VLANS for COMPUTER, stupid network engineering.

So, I worked on computers for more years than I care to count, and parts, I was able to avoid. Unfortunately, these areas usually pop up with a minimum of time to understand how to manipulate (such as the implementation of a server Linux Squid 10 years ago... that was fun... or not). This time, I have a little time to sort out, but can't seem to grasp what I do, I'm looking to hold your hand a little.

I recently discovered that "Wireless Isolation" does not mean "Isolation", despite what the folks at "www.wirelessisolation.com". Hey, it's on the Internet, so there I must be true, right? Well, my client didn't was not amused either. What I have is a Cisco RVS4000 router and an Access Point WAP200 in place (separated by a * switch brand, that shouldn't be a problem, because I can connect wirelessly directly to a port on the RVS). What this post means, I want to have 2 wireless networks, one used by office staff and allowing full access to the Internet and the devices wired and a second network available for the 'guests' coming into the office, which only allows access to the Internet, and without access to internal devices at all.

I get that I need to configure two different SSID (check) on the WAP and you had to disable the routing inter - vlan on the RVS, but I get to halfway through the discussion of the VLAN port 1 and port 2 and running on something by saying "do not use VLAN 1, as it is reserved for the trunk", or something in that sense and then the difference between the tag unidentified, trunk gets all warped upward, and before I know it, I'm climbing the trunk of the tree outside my window, trying to rip the tag out of my shirt.

So, I would be very happy to anyone help pointing me to the right path and then taking me by the hand and pointing out the sights on the way to my destination, pretty please :). Thanks for the help!

Ok. In this case, you should not configure anything in a perspective VLAN in the Internet port dedicated like this must be isolated from the internal switch.

So if we were to look at from a perspective of Layer 3, you might see it this way:

1 network - Internet (a.a.a.a/a)

Network 2 - internal users (b.b.b.b/b)

Network 3 - comments users (c.c.c.c/c)

---------------------------------------------------

For layer 2, you could look at it this way:

Network 1 - port Ethernet dedicated on RVS only.

Network 2 - vlan100

Network 3 - vlan 200

---------------------------------------------------

For layer1, you could look at it this way:

Network 1 - copper

2 - copper and wireless network

3 - wireless network

Now, network 1 is your Internet connection, it gets its IP from your ISP info. Then network 2 has a range of IP addresses that you assigned. This has been the vlan 1 but will soon become vlan100. Therefore, you must provide a range of IP addresses for network 3. Given that both of these networks will be set to Layer 3 on the RVS, you can block network 2 to 3 network and vice versa for safety. Finally, these two ranges of network must use the course on the Internet. Since there is no vlan200 on brand x switch, the only port that need any marking is port 2 on the SVR where the WAP will connect on. The WAP ethernet interface must also be tag vlan 100 and vlan 200 for users and comments traffic can pass through the single hole. Internal IP interfaces on the RVS manages the routing of the Internet.

Tags: Cisco Support

Similar Questions

  • Computer for the connectiion network settings

    I have a problem with my laptop to connect to the internet. When I go to connect to a network, my home network have a red X on it and the message says that "settings saved on the computer for the network do not match the requirements of the network. I think that someone clicked on something here while trying to connect to a network. How can I fix it? Thank you

    Hello NETTE101002,

    To add to what Al Jarvi said, I suggest that you turn off any wireless security feature. Please, click on start-> Control Panel, double-click network connections, right-click on the wireless adapter and select Properties. From there choose wireless networks, click the name of your wireless network and choose Properties. Under network authentication, select open to disable wireless security. Please try to connect.

    If the problem persists, I suggest that you remove the connection and re-create the wireless network connections. The following Web site can help you on the creation of the wireless connection.

    Here is an article that will give you steps on how to create a network connection:

    http://TechNet.Microsoft.com/en-us/library/bb878035.aspx

    Alternatively, you can try to reset the settings of the default router. You must contact the manufacturer of the router to do this.

    You can also check the links in the following article:

    Set up a security key for a wireless network:
    http://windowshelp.Microsoft.com/Windows/en-us/help/044ee3ed-AB72-48c7-9515-95d56f925fcb1033.mspx

    What are the different wireless network security methods?
    http://windowshelp.Microsoft.com/Windows/en-us/help/b385cc8a-AF25-489e-a82e-decf6df26b681033.mspx#EZB

    Set up a wireless network:

    http://windowshelp.Microsoft.com/Windows/en-us/help/297fa2dc-B20B-4327-B673-707a968c86801033.mspx#EK

    If it does not work.

    Remove the driver for the card
    ========================

    1. click on start. In the start search box type "devmgmt.msc", and then press ENTER.
    2. expand "Network adapters", double-click the entry for the wireless network device.
    3. click on the "Driver" tab, click "Uninstall".
    4. click on start. In the start search box type "appwiz.cpl", and then press ENTER.
    5 remove the entries related to the wireless network adapter.

    Reinstall the driver with your driver CD. After installation, create the connection.

    Try these steps and let us know if it works.
    Thank you

    Irfan H, Engineer Support Microsoft Answers. Visit our Microsoft answers feedback Forum and let us know what you think.

  • Why must id VLAN unique for each external network?

    Sometimes we have several public networks with the same VLAN, but in this case, we could not add them as external network to vCloud Director, he complains that the VLAN ID has been used, then assign a VLAN ID for each public network. Could someone explain to me why a unique id of VLAN is needed here?

    Thank you!

    If they are the same vLAN on the same Switch, they are actually exactly the same from the point of view of the vCloud Director.

    The alternative is to see if the superposition of external networks allows it works (Admin > General).

  • System froze for a minute while searching for a missing network drive

    When, for example, browse the files in the Windows Explorer home & network is disconnected, the system tends to freeze for half a minute, as it is waiting for the sharing network address. No processes are active in the Manager of tasks (idling only), but the computer is devoid. This happens on any PC, computers cell phones not only. Does anyone know how to get rid of this behavior, or at least to shorten the waiting period?
    There is a solution to disconnect network drives, but I would like to find something more simple.

    Hello

    Looks like you have mapped some network drives to your operating system.
    I think if you're looking for files or something like that OS trying to get permission to search or enter the network drives.
    But if the network is disconnected from the operating system takes several times to see that.

    I put t know if there is a solution for these issues. But try to google for more details. Maybe you about success. Please report if you find useful information

    Good luck

  • Where and how can I increase the distance for my wireless network?

    My router for my wireless network is in the family room.  I'm sitting in the living room and have only 2 bars at the moment.  Most of the time, I can't get a connection.  How can I increase the distance and how can I make sure?

    Hello

    What version of the Windows operating system is installed on your computer?

    I suggest you to refer to the following Microsoft article and check if it helps.

    10 tips to help improve your wireless network:

    http://www.Microsoft.com/athome/Setup/wirelesstips.aspx

    Hope the information is useful.

  • my pc will not connect to wireless internet... It is said there could be a problem with the driver for the wireless network connection card

    connection network card

    my pc will not connect to wireless internet... It is said there could be a problem with the driver for the wireless network connection card... I'm not sure how to solve the problem of the dat

    Hello

    Did you change your computer?

    I suggest you to follow the links and check out them.

    The problems of Internet connection

    http://Windows.Microsoft.com/en-us/Windows-Vista/troubleshoot-Internet-connection-problems

    Solve problems, find wireless networks

    http://Windows.Microsoft.com/en-us/Windows-Vista/troubleshoot-problems-finding-wireless-networks

    Windows wireless and wired network connection problems

    http://Windows.Microsoft.com/en-us/Windows/help/wired-and-wireless-network-connection-problems-in-Windows

    Tips for solving common driver problems

    http://Windows.Microsoft.com/en-us/Windows-Vista/tips-for-fixing-common-driver-problems

  • Card SD not recognized and the error message: G: made reference to a location that is not available and may be a drive on this computer or network

    Original title: try to get a removable drive for recognized card reader

    The picture card reader is under g: removable disk, but when I insert the sd card is unrecognized.  No AutoPlay.  Under my computer, it shows a player when the card is inserted but is he named drive letter, just a question mark.    Error message appears and indicates that g: refers to a location that is unavailable.  He says it could be a drive on this computer or network.  This isn't networked.  Card is inserted correctly.  message indicates that it might have been moved to a different location.   How to get the drive recognized or knowledge if it was moved and twhere was - this moved?   Thank you James

    Hi James,

    1 - is the device is not detected in Device Manager?

    Step 1:

    You can try to change the drive letter and check if it helps.

    Access the link below to learn more about changing the drive letter.

    http://Windows.Microsoft.com/en-GB/Windows-Vista/change-add-or-remove-a-drive-letter

    Step 2:

    Also check if the device is detected in Device Manager. Follow the steps to go to the Device Manager.

    a. Click Start, type devmgmt.msc and press to enter.

    b. Locate the device name in the list of Bus USB controllers.

    c. If you see the item on to the SD card, right-click on it and click on uninstall.

    d. restart the computer and check if that helps.

    Hope this information is useful.

    Jeremy K
    Microsoft Answers Support Engineer
    Visit our Microsoft answers feedback Forum and let us know what you think.

    If this post can help solve your problem, please click the 'Mark as answer' or 'Useful' at the top of this message. Marking a post as answer, or relatively useful, you help others find the answer more quickly.

  • Transfer multicast through VLANs for KVM Over Ip

    I am currently designing an architecture of Terminal servers, using the KVM-Over-IP technology (I use features of Gefen) where I have two VLAN:

    • A VLAN for screens (receivers KVM) at 192.168.240.0/24
    • A VLAN for servers (KVM shippers) to 192.168.241.0/24

    I use a Switch Cisco 3750 G Layer 3. I have configured all the VLAN with their gateways (. 1) and there is connectivity between devices, so this ping between them, etc. The configuration is as follows (this is an excerpt, the rest are the default values)

    IP routing
    IP multicast-routing distributed
    !

    GigabitEthernet1/0/1 interface
    switchport access vlan 2
    !
    interface GigabitEthernet1/0/2
    switchport access vlan 10
    !
    interface Vlan2
    IP 192.168.240.1 255.255.255.0
    IP pim sparse - dense mode
    !
    interface Vlan10
    IP address 192.168.241.1 255.255.255.0
    IP pim sparse - dense mode
    !

    Now, KVM (these devices Gefen DVI KVM) devices cannot auto detect other KVM devices in different VLANS. It is to be expected, because the broadcast messages do not exceed the limits VLAN. After further investigation, looks like these devices use multicast groups to annonunce themselves, using standard TCP connections later to perform the video transmission.

    To solve the problem, I enabled routing multicast distributed and also tried activation sparse dense mode. Using wireshark with duplication of port I see some messages of the devices within a local network VIRTUAL membership report and Protocol PIM from the interface messages VLAN (. 1), but the devices fail to see each other again.

    Thus, from scratch, how should I configure the 3750G for multicast traffic is shared between the VLANS? I also checked the MVR nothing helps.

    Thanks in advance.

    Just a thought.

    What is the Group of multicast discovery? If 224.0.0.x. that is not specific to the local LAN segment with a TTL of 1. In these cases the multicast routing road it.

    If it's another group of multicast, always check the LIFE expectancy in the packages. It can always be 1.

  • Implementation of VLAN for wireless AP with two SSID

    I am trying to install a RV180 and 3 wireless access points. I want that the AP is having 2 SSID isolated from each other. IE comments network and core network. I have setup a VLAN and my AP support 802. 1 q and ssid matching of VID. I could get this background work, but things seem to have gotten confused when I plug a POE switch instead of directly in the rv180 of the AP. At this point I don't know exactly what to ask. Perhaps start by providing information based on how I'm supposed to do. I was under the impression that since both devices are supported 802. 1 q I could configure the VLAN on the router and tell the AP to apply a VID of the SSID and thing would work. This is not the case unfortunately. Any help would be appreciated.

    Aaron Hi, depends what's this switch. If it's a unmanage switch, it cannot process tags vlan so the switch will only be a member of the vlan native who is connect from the router.

    If it is a switch to manage, you must configure the same as the router, a vlan native UNTAG, tag vlan for the connection to the AP and router port.

    -Tom
    Please mark replied messages useful

  • Configuration of multiple VLANs on the Campus network up to 800 users

    Hi all

    I design a network for our client who has a campus network to:

    currently: 250 users, near future Expansion (3Months): up to 650 users; Future users of 1000 Expansion(6_Months):upto

    There are various services such as students, teachers, Admin, accounts & WiFi. Now they have HP/3Com switches all connected in a single broadcast domain.

    Now, to put the differnet deptts. in different VLANS, I plan to physically initially isolate them & use a multilayer Cisco switch only the basis for the configuration of VLAN for each Department. This way the used switches will simply serve as switches access (no config necessary).

    The new switch will be connected to a WAN/Internet router already in place i.e. of 1841.

    Please Q) suggest a switch appropriate in this regard, t manage users (from 250 to 1000)? such as a 3500 or 3700.

    Q2) given that most of the user groups will be connected on the separate Uplink port on the new switch, what is the level of redundancy should we have? that is, only the redundant power supply is enough or we will have 24 port switches QTY: 2 for full redundancy?

    Q3) can we have different connections of VLANS on a single switch uplink Port, & more switch can make the difference on the basis of the subnet ID?

    Q4) Im not sure how I connect WiFi access points that are installed as independent flanges at the moment? They should also be connected to the trunk on the new switch Port of VLAN?

    We will also have a domain controller, Server Server & Proxy DHCP on the network that will be connetected on the port of Siwtch (trunk) to serve all the VLANS.

    Kind regards

    Re-

    Hi Tek,

    Please see the below comments for your plan and hope that will help you.

    Please Q) suggest a switch appropriate in this regard, t manage users (from 250 to 1000)? such as a 3500 or 3700.
    I suggest you to go with 3750 24 ports switch (if your budget is ok then go with future expansions seen 4506)

    Q2) given that most of the user groups will be connected on the separate Uplink port on the new switch, what is the level of redundancy should we have? that is, only the redundant power supply is enough or we will have 24 port switches QTY: 2 for full redundancy?

    If you need redundancy of the connection between the switch access and distribution, please go with STP where you will have a pathname (physical connection) active and a different path (another physical connection) is pending.

    Q3) can we have different connections of VLANS on a single switch uplink Port, & more switch can make the difference on the basis of the subnet ID?
    Yes, if you have configured this port as a trunk port who wear all the VLANS on the trunk and you can assign the vlan desigered to the specific physical port.

    We will also have a domain controller, Server Server & Proxy DHCP on the network that will be connetected on the port of Siwtch (trunk) to serve all the VLANS.
    You can have DHCP to assign IP addresses to computers in the vlan specific by adding the command to support ip under the vlan specific.

    Please note the useful messages.
    Kind regards
    Nasri.

  • HP Photosmart all-in - one a 309 will not print from the main computer in network

    PULLING MY HAIR OUT and have spent endless hours trying to figure this one already, so any advice will be appreciated! This 'deal' of a printer had problems in time over the 18 months or so I got it, but this one takes the cake. My HP Pavilion 6140, Windows 7, 64-bit, isn't wireless, but is connected to a router. My 309 a is wireless, but is in the same room near my computer and is recognized on the network. My husband's computer is sitting across from home in his office and can print wireless from my printer. Sitting here beside him, I can't print anything. We were able to print test pages from it to my computer, but if I go to another file of any type of printing, the printer does nothing. We have uninstalled, reinstalled, tried drivers d/l. He tells us that we need a driver, but when we go to d/l, it says no driver needed, or your drivers are up to date. My crazy husband DID with the router last weekend, on the moment cela everything has started, but since he checked it out, and everything seems fine. Copy the scanner work very well, so printing them isn't a problem either. I can save a file from my computer to the network, run in there and shoot to the top of this file and send it to my printer to print. No problem.  So, can anyone please give me any suggestions as to why my computer is unable to send anything to the printer or the printer does not recognize. Control Panel says it all works well, and the printer is ready. If I go into the properties of the computer, it says "drivers for this device are not installed, code 28. We had other messages of error as well in recent days, but nothing has been solved little matter what we do. Also MY computer doesn't list MY printer in the choice IF I try to print, and it says "printer unknown error has occurred."

    HardBeatZ, I wanted to just say a last thank you for all your help with my computer/printer problems. I hope I won't need this forum in the near future, because once again, I had to choose a different password. Yikes! In any case, we've been on all the roller coaster of emotions these past few weeks. Once you and I spread the printer as being the problem, we have debated on buying a new computer or reload Windows. After shopping and comparison of computers and prices see on them, etc., we decided that we had nothing to lose. So we borrowed an external drive and loaded important data and reinstalled Windows. Once we did that, we could still see the printer on the network, and it would still print from her husband's computer, but not mine. However, it DOES not seem to take care of other issues, and the dreaded exclamation point next to the PC icon has disappeared, so I'm gutsy and reinstalled the printer. For some reason, it still does not work wireless from my computer (which he always did), but I plugged the USB cable and returned to printing, scanning and faxing capabilities. so, I hope that all is well now, and except for paying ridiculous shipping for return monitor (still in warranty) which is released before printer problems, we did not have to shell out the $$$ for computer or printer. Monitor is shipped to me right now, so here's hoping that $$ on shipping was not in vain. Now if only we could be repaid in $$$ for the moment, concern and effort we all time put them into this mess. It WAS definitely a learning experience, even if, in the future, that I'll be a lot less worried to the excavation to solve problems. Thanks again for your time and patience.

  • Can't access ESXi host after VLAN for MGMT has been implemented?

    Hello

    We run ESXi 5.1 and recently to get our network

    Network administrator has received only 5 VLAN for MGMT vSwitch.  Since then, we are not able to ping on the ESXi host, or access in vCenter.

    He received different VLAN for vMotion and vSwitch and VM.

    Just would like to ask your advice what changes I need to do?

    Hello

    That doesn't sound right. You have 3 different vSwitches with 2 ports on each, so you can not the team together on the side of the switch.

    This would have been right if you had a vDS with 6 uplinks and various exchanges by the feature that you do not.

    You have need of the network is to set up 3 different teams one by vSwitch and to start with that you have the management must be in the access mode so that you can retrieve with your ESX box connectivity.

    Also the vMotion didn't need to be mode trunk you'll only of vMotion. Data (VM) must be master.

  • Configuration of VLAN for vMotion (ESXi 5.1 update 3)

    Hello

    We use a cluster of ESXi 5.1 updated 3 guests with Enterprise Edition.

    Finally, our network is being upgraded and VLAN will be created for vMotion.  Currently, we use the local network for the management and vMotion (I know that's not good).

    Network administrator asks me to provide information concerning the requirement of the VLAN for vMotion.

    Is there any Document KB I can refer to mentioning that the administrator must put in place in the physical switch and I need to change in each vSwitch for vMotion on all ESXi hosts?

    Thank you

    Belong to your network administrator if it can link your vmotion IP to the same vlan that he will provide den it's possible.

    Otherwise, you will have to go to the configuration of your network administrator. so it can provide you the IP for the ports of vmotion.

  • VMotion: A large private VLAN or several small VLAN for each cluster?

    Our production of VMware ESX 3.5 environment begins to develop very quickly and since we have different subnets 1,000001 million (bad network design), but all our esxHost Service Console is on the same subnet for accessibility, it would make sense to have VMotion all the different of the pole on a large local network separate VIRTUAL private or private VLAN?

    We currently have 3 clusters running in our production environment, with each cluster serving a different subnet for connections to data and mgmt VMs.  These 3 groups all are currently 3 separate private LAN of VMotion.

    Over the next month we will add an extra 2 groups serving two different subnets.

    So my question is, how is another to tackle this task?  You create a new VLAN separate private for each cluster (which is what we are doing now)?  Or you have created a large private VLAN for VMotion?  If you have created a large private VLAN, what problems met?  Performance problems?  Networking issues?  Collisions of data?  All esxHost panic?  SMV panic?

    Your comments on your experience would be greatly

    appreciated!

    Hello

    I did have problems with a large network of VMotion. Or with cluster of specific networks of VMotion. Note that with VLAN possible external of attacks using the VLAN is a matter of trust as the VLAN do not guaranttee security.

    Best regards
    Edward L. Haletky
    VMware communities user moderator, VMware vExpert 2009
    ====
    Author of the book ' VMWare ESX Server in the enterprise: planning and securing virtualization servers, Copyright 2008 Pearson Education.
    Blue gears and SearchVMware Pro items - top of page links of security virtualization - Security Virtualization Round Table Podcast

  • How can I change my att iphone 4S for the sprint network

    How can I change my att iphone 4S for the sprint network

    You can not.  AT & T phone is a GSM, CDMA Sprint.

    Sorry

Maybe you are looking for

  • BP-688e67d3-43C5-4B11-97e0-52d782141108

    I did not notice when it really started. Firefox starts in SafeMode only. If I closed firefox or restart my firefox to system cannot be started in safe mode. Reset cause firefox crashes. I updated firefox, my windows system and my Add ons.

  • Development of sites Web + programming: optimization of Xcode

    I am currently building my own Web site. So far, I have .html, .cssand .js files. I would like to know what you advice like how to be super effective using Xcode. As the autocompletion for all these file extensions And now, I opened a .html and .css

  • Firefox 4 for Mac after upgrade I can not type in the comments of several web sites area

    I've upgraded to Firefox 4 (beta very well executed) and now I can't type in the text boxes on a number of websites and surveys etc. For example on the Gigaom site I can not type comments (the name is fine, but the comments box does not work). But th

  • Fees and the QFE files install on Satellite A660

    A660. I plan to do a new installation if winows pro 7 64 on my machine of retail disk. In the folder driovers of toshiba, I see some files as files QFE-do I need? or is windows update install? Also is there a way tp preserve the thing of recovery tos

  • the parameter mapping constant to a control block Veristand simulink block

    Hello I'm trying take a simple model of an RL circuit in simulink (build a DLL) and control of the constant blocks in Veristand to dynamically change the value of R and L constant through Veristand Slider indicator or digital. I can see the output of