Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Anyone have experience with ProCurve 420 APs? 1

Status
Not open for further replies.
aflyctus

aflyctus

Programmer
Jan 20, 2010
7
US
Hello,

I originally was planning on outfitting my church with 802.11n access points, but it looks like the good ones are out of my price range. So, I'm now leaning towards buying older reliable b/g APs.

Does anyone here have experience with the ProCurve 420 APs? In particular, do they have good signal range/quality and do you consider them reliable? They appear to have the features that I want (VLAN support, multiple SSIDs), and I can get them for pretty cheap.

If not the ProCurve 420, can you recommend something else? I don't have my heart set on ProCurve, but I've only heard good things about their products.

One more question:
I'm tentatively planning on connecting my APs to a ProCurve 2810-24g. Now, I was informed that this switch does not support ACLs. Will I be able to configure the APs, switch, and router in such a way (i.e., without using ACLs) that one wireless network / VLAN only has access to the Internet and the other wireless network / VLAN has access to the Internet and to other network resources?

Thanks!
aflyctus
 
Sort by date Sort by votes
i've never used the HP 420's before so i cannot comment on them. chances are they're pretty good

you'll need to add ACL's to your L3 device (i believe you said it was going to be a FreeBSD box) to restrict the traffic flow.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Can you explain why I need ACLs on the L3 device? Are you referring to a firewall? All of the VLANs being trunked to the router should be able to access the Internet.

Thanks
aflyctus
 
Upvote 0 Downvote
the ACL's are going to restrict communication amongst the internal LAN segments while permitting access to the Internet at the same time.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
I'm still lost. As long as the L2 switch supports VLANs, shouldn't this be sufficient for restricting traffic between VLANs?

I'm by no means experienced at networking, so don't be afraid to dumb this down for me.

Thanks,
aflyctus
 
Upvote 0 Downvote
well, in order for that traffic to exit the local lan segment there needs to be a router put in place to facilitate where to go. this router will also have routes in its routing table for the other lan segments. lets say someone connects up to your guest wireless (we'll say VLAN10 192.168.10/24) and they know you have an internal lan segment (we'll say VLAN11 192.168.11/24). if this wireless client wants to ping a host on your internal lan where will the traffic go?? to its default gateway which is your router. this router does a lookup to see where it should forward the packets and sees that the destination is on a directly connected segment. the router will arp for the hosts mac (if it isn't already in the arp cache) and will forward the packets to the destination. you need acl's in place to tell the router that under no circumstance is it ok to send traffic from VLAN10 to VLAN11, but it is ok for VLAN10 traffic to get to the Internet. make sense?

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Yes, this makes sense. Is your scenario assuming that the router would tag the routed packets with the internal VLAN ID?

Also, do you have any experience with the HP 7102dl router? I'm considering purchasing this instead of trying to hack together a Linux box.

Thanks,
aflyctus
 
Upvote 0 Downvote
well, if the router is your only L3 device then your downlevel switch will be connected to the router via a tagged port. when the router receives the packets they will be tagged with the appropriate VLAN ID (unless the traffic is in the native VLAN). when the packets need to get forwarded from one segment to the other the tag will be removed and new layer 2 information is added to the packets.

as for the 7102dl, no, i've never used one before. you might want to take a look at some of the 800 series Cisco routers. if you get one of the W models it comes with wireless built-in. the SDM is actually a very good GUI (mind you, i'm no GUI fan so that says a lot).

I guess I should ask, what kind of Internet connectivity does the Church have?? Cable, DSL, FiOS??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

joblack23
  • Locked
  • Question
hp procurve training
Replies
0
Views
72
joblack23
joblack23
mlgmartin
  • Locked
  • Question
Is J9151A 10G Tranceiver compatible with HP3500 J9310A switch? 1
Replies
1
Views
113
VinceWhirlwind
VinceWhirlwind
DanielUK
  • Locked
  • Question
HP Procurve 2650 and wireshark
Replies
7
Views
166
VinceWhirlwind
VinceWhirlwind
Borvik
  • Locked
  • Question
New ProCurve switch not visible
Replies
8
Views
148
Borvik
Borvik
texastig
  • Locked
  • Question
HP Procurve J9145A how to shut it off 1
Replies
4
Views
87
texastig
texastig

Part and Inventory Search

Sponsor

Back
Top