I am completely stumped as to what I am doing wrong.
So what I'm trying to do is configure a separate VLAN, VLAN18, for my Guest SSID. My setup is:
Zone Director:
- ZD is configured with 2 SSIDs, 1 for Employees and 1 for Guests. WLAN for employees has Access VLAN set to 1, and WLAN for Guest has Access VLAN set to 18.
- My management vlan is VLAN16, although the IPv4 configuration in my ZD has Access VLAN set to 1. Somehow when I configure this to 16, I lose my connection to it, so I leave it at 1.
- Although the WLAN for Employees has Access VLAN set to 1, it gets DHCP from my VLAN 16 DHCP server and users can connect successfully to the VLAN16 network.
- I set the switchport (Cisco) where my ZD is connected as a trunk port, with 802.1Q and native VLAN set to Vlan16.
AP:
- AP port is set to trunk, with Access VLAN set to 1.
- Switchport (HP Procurve) where AP is connected has VLAN16 as untagged port. VLAN18 and the other VLANs in my network are set as tagged.
- Connection flow is ZD < == > Cisco Core Switch < === > HP Procurve < === > AP
I created an Interface VLAN18 in my Core Switch, which directs DHCP requests to my firewall.
With this setup, I test a PC connecting to the Guest WLAN. It successfully gets an IP address from my VLAN18 DHCP server, together with the other network details. However, the PC is not able to ping the gateway.
I've already allowed the whole subnet in the Guest Access restricted subnets.
Sorry for the long read, but I'm just wondering why I can't ping my gateway even if I successfully retrieved an IP address.
Appreciate any help. 🙂
Thanks.
