09-10-2012 04:22 AM
I am having a little bit of a problem with 2x AP-105s and the port configs on a HP 5400zl switch and I was hoping that there maybe someone out there who can point me in the right direction.
One of the AP-105s is being currently utilised as a virtual controller and we have a corporate WLAN and a gues WLAN.
I have setup the guest WLAN to use VLAN 4 (which is out visitor LAN), but it will not receive an IP address from the firewall which provides the DHCP service for the visitor LAN.
I have the switch port that the VC is connected to tagged for VLAN 4 and untagged for VLAN 10 (corporate VLAN), the corporate LAN works fine. Now I know that DHCP requests will always go out on the untagged port in HP's world so I can sort of understand why it is not getting an IP address, but I am not sure how I fix it. Do I need to provide specific vendor options in our corporate LAN to tell the WLAN cients to connect to VLAN4? or do I need to use a dhcp helper-address on VLAN4? or none of the above! :)
It's driving me a littel mad!! It works fine in the Cisco/Nortel world with both VLANS tagged on the VC port, but now HP switches are involved there is probably one simple config change I need to do to get it working.
Just for the record, If I untag VLAN4 on the switch port it works, thus confirming the DHCP requests going out on the untagged VLAN.
Any help would be much appreciated.
Thanks in advance.
09-11-2012 11:20 AM
We use HP gear and I have attempted this same procedure. There are a few things that you should check as you need continuity on vlan 4. First off from the firewall, does the firewall have an interface using a vlan tag of 4? Then the port that the firewall plugs into on the switch needs to be tagged with vlan 4 as well. I see that you have the Guest wlan set up on vlan 4 and I assume that is in the vap profile.
One possible issue that you have is maybe the AP profile isn't setup so that the AP's ethernet port is set in trunk mode (that's under All Profiles > AP > Wired AP profile, on our controller which is an Aruba 651.
Basically if your client gets put on vlan 4 by the VAP profile then it will send a broadcast on that vlan for dhcp so you don't need a helper address if the firewall is also tagged on that vlan with dhcp enabled. Hope this helps and makes sense.