Thursday, January 9, 2020

Less than ideal LAN setup - untangling DHCP/wireless/network

I inherited a less than ideal network setup:

  • Class B network (10.10.1.1-10.10.10.254); Sonicwall Firewall
  • DHCP superscope - only 209 IPs available; 10.10.1.2-10.10.1.209; exclusions for some devices
  • Everything all on same flat network

They don't have much equipment (~250 systems), but with many laptops, personal phones, tablets, watches - we hit the DHCP limit often. They had the spreadsheet tracking IPs on different networks (10.10.5.x VMware/servers) - so I get what they were trying to do. Trying to get them to resubnet the network with proper /24 VLANs and subnets similar to my last employer setup.

My last employer we had /24 VLANs for everything, segmenting out DHCP on proper VLANs/subnets: workstations, wireless, printers, facilities equipment, security systems, etc. Servers were on a static VLAN, everything was planned out great.

My current place I inherited - DHCP is handled by the primary domain controller, so I thought to move off the superscope I created /24 scopes on secondary domain controller (10.10.195.x for internal DHCP wired, 10.10.196.x for guest wireless , 10.10.198.x for internal wireless) I know I need to implement VLAN tagging and IP helper, and am also working at getting the Dell/Aerohive firmware on our client switch stack. Aerohive has both DC's listed for DHCP, but only the first DC is handing out addresses.

Other thought/direction was to VLAN off the DHCP workstations, move them first to free up some IPs for wireless devices.

Ideally I'd also move the guest wireless to completely separate network, with no internal access. So DHCP off the Aerohive for guest wireless?

So I know where I'd like to get to, it's just getting there is the issues - looking for ideas where to start.

Thanks,

B



No comments:

Post a Comment