Security

Reply
New Contributor
Posts: 4
Registered: ‎01-29-2014

Very basic HP ProCurve switchport config question, for supporting AP-135 endpoint?

Just looking for a very simple example of how to configure a switchport (HP PRoCurve in this case), where the corporate network will be VLAN1, and the Guest VLAN will be VLAN5.   I understand that VLAN5 will need to be tagged, but I'm just hoping that there's anm Aruba community member whose done HP switchport configs before?   I'm mostly experienced with Cisco, so I'm assuming there are some slight differences between the two?

 

Thanks in advance!

Aruba
Posts: 1,284
Registered: ‎08-29-2007

Re: Very basic HP ProCurve switchport config question, for supporting AP-135 endpoint?

Are you talking about instant or controller based APs?

 

My suggestion would be to have the corp users on their own vlan as well, instead of sharing with infrastructure and wired users.

 

Assuming they are instants, the untagged vlan will be the one you want the APs to get their ip address from, which I guess is vlan 1 in your case.  You then tag the other vlans that are used for the users.


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
Guru Elite
Posts: 8,053
Registered: ‎09-08-2010

Re: Very basic HP ProCurve switchport config question, for supporting AP-135 endpoint?

[ Edited ]

Some differences between Cisco and HP:

   Trunk [HP] = Port-channel

   Trunk [Cisco] = 802.1Q

   You don't apply VLAN configurations to ports, instead you apply port information to the VLANs.

 

Ex: VLANs 1 and 5 [Cisco: Trunked] on port gig 0/1 with VLAN 1 being untagged.

 

vlan 1
   name "CORP"
   untagged 1
   ip address 10.1.10.254 255.255.255.0
   exit
vlan 5
   name "guest"
   tagged 1
   ip address 10.1.20.254 255.255.255.0
   ip helper-address 10.1.10.22
   exit

             You use the tagged and untagged commands to specify the port VLAN configuration.


Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
New Contributor
Posts: 4
Registered: ‎01-29-2014

Re: Very basic HP ProCurve switchport config question, for supporting AP-135 endpoint?

They are all instant APs.  

 

What would the reasoning be for segmenting the WAPs out onto their own VLAN, versus just having them on the same corp vlan as my backbone network devices, if that's the network they would be serving?

Aruba
Posts: 1,284
Registered: ‎08-29-2007

Re: Very basic HP ProCurve switchport config question, for supporting AP-135 endpoint?

It is generally a good idea to keep wired and wireless users separated if possible.


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
New Contributor
Posts: 4
Registered: ‎01-29-2014

Re: Very basic HP ProCurve switchport config question, for supporting AP-135 endpoint?

Just using 'a good idea' doesn't give an real data points as to why it's recommended, especially in a corporate environment with a small (/20 or less) subnet for corporate devices.

 

Is there any data which clearly delineates why wireless and wired users, accessing the same corporate infrastructure, should or shouldn't use the same vlan and IP range?

Guru Elite
Posts: 20,426
Registered: ‎03-29-2007

Re: Very basic HP ProCurve switchport config question, for supporting AP-135 endpoint?

Qs-It,

 

It is mainly because broadcast traffic from wired clients gets replicated at line rate out of the wireless access points of clients on the same VLAN.  Wired clients can send broadcast traffic as fast as they can, but wireless clients back off sending in the face of traffic in the air.  This degrades wireless traffic substantially and creates a very poor experience.  There are many who deploy wireless and wired clients in the same subnet and as wireless adoption increases, people notice a dramatic slowdown and they start opening TAC tickets.  Separating wired and wireless clients allows you to sidestep this issue.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: