HPE Community
Aruba & ProVision-based
1753739 Members
3797 Online
108799 Solutions
New Discussion юеВ

Re: Help Needed To Setup VLANs - HP 2520G

 
clayrogers
Occasional Visitor

тАО08-17-2015 04:02 AM

тАО08-17-2015 04:02 AM

Help Needed To Setup VLANs - HP 2520G

I am looking to create 3 separate VLANs mainly for wireless access. Based on which VLAN the device is in, the firewall we have will apply a different filtering policy.

 

I have:

native/no vlan - access to internal network resources and filter set 1 applied by firewall to internet traffic

VLAN 20 - no internal network access and filter set 2 applied by firewall to internet traffic

VLAN 30 - no internal network access and filter set 3 applied by firewall to internet traffic

 

I am using 4 Unifi UAPs and they are connected to a Ubiquiti toughswich 8 port. My 4 UAPs are plugged into ports one through 4 of the TS8. Port 8 of the TS8 connects to port 24 of my procurve. My firewall connects to port 1 of the Procurve. Then I have a windows server and other internal network devices plugged into ports 10 through 20.

 

Can you help me configure the HP 2520G properly to accomodate these VLANs?

 

Thanks!

 

0 Kudos
5 REPLIES 5
Uma_Maheswar
Frequent Advisor

тАО08-17-2015 05:21 AM

тАО08-17-2015 05:21 AM

Re: Help Needed To Setup VLANs - HP 2520G

JIST... You need 3 vlans and firewall does the routing

 

Approach:

 

1) Create remaining two vlans .i.e vlan 20 and 30  (I assume you are using Primary Vlan 1)

 

2) Untag firewall for the respective vlan and tag other traffic (L3 interfaces must
be available on firewall for routing)

 

3) Untag edge ports as required for servers and other devices

 

4) Tag Vlan 20 & 30 traffic on uplink port 24

 

5) Point a gateway to firewall

 

 

Basic configuration snapshot

 

HP Swtich# conf
HP Swtich(config)# vlan 1
HP Swtich(vlan-1)# untagged 1,24

HP Swtich(vlan-1)# vlan 20
HP Swtich(vlan-20)# tagged 24

HP Swtich(vlan-20)# vlan 30
HP Swtich(vlan-20)# tagged 24

HP Swtich(vlan-30)# exit

HP Swtich(config)# ip default-gateway 10.0.0.1
HP Swtich(config)# exit

HP Swtich# write memory

0 Kudos
clayrogers
Occasional Visitor

тАО08-21-2015 05:36 AM

тАО08-21-2015 05:36 AM

Re: Help Needed To Setup VLANs - HP 2520G

Thank you. My only question at this point is would I also need to tag port 1 with vlan 20 and 30? That is the port going to my firewall which will handle routing the vlan 20 and vlan30 traffic. So, I thought I would need to treat that like a trunk port also.

0 Kudos
Uma_Maheswar
Frequent Advisor

тАО08-21-2015 05:39 AM

тАО08-21-2015 05:39 AM

Re: Help Needed To Setup VLANs - HP 2520G

Yes, I had mentioned that in the earlier reply...

 

Pls test and revert ... 

0 Kudos
clayrogers
Occasional Visitor

тАО08-21-2015 05:50 AM

тАО08-21-2015 05:50 AM

Re: Help Needed To Setup VLANs - HP 2520G

So do I have to do anything with that port as far as configuring it to be untagged vlan 20 and vlan 30? Or, are you saying when it's untagged for those vlans I don't need to do anything?

 

Sorry, new to vlans.

0 Kudos
Uma_Maheswar
Frequent Advisor

тАО08-21-2015 05:54 AM

тАО08-21-2015 05:54 AM

Re: Help Needed To Setup VLANs - HP 2520G

a port can be untagged only to one vlan...

 

Untag it to the correct vlan in accordance with firewall management address and tag it to the remaining vlans.

 

 

(Config)# vlan 1 untag 1

(Config)# vlan 10 tag 1

(Config)# vlan 20 tag 1

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.