Changing subnet mask for guest wireless Vlan - Page 2

calum.doyle · ‎02-24-2010

Hi,

We have a multiple Vlan setup at the school I work in. The wireless guest system was originally set up to use the 10.174.66.0 network with a mask of /27. All the wireless system was set up to match this and was working correctly. However I have been forced to expand the range to give more hosts. I changed the wireless system and DHCP scope to a /26 mask (there is plenty of space to do this). I also changed the Vlan mask to /26. Now only the original hosts in the 5-30 range can communicate, any new hosts ie. 31-60 cannot access anything.

The DHCP scope on WLC1 is correctly assigning addresses it is just that they cannot access any resources. DNS traffic cannot flow and therefore they don't get redirected to the web auth page.

Any insights would be great.

Thanks

Jon Marshall · ‎02-24-2010

calum.doyle wrote:

Well it turns out it was my internal ASA firewall blocking anything from the

interface that's not /27.

Thanks for all your help!

Calum, glad you got it working but it might just have helped if you had mentioned the fact that there was an internal firewall between the 3750 and the router. I haven't yet learnt how to read minds

Jon

calum.doyle · ‎02-24-2010

>

Calum, glad you got it working but it might just have helped if you had
mentioned the fact that there was an internal firewall between the 3750 and
the router. I haven't yet learnt how to read minds

>

Jon

>

To be honest, I forgot about it until I did what you said and created a new

Vlan. I couldn't access anything and obviously it clicked that something was

blocking it if not the router.

Thanks again!