Hi HP MSM's mates.
Since a few weeks (or month) we try to add a guest access to our existing wireless configuration :
- MSM730 controlller
- Few AP's connected on the lan port into a specific VLAN on the switche(s) (unttaged)
- Hp PoE switches
- 2 VSC each egressed to a different vlan on internet port :
- First VSC = business > egressed to vlan 2 on the internet port with an ip adress > this internet port connected to a firewall on vlan 2 to connect to the rest of the network
- Second VCS = guest > egressed to vlan 4 on the internet port with an ip adress > internet port connected to the same firewall / routeur on the vlan 4 to connect to map to the internet.
Specials options on the MSM :
- Expand Internet port subnet to the Lan Port
- Dhcp relay on each VSC, redirecting each VSC to 2 different dhcp server. IP adressing works fine.
- Access control enabled on each VSC.
With this configuration we can connect to each VSC an obtain the good IP adress and association.
You can ping controller vlan on the internet port and firewall vlan port.
1- Does this configuration seems to be correct for you?
2- The lan port seems to doing route job beetween the two VLAN (and then between the two VSC). So even if a client of one VSC can't ping a client on the other VSC, I'm suprised to see that a client associated on a VSC can ping the VLAN port of the other VSC. The Vlans dont's seems to be completely isolated.
3- How do you configure the routing table to permit to the two VSC clients to be routed to the good place on the firewall ?
I hope this is not too confusing. I can give additionnal informations on demand. Thanks in advance.
P.S : If I completely mismatch the good configuration could you suggest me the good one? Bye
P.S. This thread has been moved from Communications, Wireless (Legacy ITRC forum) to MSM Series. - Hp Forum Moderator
#msm760#msm#access#VLAN#760#guest#msm730#730