Best practice to deploy with multiple VLANS?

Highlighted
New Member

Best practice to deploy with multiple VLANS?

We want to deploy these APs in a network with multiple VLANs, guest and employees. Assuming both VLANs should be assigned to the switch interface, which VLAN should be tagged, and which VLAN should be used for the initial deployment?  I assume employee VLAN is untagged (native) and used for deployment?

5 Replies
Highlighted
Employee
Employee

Re: Best practice to deploy with multiple VLANS?

@kspickler For Instant ON AP's you have the ability to assign a VLAN to the Employee network in the configuration. When you create the Guest network it will create an internal VLAN and NAT all traffic through the default gateway of the AP. So if you configure your switch for the native VLAN you use for the employee's and all traffic will traverse that network.

You could create multiple employee networks on different VLAN's and name the second one Guest.

Example for an Aruba Switch

interface 1
   tagged vlan 20 (Guest)
   untagged vlan 10 (Employee)

View solution in original post

0 Kudos
New Member

Re: Best practice to deploy with multiple VLANS?

Thank you @GThiesen. If the guest network created in Instant On is NAT'd through the default gateway, can we use a DHCP for the guest network? Or would we need to create an additional "employee" network in order to use our own DHCP for that network? The idea is to keep employees and guests on different IP networks that we define.

0 Kudos
Highlighted
Employee
Employee

Re: Best practice to deploy with multiple VLANS?

@kspickler  For the Guest network DHCP is done via the AP only. Create a second Employee network for a different VLAN.

Highlighted
New Member

Re: Best practice to deploy with multiple VLANS?

I have the Aruba AP11's and want to create several VLAN's.  I noticed that this states you can do this.  I have three Network created and 2 of them are working fine.  I have a Guest Network without assigning a VLAN ID manually and it is working.  I have an Employee network with no VLAN ID assigned manually and it is working.  It gets its DHCP assignment from my Cisco catalyst 3560 on VLAN ID 30 and it is getting the correct DHCP assignment from this scope assigned to VLAN ID 30.  I created a third Employee network and assigned it VLAN ID 20 manually in the Aruba AP11.  I can connect to the network but it will not get a DHCP assignment from the scope associated with VLAN ID 20.  It just gives me the APIPA scheme.  I was told that the Aruba AP11 will not support more than one VLAN ID at this time.  Is that true and if so, when will an update come out to fix this issue?

 

Thanks!

0 Kudos
Highlighted
Contributor I

Re: Best practice to deploy with multiple VLANS?

HI @johnanyul ,

I have deployed Instant On with multiple VLANs.  I have one site with 3 Employee networks, one without a VLAN which gets mapped to VLAN1 on the switch, and then 2 other networks each mapped to a different VLAN.  That is working well for me.   You may want to double check your switch configuration, and DHCP server.

 

 

0 Kudos