PNG TIME

ipblocker

2/08/2011

Tagged Vlans

Today's challenge:
implement a technology I've never used of using principles I understand.

Mission: make a Dlink wap have multiple SSID's that go to different networks which are disconnected

Approach:
1 - learn how to configure multiple SSID's on a Dlink WAP - completed
2 - learn how to configure WPA2 enterprise on multiple SSID's - completed
3 - learn how to get tagged vlans to traverse a trunk on a cisco switch - completed
4 - move the home network to vlan 10 from default vlan1 because vlan1 is stupid... I mean because vlan1 is a security risk when your CORP network is also vlan1 (still) - IN PROGRESS
5 - reconfigure your switches to disallow anything but the new vlan - completed

Today was one of those days when you say 'I THINK this should work, but I don't know HOW yet'. And you dive into manuals.

And, sure enough, it works.

And at the end of the day I had to battle my training and what I already knew to work, because I simply didn't like the ideas coming at me... but they were valid ideas... and after much trial and error and reading, and testing, I believe we reached success.

I kept my network organized and secure,
They got their product working.
I documented it well.


The problem with changing the 'default' way of equipment is that it becomes harder to replace me in the future.

The problem with keeping 'default' configurations is that they are insecure and quickly become disorganized.

I documented it all today and pretty much wrote a ten page manual with pictures so that the guy behind me could learn it too.

Now I have to go, I'm late for dinner. (-;