Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 7894 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WLAN über vorhandene Ethernet-VLAN-Netzwerke betreiben

Maik Große

Hallo Zusammen,

ich habe ein paar Konfigurationsschwierigkeiten, hoffe das mir jemand unter die Arme greifen kann?

Folgende Ethernet-VLANs sind vorhanden:

Netzwerk 1: 192.168.5.0/24; VLAN 5; ETH5 (Gäste)

Netzwerk 2: 192.168.6.0/24; VLAN 6; ETH6 (Intern)

Netzwerk 3: 192.168.7.0/24; VLAN 7; ETH7 (vom Switch untagged in Richtung APs)

Ich möchte nun 2 WLAN Netzwerke über eine Gruppe (2 Stk.) 55C APs bereitstellen. Die WLAN-Netzwerke sollen die vorhandenen Ethernet-VLAN-Netzwerke 1 und 2 benutzen. Also kabelgebunden wie auch drahtlos wäre dann jeweils nur ein Netzwerk zu verwalten.

Welche Konfigurationsschritte muss ich dazu auf meiner UTM 9 vornehmen um das zuvor beschriebene Szenario zu erhalten?

 

Danke und viele Grüße

Maik



This thread was automatically locked due to age.
Parents
  • 0

    Hallo Maik,

    Erstmal herzlich willkommen hier in der Community !

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. [:(])

    You need two Wireless Network definitions with 'Client traffic: Bridge to VLAN' with IDs 5 and 6.

    I'm not sure what you mean by "(vom Switch untagged in Richtung APs)," so let us know if "Bridge to VLAN" was all that you needed.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

  • 0 in reply to BAlfson

    Hello Bob,

    thanks for your answer. For a better communication I'd like translate my own question and write in english. If you like it, of course, answer in german ;-).

     

    I've some problems to figure out, how I've to configure my UTM 9 by using the following ethernet-vlan-networks in connection with 2 wireless-networks:

    Network 1: 192.168.5.0/24; VLAN 5; ETH5 (Guests)

    Network 2: 192.168.6.0/24; VLAN 6; ETH6 (Internal like Office)

    Network 3: 192.168.7.0/24; VLAN 7; ETH7 (The switch remove the VLAN-tagging before the traffic reached the access points)

     

    I'd like have two wireless-networks as a group (therefore 2 55C access points are available). This two wireless-networks should use the ethernet-vlan-networks above (1 and 2). How I've to configure it?

     

    Regarding your answer: I've tried already "Bridge to VLAN", but I got a error message, that this isn't compatible. Message translated by Google: The current VLAN tagging settings in the XXX-Guests access point group are not compatible with the XXX-Guest-Network Wi-Fi network in Bridge to VLAN mode.

     

    Thanks in advance

    Maik

  • 0 in reply to Maik Große

    Hint: At the moment, the access points are located in Network 3.

Reply Children
  • 0 in reply to Maik Große

    Maik, please show pictures of the Edits of the VLAN 5 interface, the related WiFi Network and of the AP Group.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

  • 0 in reply to BAlfson

    Hello Bob,

    here you are:

    Thanks in advance

    Maik

  • 0 in reply to Maik Große

    What happens if you change your AP configurations to have them be in VLAN 7 and then change your switch accordingly?

    Cheers - Bob

  • 0 in reply to BAlfson

    Hello Bob,

    that's it! You are my Hero. Now I can use "VLAN-Bridging". Do you know, what the reason is for this behavior?

     

    Thanks for your help!

    Maik

  • 0 in reply to Maik Große

    I think it's just a limitation of WebAdmin and the config daemon at present.  In the Help for Access Points, the following appears on the 'Overview' page:

    VLAN tagging: VLAN tagging is disabled by default. If you want to connect the AP with an existing VLAN Ethernet interface, you need to enable VLAN tagging by selecting the checkbox. Make sure that the VLAN Ethernet interface is added to the Allowed interfaces box on the Global Settings > Global Settings page.

    Note – To introduce the usage of VLAN for your access points in your network, take the following steps: Connect the AP to Sophos UTM using standard LAN for at least a minute. This is necessary for the AP to get its configuration. Connecting it via VLAN from the beginning, the AP would not know of being in a VLAN and therefore would not be able to connect to Sophos UTM to get its configuration. When the AP is displayed, enable VLAN tagging and enter the VLAN ID. Then connect the AP to its intended VLAN, e.g., a switch.

    Cheers - Bob