[ previous ] [ next ] [ threads ]
 
 From:  "Jewell, Michael" <mjewell at law dot umaryland dot edu>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Isolating users with managed switch
 Date:  Sun, 15 Jul 2007 21:32:49 -0400 
Here's some quick info for you:
http://www.cisco.com/en/US/tech/tk389/tk814/tk839/tsd_technology_support_sub-protocol_home.html
 
Here's a nice quick config help page for vmps if you choose to use it.
http://www.netcraftsmen.net/welcher/papers/switchvmps.html
 
Here's some example of how vmps works:
http://www.firewall.cx/vlans-designing-vlans-dynamic-vlans.php
 
One side note for you,  I believe there is software that will allow you to use a machine as your
vmps server under Linux.  I used to run dynamic vlans under my Catalyst 4006's (I had 13 of them), 
I had my syslog server running SolarWinds free TFTP server, with the vmps config file on it, then 3
of my 4006's were vmps servers which would download the config, and answer requests from the other
10 switches.  When you make updates to the config file, you do need to log into each server switch
and issue a 'vmps download' command.
 
-Mike

________________________________

From: Chris Buechler [mailto:cbuechler at gmail dot com]
Sent: Sun 7/15/2007 7:19 PM
To: unlisted-recipients
Cc: Monowall Support List
Subject: Re: [m0n0wall] Isolating users with managed switch



On 7/15/07, Alex M <radiussupport at lrcommunications dot net> wrote:
> Thanks for all relies; now I got more questions:
>
> 1. Is PVLAN proprietary to Cisco or there are some other switches that I can
> afford ;-)
>

None others that I've seen, though there may be some. You can pick up
one of the 24 port switches off that list for maybe $100-200 USD on
ebay, while some of those cost a pile of money there are several cheap
ones on that list.


> 2. If I create VLAN tag for each user on mono, can I make my Captive Portal
> work with that?
>

No. CP can only run on one interface, each VLAN would be its own
interface. You could have another m0n0wall box upstream from the one
that routes the VLAN's and do CP on it.


> 3. What is the difference between Static VLANs and Dynamic VLANs
>

Static means a given switch port is always assigned to a specified
VLAN. Dynamic means VLAN is assigned automatically by the switch based
on something, like a MAC address.

-Chris

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch