Wired Intelligent Edge

 View Only

  • 1.  VLAN Question with Sonicwall Sonicpoints

    Posted Mar 17, 2013 11:27 PM

    Hi All,

     

    I am having an issue with some ProCurve 2510G switches and a Sonicwall with SonicPoint radios / AP's.

    I have a bunch of VLAN's configured for wired networks and all is working great except...

     

    I have a sonicwall physical port (x5) configured for their WLAN zone and it has four sub-interfaces configured

    as vlan's for the  virtual AP networks. The phys port x5 and the AP's all connect to the ProCurve ports that are marked

    as untagged in their respective vlan (WLAN on the procure)

     

    I am running with GVRP off and using port based vlans.

     

    The AP's see the sonicwall just fine but the clients are unable to receive DHCP from the internal sonicwall DHCP server for their zone. If I directly connect the sonicwall to the AP than it works just fine. Packet dumps on the sonicwall show that it never receives the DHCP request so I smell a vlan config issue.

     

    Do I need to configure the sonicwall's vlan ID's on the procure also and then run the WLAN in tagged mode?

    The radios and firewall port are all on the same physical switch.

     

    My understanding is that the untagged should pass ALL traffic regardless of what it came in as (tagged or not).

     

    Any other ideas?

     

    Thanks in advance!

     

    Rumrunner

     

     


    #VLAN


  • 2.  RE: VLAN Question with Sonicwall Sonicpoints

    Posted Mar 18, 2013 05:40 AM

    Hi Rumrunner,

     

    It realy depends on how your APs are configured. Are you statically setting the VLANs on the AP for each WLAN? As an example, I have APs which I use for Business LAN and Guest LAN. Busines LAN connects back to the untagged VLAN on my switches and the Guest VLAN has a statically assigned VID which is tagged on the AP switch port.

     

    Business LAN - VLAN#11

    Guest LAN       - VLAN#12

     

    AP Switch port - VLAN#11 untagged, VLAN#12 tagged.

     

    AP Config - Business LAN - Network default (VLAN#11).

                       - Guest LAN - Static VLAN assigned (VLAN#12).

     

    So as you are using sub-interfaces on your firewall you will need to setup the same VLAN ID on the switch that you want the DHCP to run on and tag the port that the AP is connected to to this VLAN. That should then do the job.

     

    If this doesn't work, please post your switch config and sub-interace config so we can look at it in a bit more detail.

     

     



  • 3.  RE: VLAN Question with Sonicwall Sonicpoints

    Posted Mar 18, 2013 06:56 PM

    Thanks Chrisd,

     

    Each AP has multiple virtual AP's (vlans) and they are defined on the sonicwall's x5 port) and they will pass back through the firewall and its rule base to access any inside services etc. 

     

    I believe you are correct and I will test this in a few weeks (the site is a 2 hour drive away and no qualified on site people to move cables for me ...)  

     

    I will create matching VLAN ID's on the switch and tag them in the switch to match the sonicwall.

     

    Thanks!

     

    Rumrunner



Related Content