04-28-2014 05:35 AM
Due to some problems, with a 3th party firewall-ish device (that also acts as a DHCP-server), we are thinking about removing it from the network in one of our sites.
In that site (SDW) we have 2 ssid's in the air: a corporate and a public ssid. The corporate SSID works fine, no worries there. This is about the public SSID.
The VLAN requirements that are made:
- 1 VLAN for the internet: 247 (physically between the Telenet router and the core), this provides ONE public address
- 1 VLAN for wifi infrastructure: 671 (acces points, controller)
- 1 VLAN for DHCP: 1832 (clients will get an IP in this VLAN)
Everything is configured like the drawing in attachment:
- The DHCP interface on the controller receives an IP
- When a client connects on the Public SSID, he receives a correct IP address
But now we have 2 problems:
- The moment something changes, I can't exactly say what, but I suspect bringing an access point online or a client that connects to an SSID, the controller becomes unreachable (management IP) on the LAN until I unplug the internet cable from the local controller (and then put it back). However, when it's unreachable on the LAN, it still is reachable on the management IP when connected to the public SSID.
- Clients on the public SSID are able to ping all the local controller IP's, but nothing further. ==> default gateway problem
Below is the route (show ip route) that came with the public internet connection
C 192.168.0.0/24 is directly connected, VLAN247
When I created vlan 1812 (dhcp range for the clients), I activated Enable source NAT for this VLAN, Enable Inter-VLAN Routing and Enable BCMC Optimization
Does someone know how to resolve these problems?
Is it possible to configure a default gateway per vlan?
Is it possible to completely seperate the public traffic from the corporate traffic on the local controller? As stated before: all IP's on the local controller are pingable. This includes the managemant IP.
Thanks in advance!