To provide guidelines on what VLAN to assign to a port based on the device being connected.
- Consider the type of device being connected. Do you know the IP address of another working device in the same building that is similar to this one? If so, most likely this device should be on the same VLAN as that similar device.
- Browse to NetInfo and enter in the IP of the similar device into the "IP Subnet Address" field, then click "Submit".
- The network name of the similar device will show up in the results. Copy that name, then browse to DCT.
- Use DCT to find the port for the device you want to assign. Click on that port to edit the VLAN, and select the network name you found in netinfo. If applicable, enter in a description for the port and enable it.
- If you cannot find the appropraite network name in the DCT dropdown list, create a ServiceLink ticket and assign to ITS -> Network.
- The following network types are for network management and should never be used in VLAN assignments:
- Names that start with "O-" (though there are a few exceptions) or "D-".
- Names that end with "-MGMT" (vlan 3) or "-AP" (Vlan 9)
- Network names that start with CFW, DFW, or VFW are firewalled networks - VFW is the virtual firewall. Many departments that handle sensitive data (like Business and Finance) put their machines on firewalled networks.
- Network names that contain "VOIP" (usually Vlan 2) can be assigned to ports that are ONLY going to be used for VoIP phones or teleconference devices. If you are going to plug a PC into the VoIP phone, you need to assign assign the VLAN for the PC to that port, open a ServiceLink ticket, provide the switch IP and port number, and assign to ITS -> Network. They can configure the VoIP piece.
- Networks with associated subnets of 10.x.x.x or 192.168.x.x are in private IP space and can only talk to other on-campus devices (no internet). These networks are typically used for devices like printers or Plant Ops devices (card readers, HVAC, etc).
- Most end user/workstation VLANs use public addresses (anything not 10.x.x.x or 192.168.x.x) and are DHCP enabled. Netinfo will not tell you if a network is DHCP enabled, to figure that out you will have to look in BlueCat (aka Proteus). You can also just try plugging in the DHCP-enabled device and seeing if it gets a valid address (note that 169.254.x.x does not count as a valid address).
Wednesday, January 4, 2017