just tried creating the trunks and the following msg is appearing.
Trunk member must Be in same Vlan and egress must be same each other. Error exists in entry 1.
Trunk 1 = 1234 Trunk 2 = 5678) Vlan 10 = port 2 and 3 Vlan 20 = 4 and 5
Checked the ports.
I'm totally lost now.
Sleeps
-
Is it possible to have only one trunk?
but try this: switchport#1: trunk with vlan 10, vlan 20
switchport#2: access vlan 10
switchport#3: access vlan 20Just don't setup more, test if it works, maybe your switch needs 2 trunk ports, 1st and 2nd half of interfaces
-
Natu69salemi
Can only create 2 trunk ports and it's configured through Gui. Can I start from scratch and send you
screenshots. Will pay for your time. Let me know.Sleeps
-
Send me images, but if you're willing to pay something to someone, plz consider to donate to this project
-
Thanks for agreeing to do this. I will definitely donate some money to this project.
Sleeps