How to organize VLAN correctly?

K

Konstantin2014-11-21 20:20:44

linux

Konstantin, 2014-11-21 20:20:44

It is required to transfer office to work on vlan'am. Now I study thoroughly what and how it is done and at the same time I ask for help / advice.
Will such a scheme be organized correctly?
1 SWITCH: (1 FLOOR)
----------VLAN10 - 1 FLOOR STAFF
----------VLAN11 - 1 FLOOR WIFI GUEST
----------VLAN12 - 1 FLOOR WIFI STAFF
2 SWITCH (0 FLOOR)
----------VLAN10 - 1 FLOOR STAFF
----------VLAN11 - 1 FLOOR WIFI GUEST
--------- -VLAN12 - 1 FLOOR WIFI
EMPLOYEES 3 SWITCH (0 FLOOR)
Stands in the server room, it has a gateway that can work with Vlans and all servers
Actually, you need to differentiate users in access to servers, guests - to WIFI and give access to only to the IT department.
Tell me how to configure ports for transmission? As far as I understand, trunk ports are needed to transfer from floor 1 to floor 0 and to the switch to the server room, and use tagged to separate subnets (wifi, employees). What port will be needed on the gateway? tagged with all vlan ids?
*kerio control 8.4.1 gateway

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Andrew, 2014-11-21
@OLS

Trunk ports = tagged.
Access ports (user) = untagged.
Between all switches - trunk
Between switch and router - trunk.

K

Konkase, 2014-11-21
@Konkase

Between switches and gateway ports in the trunk. Ports that look towards the client - access. On the gateway, for each vlan, there is a separate subinterface and ipfw for delimiting rights.
If the switches are dlink, then trunk = tagged, access = untagged