Solved: Multiple VLAN Network and MS Active Directory Authentication

euroscriptde · ‎02-20-2008

Hello all,

I have a future scenario where a corporate network is devided into multiple vlans across multiple switches.

All MS related servers are in a separate vlan, exactly as the users (multiple vlans like Management, Sales etc) that are going to authenticate against Active Directory.

If there is a inter-vlan routing enabled and configured, and there are NO access-lists that prevent traffic from accessing the different vlans, is it going to be possible for the clients to authenticate against the AD and get IPs per DHCP?

Do I need to setup something special besides inter-vlan routing? Perhaps "ip helper-address" for the DHCP to work across vlans? Or something special for AD authentication itself?

I will be grateful for any usefull links or configuration examples regarding this topic.

Thanks in advance.

a.cruea1980 · ‎02-20-2008

AD authentication will happen as long as you have inter-VLAN routing enabled, yes. Nothing special at all.

DHCP, you'll just need the 'ip helper-address' command on all your DHCP requesting VLANs.

Unfortunately there's not many configuration examples that I can think of as you've correctly figured out what you need to get this working.

View solution in original post

a.cruea1980 · ‎02-20-2008

AD authentication will happen as long as you have inter-VLAN routing enabled, yes. Nothing special at all.

DHCP, you'll just need the 'ip helper-address' command on all your DHCP requesting VLANs.

Unfortunately there's not many configuration examples that I can think of as you've correctly figured out what you need to get this working.

euroscriptde · ‎02-21-2008

Thank you very much. This is exactly the information I was looking for.