Aruba & ProVision-based
Default Gateway

Default Gateway


I have got a 2920 switch and it has got 3 vlans

Vlan 10


Vlan 30 255.255.255

and everything is ok. I am stuck that how all these Vlan would forward the traffic to my router

Could you please guide me?



Honored Contributor

Re: Default Gateway

You need to add all 3 VLANs to the interface that connects to the router.

Then on the router you need to add all 3 VLANs to the interface that connects to the switch.

A maximum of 1 VLAN can be untagged.

If the VLAN is tagged on one end, it has to be tagged on the other end as well.

The router will (presumably) need a VLAN interface configured for each VLAN. Depending on the kind of router, this could be a sub-interface on the router interface connecting to the switch.


Re: Default Gateway

Thanks Vince. Is my default gateway on the switch enough to forward the internet traffice for all my VLANs to my ASA without a tag port?

Honored Contributor

Re: Default Gateway

Yes, your 2920 can have IP routing enabled and you can use it as a layer-3 switch.

Its function will therefore be
 - inter-VLAN routing between the 3 subnets
 - routing between the subnets and the ASA

So what you need is to put the default gateway/router address for each subnet on the swith VLAN interface for that subnet.

Then, you need to create a 4th VLAN, eg,
Then put on your switch VLAN99 VLAN interface.
Then put on your ASA interface that the switch is patched to.
Then you need to put a default route on the switch: -->
Then you need to put routes on your ASA, eg: -->


Re: Default Gateway

Thanks. I have enabled the IP Routing and still confused on this issue on default gateway.

When I enter the command show ip and I get the Vlans ip address.

PC | Manual           No No
Voice | Manual       No No

I think these are the gateway for Vlans ip addresses. I have configured the DHCP scope for each Vlan and change router IP address to Vlan ip address for example workstations   router ip on the DHP would be and Voice router scope on the windows dhcp would be 

I would require to add  these subnets on the Asa

object network obj_PC

object network obj_Voice

Please correct me if I am wrong?


Honored Contributor

Re: Default Gateway

Sounds good.

Your DHCP server presumably sits on the Data VLAN,o you will also need DHCP forwarding on the other VLANS to send DHCP requests in the Voice VLAN to the Data VLAN.

I guess the ASA will need to know about the networks for 3 reasons:
 - routing back to them
 - NATing for them
 - rules for passing traffic for them