A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.comp.home-networking (UK home networking)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.comp.home-networking (UK home networking) (uk.comp.home-networking) Discussion of all aspects of computer networking in the home, regardless of the platforms, software, topologies and protocols used. Examples of topics include recommendations for hardware or suppliers (e.g. NICs and cabling), protocols, servers, and specific network software. Advertising is not allowed.

VLANs for separating two WLAN networks.



 
 
Thread Tools Display Modes
  #1  
Old March 19th 14, 05:46 PM posted to uk.comp.home-networking
Henry Law
external usenet poster
 
Posts: 43
Default VLANs for separating two WLAN networks.

I'm feeling my way into VLANs, courtesy of a charity whose IT I have
been asked to "sort out". Can someone help me think things through?

There's a Netgear GS748T which does port-based VLANs, and there's a
Netgear WAG302v2 wireless access point which is capable of broadcasting
multiple SSIDs and tagging each with a VLAN id. There's an ADSL router
managing the broadband connection. (I have manuals for all these).

The charity wants to provide public WiFi for visitors and private WiFi
for staff, as well as wired connections in some of the offices, and an
internal file server. I'm determined to separate the public from the
staff very strictly.

Current idea is that I'd set up two VLANs at the switch, call them nos
02 and 03; I'd set up the private SSID to tag to VLAN 02 and the public
one to 03. I'd run both VLANs on the same subnet (say 10.0.0.0/24).

I know that one MAC address can be a member of more than one VLAN. So
the ADSL router, acting as a gateway, could be in both VLANs. There is
expressly no traffic between the two VLANs, so do I need a router to
link them (i.e. additional to the ADSL router itself).

And could I get away with just one DHCP server (the one in the gateway
router)?

All thoughts, worked examples, pointers to learned web sites, gratefully
received.

--

Henry Law Manchester, England
  #2  
Old March 19th 14, 06:02 PM posted to uk.comp.home-networking
Henry Law
external usenet poster
 
Posts: 43
Default VLANs for separating two WLAN networks.

On 19/03/14 17:46, Henry Law wrote:
I get away with just one DHCP server


Should have checked this before I posted.

The WAP has a DHCP server which can be enabled. So it could serve out a
bunch of addresses for visitors to use, but then the staff VLAN couldn't
use the DHCP server on the ADSL router, because it's accessible to both
VLANs. Still sounds like two DHCP servers, one for each VLAN.

--

Henry Law Manchester, England
  #3  
Old March 19th 14, 06:44 PM posted to uk.comp.home-networking
Dave Saville[_2_]
external usenet poster
 
Posts: 2
Default VLANs for separating two WLAN networks.

On Wed, 19 Mar 2014 18:02:05 UTC, Henry Law
wrote:

On 19/03/14 17:46, Henry Law wrote:
I get away with just one DHCP server


Should have checked this before I posted.

The WAP has a DHCP server which can be enabled. So it could serve out a
bunch of addresses for visitors to use, but then the staff VLAN couldn't
use the DHCP server on the ADSL router, because it's accessible to both
VLANs. Still sounds like two DHCP servers, one for each VLAN.


I have an Asus RT-N16 running OpenWRT. I have multiple "real" IPs from
my ISP but this is not essential. I have several VLANs defined.

One using a couple of real addresses for phone and web/mail server
One for the LAN both wired and wireless DHCP and 192.168.0.* NATed to
a real address
One for public wireless DHCP and 172.16.0.* NATed to a real address

OpenWRT handles the lot with no sweat. I even have it such that guests
on 172.16 can print to my LAN printer on 192.168 - They can't get at
anything else other than the internet - not even each other. The
various "LAN" ports on the router are spread over those VLANs. Of
course you may need to ensure that guests can't plug into a restricted
wired port - but MAC filtering ought to take care of that one.

Not sure if your router can run Opem WRT but there is an acceptable
h/w list on their site.

HTH

--
Regards
Dave Saville
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
WE BUY used, new and refurbed Sun, Cisco, Lucent, Nortel, Alcatel,3com, IBM, HP, Compaq, Dell, Madge, Cabletron, Juniper Networks, Bintec,Siemens, Foundry, Networks, Extreme Networks, Fore/Marconi, TellabsLucent/Avaya/Ascend, Xylogics, Brocade, Int Mike uk.telecom.broadband (UK broadband) 1 July 3rd 08 09:51 AM
I am looking to buy Cisco, Lucent, Nortel, Alcatel, JuniperNetworks, Bintec, Siemens, Foundry, Networks, Extreme Networks, Fore/Marconi,Tellabs Lucent/Avaya/Ascend, Xylogics, Brocade, Intel, Motorola, NokiaVPN/Firewall, Netscreen, Microsoft Adobe, C [email protected] uk.telecom.broadband (UK broadband) 1 July 3rd 08 09:49 AM
WE BUY used, new and refurbed Sun, Cisco, Lucent, Nortel, Alcatel,3com, IBM, HP, Compaq, Dell, Madge, Cabletron, Juniper Networks, Bintec,Siemens, Foundry, Networks, Extreme Networks, Fore/Marconi, TellabsLucent/Avaya/Ascend, Xylogics, Brocade, Int [email protected] uk.telecom.broadband (UK broadband) 0 November 18th 07 11:58 AM
WLAN has gone mad mikea uk.telecom.broadband (UK broadband) 1 December 15th 04 10:14 PM


All times are GMT +1. The time now is 01:21 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.