HPE Community
HPE Aruba Networking & ProVision-based
1813462 Members
3576 Online
109524 Solutions
New Discussion

DHCP Server, Multiple Scopes with multiple Vlans

 
justyvinzz
Frequent Visitor

‎06-21-2018 02:57 PM

‎06-21-2018 02:57 PM

DHCP Server, Multiple Scopes with multiple Vlans

Hi, I am using a Procurve switch and I have 3 vlans. (Vlan 200, 300, 400). DHCP is being provided from a Windows Server with a DHCP scope for each VLAN. When I set the default gateway of my Windows server to my firewall/router DHCP requests are not passing to Vlans 200 and 400, only to 300 because my Windows server lives on that Vlan. But when I set the default gateway of my Windows server to my switch, it's able to pass the requests to all the vlans. Here is my config, what am I doing wrong? Any help is greatly apperciated. 

 

vlan 1
name "DEFAULT_VLAN"
no untagged A1-A24
untagged B1-B24,D1-D24
no ip address
exit
vlan 200
name "Voice"
untagged A13-A24
tagged A1
ip address 192.168.100.2 255.255.255.0
ip helper-address 192.168.23.10
exit
vlan 300
name "Data"
untagged A1-A12
ip address 192.168.23.2 255.255.255.0
exit
vlan 400
name "VLAN400"
tagged A1
ip address 192.168.200.2 255.255.255.0
ip helper-address 192.168.23.10
exit
spanning-tree
no spanning-tree bpdu-throttle
spanning-tree priority 0
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager

0 Kudos
4 REPLIES 4
Vince-Whirlwind
Honored Contributor

‎06-24-2018 10:45 PM

‎06-24-2018 10:45 PM

Re: DHCP Server, Multiple Scopes with multiple Vlans

You have a design issue: you have 2 routers on a segment that includes hosts (including your servers).

You need to decide whether you want the router for your VLAN300 subnet to be your layer3 switch or your router, not both.

justyvinzz
Frequent Visitor

‎06-27-2018 01:07 PM - edited ‎06-27-2018 01:08 PM

‎06-27-2018 01:07 PM - edited ‎06-27-2018 01:08 PM

Re: DHCP Server, Multiple Scopes with multiple Vlans

Sorry for the late response, it was a long Holiday in Canada. I made some adjustments as per your recommendation with a few modifications. So I created a internet VLAN (VLAN 100) which I have a port connected untagged from my firewall to my L3 switch. I also created a management VLAN (VLAN 400) that has a tagged connection from my HOST (ESXI 6.5) to my switch. I also tagged a connection from my HOST to VLAN 300 for my virtual DC which lives in VLAN 300. I set the new default gateway of all my VLANS to my L3 switch as it will be doing the routing. The problem I have now is I am not able to reach the the firewall (IP address: 192.168.250.1) from any of my VLANS other than the internet VLAN (VLAN100), because of this I do not have access to the internet on all VLANS (excluding VLAN 100). I created an IP route on my L3 switch 0.0.0.0 0.0.0.0 192.168.250.1 but this does not seem to work. Here is my config, I am missing something? Sorry if this is unclear I am new to this.

hostname "DevSwitch"

module 1 type j8702a

module 2 type j8702a

module 3 type j8702a

module 4 type j8702a

ip route 0.0.0.0 0.0.0.0 192.168.250.1

ip routing

snmp-server community "public" unrestricted

vlan 1

name "DEFAULT_VLAN"

no untagged A1-A24

untagged B1-B24,D1-D24

no ip address

exit

vlan 100

name "Internet"

untagged A2-A5

ip address 192.168.250.2 255.255.255.0

vlan 200

name "Voice"

untagged A13-A24

ip address 192.168.100.2 255.255.255.0

ip helper-address 192.168.23.10

exit

vlan 300

name "Data"

untagged A6-A12

tagged A1

ip address 192.168.23.2 255.255.255.0

exit

vlan 400

name "Management"

tagged A1

ip address 192.168.200.2 255.255.255.0

ip helper-address 192.168.23.10

exit

spanning-tree

no spanning-tree bpdu-throttle

spanning-tree priority 0

no tftp server

no autorun

no dhcp config-file-update

no dhcp image-file-update

password manager

0 Kudos
Vince-Whirlwind
Honored Contributor

‎06-27-2018 08:55 PM

‎06-27-2018 08:55 PM

Re: DHCP Server, Multiple Scopes with multiple Vlans

Your firewall needs routes for all your internal subnets that it is not directly connected to.

justyvinzz
Frequent Visitor

‎06-28-2018 06:07 AM - edited ‎06-28-2018 09:33 AM

‎06-28-2018 06:07 AM - edited ‎06-28-2018 09:33 AM

Re: DHCP Server, Multiple Scopes with multiple Vlans

Hi Vince,

Thanks for your quick response. Can you provide an example of a route that would need to be created on the firewall?

The IP of my Firewall is 192.168.250.1 and I have multiple internal IP ranges such as 192.168.100.x, 192.168.200.x, 192.168.250.x

Thanks again for your help.

 

Also, I am not sure if this helps but I am using an untangle appliance as my firewall.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.