Hello,
i have to start to say that my wired network (network A) use default vlan (vlan 1).
I made a vlan (vlan 71) for guests since they are not going to be in vlan 1.
I'm currently facing a problem : some of my iap (205 and 305) will be in public zone and i'm afraid some people could use these ethernet cables to gain access to my network.
On my switch (HP), i have tagged vlan 1 on these ports.
When i use a laptop directly to the ethernet port to test, all is OK (understand that i don't get an ip address and if i set one manually, i can't access network either)
I know this can be defeated because you can tag packets.
iap are configured with IP address in network A.
1/ iap doesn't respond to ping
I made a dummy vlan (vlan 60) and i untagged this vlan on ports connected to iap
Now i can ping iap and access GUI.
Unfortunately, my network A is routed and from network B, i can't ping iap or access GUI.
Could i have some help on this ?
2/ maybe i'm just doing this wrong and you think i should make things differently.
Tell me.
Thanks.