Controllerless Networks

last person joined: 2 days ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

IAP configuration best practice

This thread has been viewed 7 times

  • 1.  IAP configuration best practice

    Posted Aug 24, 2017 03:19 PM
    Hi All.

    I Am setting up 8 IAP 205 on a network.

    Wired is simple: 192.168.0.xx with a cisco router on .254 ( default GW and dhcp vlan1)

    Going to install one new switch and VLan implementation

    So, in this phase something like this:

    Publicate Vlans on switch:

    Vlan 10 Ap's+ MGMT switch ( static IP on Ap's and interface vlan 20 10.10.10.254)

    Vlan 20 needs also interface IP?

    Vlan 1 existing wired.

    Default gW is the router 192.168.0.254

    One ssid on Vlan 20, dhcp internal on aruba Virtual controller (10.10.20.xx).
    Requisite is 10.10.20.xx not to see 192.168.0.1 ( by a ruleset i suppose)

    Router is going to connect to the switch.

    How can I have the wlan clients to go internet?
    Since the switch has ports for Ap's on vlan 10 and wired on Vlan 1 , do i need to trunk the port where the provider router (dhcp for vlan 1) connects?
    VC default gateway is the router correct?

    Thanks


  • 2.  RE: IAP configuration best practice

    EMPLOYEE
    Posted Aug 24, 2017 04:43 PM
    @beconnect wrote:
    Hi All.

    I Am setting up 8 IAP 205 on a network.

    Wired is simple: 192.168.0.xx with a cisco router on .254 ( default GW and dhcp vlan1)

    Going to install one new switch and VLan implementation

    So, in this phase something like this:

    Publicate Vlans on switch:

    Vlan 10 Ap's+ MGMT switch ( static IP on Ap's and interface vlan 20 10.10.10.254)

    Vlan 20 needs also interface IP? [NO]


    Vlan 1 existing wired.

    Default gW is the router 192.168.0.254

    One ssid on Vlan 20, dhcp internal on aruba Virtual controller (10.10.20.xx).  [You have to make the VLAN Virtual-Controller Assigned.  All traffic will be natted out of the ip address of the primary virtual controller as a result]
    Requisite is 10.10.20.xx not to see 192.168.0.1 ( by a ruleset i suppose) [Yes, use a rule to block that traffic]

    Router is going to connect to the switch.

    How can I have the wlan clients to go internet?
    Since the switch has ports for Ap's on vlan 10 and wired on Vlan 1 , do i need to trunk the port where the provider router (dhcp for vlan 1) connects?
    VC default gateway is the router correct?
    [If the clients are on a VLAN that is Virtual Controller Assigned, all user traffic is natted out of the ip address of the primary virtual controller.  As long as the ip address of the virtual controller can get to the internet, those clients will be able to]
    Thanks

     



  • 3.  RE: IAP configuration best practice

    Posted Aug 24, 2017 05:39 PM
    Thanks for the help and clarification. I assume that what I need is some routing concerns on the switch layer 3 . Because vlan 10 needs to have an interface like 10.10.10.254 to be able to comunicate with router 192.168.0.254, connected also in same switch but on vlan 1. So for vlan 10 of AP's to go the internet i need vlan routing no?

    Regards


  • 4.  RE: IAP configuration best practice

    EMPLOYEE
    Posted Aug 24, 2017 10:02 PM

    yes



  • 5.  RE: IAP configuration best practice

    Posted Aug 25, 2017 03:45 AM
    Ok. Will test that. Also the port on the switch that connects to the router will need trunk allowing both vlans correct?


  • 6.  RE: IAP configuration best practice

    EMPLOYEE
    Posted Aug 25, 2017 03:48 AM

    Yes.



  • 7.  RE: IAP configuration best practice

    Posted Aug 25, 2017 03:45 AM
    Ok. Will test that. Also the port on the switch that connects to the router will need trunk allowing both vlans correct?