Wireless/Redundant Edge Services xl Module Management and Configuration Guide WS.01.03 or greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

231

232

233

234

235

236

237

238

239

240

3-67

Wireless Local Area Networks (WLANs)

VLAN Assignment

When determining how many WLANs to create and which VLANs to assign to

these WLANs, consider these issues:

■ What type of network access will users connecting to the wireless net-

work require?

For example, if the users need the wireless connection exclusively for

Internet access, then they probably will not need to be part of any specific

subnet. You could create a single WLAN and map that WLAN to any user

VLAN in your network. Remember, however, that the wireless users will

then receive the same sort of network rights as users in that VLAN, which

is not ideal in many cases. It might be a better idea to create a new VLAN,

such as VLAN 100, that is exclusively for wireless users; network admin-

istrators could limit traffic in that VLAN to such applications as Dynamic

Host Configuration Protocol (DHCP), Domain Name System (DNS), and

HTTP.

(Remember that administrators must of course also complete all neces-

sary steps for adding the VLAN to the Ethernet network, such as tagging

switch uplinks for the VLAN and configuring a DHCP server to provide

addresses in the appropriate subnet range.)

■ Who will be connecting to this WLAN?

•Guests

In this case as well, you could assign the WLAN to a VLAN reserved

for wireless users. Network administrators could then control traffic

from that VLAN appropriately—for example, limiting wireless users

to Internet access or to certain network servers.

• Employees who will use the wireless connection exclusively

You can use the same policies to assign new employees to a VLAN

that you would use if the employees used traditional, wired connec-

tions. Then simply assign the WLAN to that VLAN.

If you want to assign different employees to different VLANs, then

you must configure a separate WLAN for each employee category and

ensure that the employees connect to the correct WLAN. Dynamic

VLAN assignment offers a more elegant solution and will be discussed

later in “Identity-Based, or Dynamic, VLAN Assignment” on page 3-69.

• Employees who will use the wireless connection as well as a tradi-

tional connection

In this case particularly, you should focus on the type of network

access that the employees will require. If, for example, the employees

only need to check their email and access the Internet, then you could

group them all together in a WLAN and VLAN that has been configured

to allow such limited access.