VLAN config

  • 2
  • Question
  • Updated 5 years ago
  • Answered
Hello,

I am not completely new to VLANs, but I am kind of confused about the VLAN config in HiveManager. We have an internal network (VLAN 1) and a guest network (VLAN 20). In VLAN 20 you can find all the APs and an Internet Router to provide Internet access to our guests, which by itself works fine. The only place where both networks come together is the virtualized local instance of Hive Manager. Network adapter 1 (Management) is bound to VLAN 1, Network adapter 2 to VLAN 20. Perspectively we would like to establish secure access to VLAN 1 via VLAN 20, probably by using a Radius server. I know that we have to set up firewall rules also, we will do that later. In the first step I just want to adjust the right native VLAN settings for the working network policy. My problem is that if I change the VLAN settings in the network policy as shown in the screenshot, or if I set VLAN 20 as the Native VLAN in the device config, and upload the config to the APs, then the connection to the APs will get lost and I have to reset them. Could you point out please, where my mistake / error in reasoning is?



Best regards
Photo of User0815

User0815

  • 23 Posts
  • 0 Reply Likes

Posted 5 years ago

  • 2
Photo of Abby S

Abby S, Employee

  • 94 Posts
  • 47 Reply Likes
Hello,

I think we need to take a step back for a second :-). HiveManager is just an NMS. It is not a router or switch, so what you're doing won't actually work the way you're intending. The two interfaces on the HiveManager appliance are in case you want to separate management traffic for HiveManager (for HTTP access and SSH access to the HiveManager itself) from the CAPWAP traffic for managing access points. The HiveManager cannot bridge any traffic between these two VLANs.

So let's start with some questions - I see you have a BR100 that you're trying to use as an AP. Where is the router in the network? Can you possibly include a network diagram rather than just the network policy? It looks like the problem might be that you have an external router and we should not be assigning subnets but rather just tagging VLANs, but I can't be sure without a network diagram.

It might be easier to start with a network policy for just your access points first, and once you have that working properly, add in the BR100 as an AP so you don't have the routing policy in there.
Photo of User0815

User0815

  • 23 Posts
  • 0 Reply Likes
Hello Abby,

thank you for fast reply and clarification. I can hand you the network diagram in on Thursday, because I am out of office for the next 2 days. Meanwhile I will reconsider the problem.

PS: I already had a only wireless policy, but I couldn't add a CWP to the BR100 with it. That's why I created a new policy with Branch routing and then it worked out. I can do some further tests on Thursday.

Regards
Photo of User0815

User0815

  • 23 Posts
  • 0 Reply Likes
Hello Abby,

for now I have to postpone my activities concerning VLAN routing. If necessary I will ask again for a helping hand. Thank you so far!

Regards