Back to home Menu

Smooth integration of Ocedo into existing networks

April 14, 2015 - Posted in Feature Peek by

Tags:

In order to set up Ocedo appliances for demos, lab, evaluation or testing purposes, it is often needed to smoothly integrate them into an existing network infrastructure, without the need to completely change the network cabling, routing or ip addressing schemes. This HOWTO gives some configuration hints about the needed steps to set up the network components (Ocedo and non-Ocedo). Please be aware that, due to security and routing considerations, we do not recommend to have this setup be a permanent configuration, consider this as a suggestion of a temporary “special” integration.
In this HOWTO, you see that two network cable connections are plugged into the same switch and network (the green and the orange cable), which might look unusual. The reason for this is that one cable (the green one) is used as the “uplink” connection for the gateway, whereas the “orange” cable is used as the LAN connection which serves for the existing (wired) clients as routing destination. Be aware that in this special configuration the Ocedo Gateway needs two IP addresses out of the existing IP network pool – in our example it´s 192.168.0.254 (for the LAN-connection) and 192.168.0.2 (for the Uplink connection).

Example 1: No change to existing clients, new IP network for wireless clients
Example 2: Ocedo GW as new default GW, new IP network for wireless clients
Example 3: Ocedo GW as new default GW, existing IP network enhanced

No change to existing clients, new IP network for wireless clients

Example1-Integrate-Existing-Network-3rdParty-GW

 

In this example we want to integrate Ocedo products into an existing network environment.
Ocedo’s Default HQ Zone has IP range 172.16.0.0/24 and we want to connect it with the existing network 192.168.0.0./24
The default gateway and DHCP Server for the existing network is a Router with the IP Address 192.168.0.1
We used the IP 192.168.0.254 of the existing network. Please make sure that this IP is not in the range of the DHCP Server and not used for a static IP assignment.

In addition to an unchanged “HQ” default configuration the following steps are necessary to implement the network scheme:

1. Add a Zone into Site “HQ” for 192.168.0.0/24 via Connect Controller > Network Design > Zones > New Zone
– select Site HQ
– Enter a name for the Zone (e.g. “ExistingNetwork”)

2. Once the Zone is created edit the configuration

  • select Zone “ExistingNetwork”
  • navigate to Tab “Gateways” and select “Manual”
  • Delete the Gateway assignment
  • add a new assignment with the following settings:
    – Gateway appliance: select the G50
    – Gateway type: Member
    – IP assignment: Manual (It’s also possible the obtain an IP address from the DHCP Server of the Router)
    – IPv4 Address: 192.168.0.254
    – DHCP/RA Server: Off
    – Inbound NAT: Off (Enable inbound NAT if you can’t create the route on your router. Point 7)
    – Skip outbound NAT: Off
  • - navigate to Tab “IP” and change IPv4 Network to 192.168.0.0/24 and Gateway to 192.168.0.1

3. Navigate to Ports section to configure one of the LAN ports of the Ocedo Gateway into the Zone “ExistingNetwork”

  • select port LAN1
  • navigate to Tab “Settings” and select Zone “ExistingNetwork”

4. Plug a cable into port LAN1 and connect it via the Switch to the 192.168.0.0/24 network

5. Plug a cable into port WAN1 and connect it via the Switch to the Router 192.168.0.1

6. Connect the Ocedo AP to port LAN2

7. To get traffic flow between both networks add a route to the Router for 172.16.0.0/24 via 192.168.0.254

Please note that Uplink Traffic from Clients in the existing Network won’t be reported in Ocedo’s Traffic Timeline since the default gateway is the Router and not the Ocedo Gateway.

If you want to broadcast the existing network with the Ocedo AP you have to enable xLAN for the HQ site.

Ocedo GW as new default GW, new IP network for wireless clients

Example2-Integrate-Existing-Network-Ocedo-GW

 

In this example the Ocedo Gateway will become the new Default Gateway for the existing network 192.168.0.0/24 in the Headquarter and serves IP addresses for 192.168.0.0/24 and the new Ocedo network 172.16.0.0/24.
We used the IP 192.168.0.2 of the existing network. Please make sure that this IP is not in the range of the DHCP Server and not used for a static IP assignment.

In addition to an unchanged “HQ” default configuration the following steps are necessary to implement the network scheme:

1. Add a Zone to Site “HQ” for network 192.168.0.0/24 via
Connect Controller > Network Design > Zones > New Zone
– select Site HQ
– enter a name for the Zone (e.g. “ExistingNetwork”)

2. Once the Zone is created edit the configuration

  • select Zone “ExistingNetwork”
  • navigate to Tab “IP” and change IPv4 Network to 192.168.0.0/24 and Gateway to 192.168.0.254

3. Change the existing Headquarter Uplink from DHCP to Static via

Connect Controller > Network Design > Uplinks

  • select “HQ” Uplink
  • navigate to Tab “Settings” and switch to “Static IPv4” Type
    – Address: 192.168.0.2
    – Gateway: 192.168.0.1

4. Navigate to “Ports” section to configure one of the LAN ports of the Ocedo Gateway into Zone “ExistingNetwork”

  • select port LAN1
  • navigate to Tab “Settings” and select Zone “ExistingNetwork”

5. Plug a cable into port LAN1 and connect it via the Switch to the 192.168.0.0/24 network

6. Plug a cable into port WAN1 and connect it via the Switch to the Router 192.168.0.1

7. Connect the Ocedo AP to port LAN2

8. Disable DHCP Server functionality on the Router for 192.168.0.0/24

If you want to broadcast a SSID in the existing network on the Ocedo AP and the Site does not support VLAN operation on the wire you have to enable xLAN for the Headquarter Site.

Ocedo GW as new default GW, existing IP network enhanced

Example3-Expand-Existing-Network-Ocedo-GW

 

In this example the Ocedo Gateway will become the new Default Gateway and DHCP Server for the existing network 192.168.0.0/24 in the Headquarter.

The Ocedo Gateway is connected with two ports to the existing network. One cable is connected to the Uplink WAN Port and the other one to LAN Port.
We used the IP 192.168.0.2 of the existing network. Please make sure that this IP is not in the range of the DHCP Server and not used for a static IP assignment.

In addition to an unchanged “HQ” default configuration the following steps are necessary to implement the network scheme:

1. Edit the “HQ” Zone configuration via Connect Controller > Network Design > Zones

  • select the “HQ” Zone
  • Navigate to Tab “IP” and change IPv4 Network to 192.168.0.0/24 and Gateway to 192.168.0.254

2. Change the existing Headquarter Uplink from DHCP to Static via
Connect Controller > Network Design > Uplinks

  • select the “HQ” Uplink
  • navigate to Tab “Settings” and switch to “Static IPv4” Type
    – Address: 192.168.0.2
    – Gateway: 192.168.0.1

3. Plug a cable into port LAN1 and connect it via the Switch to the 192.168.0.0/24 network

4.Plug a cable into port WAN1 and connect it via the Switch to the Router 192.168.0.1

5. Connect the Ocedo AP to LAN2 Port

6. Disable DHCP Server functionality on the Router for network 192.168.0.0/24

One Comment

stefan lieberth 2 years ago

Thanks for posting the description in the blog.

a couple of questions/questions came to mind when reading the post.

Diagram 1)
– it would be beneficial to display the IP-address-method (DHCP) in the diagrams for the green link (WAN/uplink)
– Are the yellow (LAN1) port and green (WAN) port connected to the same VLAN? If yes, then router-DHCP server must not assign 192.168.0.254 to any LAN client – correct?

Diagram 2 + 3)
– it would be beneficial to display the IP-address (192.168.0.2) in the diagrams for the green link (WAN/uplink)
– For security and IP-addressing reasons it would make sense to use a LAN(yellow) and a WAN(green) VLAN on the switch – correct?

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>