A requirement has come up wherein i need to configure Dynamic vlans so that a user from XYZ dept can go anywere in the campus plug into a switch and authenticate to the same VLAN. (we are using an acs box as well)
Once he's been put in the XYZ VLAN he needs to be given an IP address in the range allocated to the XYZ Vlan..
I have come to understand that on the core switch, i can create a number of VLANS and set the IP helper address in each of the VLANS to point to the Windows2003 DHCP server. In the DHCP server i have about 25 scopes.
Now i wanna know how each vlan can pick the right scope, secondly how do i go about configuring dynamic vlans and dynamic dhcp... im using cisco 3560's as edge switches and cisco 6509 as a core switch..
U need to have a database of mac address mapped to vlans.check weather u r 3560 can become a VMPS client.So when u r done with mapping if the switch recieves the request from that particular mac-address it will dynamically assing it to the proper vlan.
You can take a look at 802.1x dynamic vlan assignment. Attached is a link to this for the 3560 switch. The user has to authenticate to the network and if successful the network port is dynamically allocated to a vlan.
with the ip helper command under the SVI interfaces, DHCP requests will be sourced with the IP address of the gateway for the VLAN hence the DHCP server returns an available IP from a scope this IP fall into. I guess you already know you need to ensure all VLANs (on all access switches) are trunked back to the core switches in order not to break connectivity.
Once the acs assigns the vlan on the switchport the dhcp should only be able to assign ip addresses within the particular vlan assigned... like if I understand you correctly there should be a gateway address associated with each vlan/vlan interface... if this is the case then each dhcp scope created should point to the vlan/vlan interface ip address, in which case the dhcp server knows which scope to use for which vlan/gateway...
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...