On Sun, Jul 11, 2010 at 12:32 PM, paul d <[email protected]> wrote:
> Our wireless is on a different vlan and right now I can't access the
> wireless AP. With the procurve, I think I'm missing some key ingredient, so
> to speak.
> I  have 4 vlans:  1 (network), 24, 50, 51
> I tagged port 16 for vlans 24,50,51.

  Are the wireless access points expecting Ethernet frames to be tagged?

  In a later message, you mention that VLAN 50 is for management of
the wireless access points, and that VLAN 24 is for wireless guest
access.  For that to work, the wireless access point will need to be
able to recognize at least one of those two types of traffic as tagged
Ethernet frames.

  In a later message, you mention "trunks".  VLAN trunks are a
Cisco-ism that doesn't really exist in the VLAN protocol.  That's fine
until you leave the land of Cisco, and then you get confused.  In
reality: Ethernet frames can optionally have a VLAN tag.  Frames with
a VLAN tag specify the VLAN they belong to.  Both tagged and
not-tagged frames can co-exist on the same wire/port.  It is up to the
switch to decide how frames without a VLAN tag are handled.

  I'm guessing you'll want the access points configured to expect the
management traffic to arrive as frames tagged for VLAN 50.  You might
want user traffic (Internet) to arrive as tagged for VLAN 24, or
untagged, depending on what the WAP can support and your own
preference.  I'll assume user traffic should be untagged.  Let's also
assume you have a WAP plugged into port 5.  If so, the ProCurve
commands would be:

        vlan 24 untagged ethernet 5
        vlan 50 tagged ethernet 5

  As I recall, when Cisco says "VLAN trunk", they mean a port
configured to tag all frames, with no untagged frames.  So if you're
trying to connect a ProCurve switch to a Cisco trunk port, you need to
configure the ProCurve to tag all frames for that port.  Let's suppose
it's ProCurve port 16, and you want all the VLANs you've mentioned so
far:

        vlan 1 tagged 16
        vlan 24 tagged 16
        vlan 50 tagged 16
        vlan 51 tagged 16

(Unfortunately you can't do "vlan 1,24,50,51 tagged 16", at least on
my ProCurve models.)

  You may find the following useful.  It's an introduction to VLANs I
wrote, and happens to be from a ProCurve perspective:

http://www.mail-archive.com/[email protected]/msg58753.html

> Do I need to add IP addresses for the other vlans?
> The default g/way for the Procurve is our Cisco 4510 L3 switch.

  The IP addresses and default gateways are a layer three thing; VLANs
are a layer two thing.  Don't confuse the two.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Reply via email to