Re: Need help with configuring 2910al-48 port, please!

kbop · ‎12-15-2013

Hello!

I have a 2910al and need assistance configuring it. Main issues is that i cannot get out to the internet from the switch. If i configure my network settings accordingly on my computer and plug the ethernet in directly to the machine, i have no issues getting out to the internet.

Currently I have an ethernet cable from an at&t switch which was given an ip address. Lets say the

IP address: 12.34.56.78

Subnet: 255.255.255.224

Gateway: 12.34.56.1

I have taken this ethernet cable and plugged it into port 1 of the switch and my computer is plugged into port 48.

With the current config and ip route i cannot get out to the internet... what am i doing wrong?!!? (please note there is no firewall at this time)

here is the config... Please let me know if you need any more information!

Startup configuration:

; J9147A Configuration Editor; Created on release #W.15.08.0012
; Ver #02:11.05:16
hostname "CORE2910al"
module 1 type j9147a
ip default-gateway 12.34.56.78
ip dns server-address priority 1 8.8.8.8

ip route 0.0.0.0 0.0.0.0 12.34.56.78
ip routing

interface 1
name "uplink to 12.34.56.78"
exit
snmp-server community "public" unrestricted
snmp-server contact "Me"
spanning-tree
spanning-tree priority 0 force-version rstp-operation
vlan 1
name "VLAN1-Management"
no untagged 47
untagged 2-46,48
tagged 1
ip address 10.7.1.250 255.255.255.0
exit
vlan 2
name "VLAN2-Server"
tagged 1
ip address 10.7.2.1 255.255.255.0
exit
vlan 4
name "VLAN4-Guest"
tagged 1
ip address 10.7.4.1 255.255.255.0
exit
vlan 11
name "VLAN11-OfficeFloor"
tagged 1
ip address 10.7.11.1 255.255.255.0
exit
vlan 20
name "VLAN20-EmployeeWireless"
untagged 47
tagged 1
ip address 10.7.20.1 255.255.254.0
exit
no autorun
password manager

show ip route:

IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
10.7.1.0/24 VLAN1-Manage... 1 connected 1 0
10.7.2.0/24 VLAN2-Server 2 connected 1 0
10.7.4.0/24 VLAN4-Guest 4 connected 1 0
10.7.11.0/24 VLAN11-Offic... 11 connected 1 0
10.7.20.0/23 VLAN20-Emplo... 20 connected 1 0
127.0.0.0/8 reject static 0 0
127.0.0.1/32 lo0 connected 1 0

Thanks!

P.S. This thread has been moved from Comware-Based to ProCurve. - Hp Forum Moderator

JanB · ‎12-16-2013

Hi kbop

After looking through your config I found several misconfigurations. I've attached the redone part of your config which should work.

ip default-gateway 12.34.56.1

ip route 0.0.0.0 0.0.0.0 12.34.56.1

vlan 1
name "VLAN1-Management"
no untagged 47
untagged 2-46,48
ip address 10.7.1.250 255.255.255.0
exit

vlan 2
name "VLAN2-Server"
ip address 10.7.2.1 255.255.255.0
exit

vlan 4
name "VLAN4-Guest"
ip address 10.7.4.1 255.255.255.0
exit

vlan 11
name "VLAN11-OfficeFloor"
ip address 10.7.11.1 255.255.255.0
exit

vlan 20
name "VLAN20-EmployeeWireless"
untagged 47
ip address 10.7.20.1 255.255.254.0
exit

Now add any other VLAN, for example VLAN 30 and configure it accordingly.

vlan 30

name "VLAN30-InternetUplink"

untagged 1

ip address 12.34.56.78 255.255.255.224

exit

Because you enabled IP Routing inter-VLAN routing is enabled. You don't have to tag all VLANs on your uplink port therefore. We'll use only VLAN30 for this purpose. Could you check if I this config works?

Thanks!

kbop · ‎12-16-2013

It worked!!!!

DUDE Thanks! That's friggin' awesome. I see where I went terrible wrong. You have shown me a lot from your correct config. Greatly appreciated :)

CORE2910al# show config

Startup configuration:

; J9147A Configuration Editor; Created on release #W.15.08.0012
; Ver #02:11.05:16
hostname "CORE2910al"
module 1 type j9147a
ip default-gateway 12.34.56.1
ip dns server-address priority 1 208.67.222.222
ip dns server-address priority 2 208.67.220.220
no ip ssh
ip route 0.0.0.0 0.0.0.0 12.34.56.1
ip routing
snmp-server contact "Me"
spanning-tree priority 0 force-version rstp-operation
vlan 1
name "VLAN1-Management"
no untagged 1
untagged 2-48
ip address 10.7.1.250 255.255.255.0
exit
vlan 2
name "VLAN2-Server"
ip address 10.7.2.1 255.255.255.0
exit
vlan 4
name "VLAN4-Guest"
ip address 10.7.4.1 255.255.255.0
exit
vlan 11
name "VLAN11-OfficeFloor"
ip address 10.7.11.1 255.255.255.0
exit
vlan 20
name "VLAN20-EmployeeWireless"
ip address 10.7.20.1 255.255.254.0
exit
vlan 30
name "VLAN30-InternetUplink"
untagged 1
ip address 12.34.56.78 255.255.255.224
exit
no autorun
password manager

kbop · ‎12-23-2013

So my switch can route out just fine by my vlans cannot...?!

i set my dns, on the swtich, to DNS: 208.67.222.222, 208.67.220.220

I think I'm missing something else here... do I need to have my vlans route out a certain way?

(The reason why i tagged vlan 4 and 20 is because i intended on setting up a WAP on interface 3... I suspect the reason why vlan 2 and 11 don't show up in the route entries is because they are not tagged. )

Currrently, the computer is setup manually as:

IP: 10.7.1.2

Subnet: 255.255.255.0

Router: 10.7.1.250

DNS: 208.67.222.222, 208.67.220.220

CORE2910al(config)# show ip route

IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.

------------------ --------------- ---- --------- ---------- ---------- -----

0.0.0.0/0 12.34.56.1 30 static 1 1

10.7.1.0/24 VLAN1-Manage... 1 connected 1 0

10.7.4.0/24 VLAN4-Guest 4 connected 1 0

10.7.20.0/23 VLAN20-Emplo... 20 connected 1 0

12.34.56.0/27 VLAN30-Inter... 30 connected 1 0

127.0.0.0/8 reject static 0 0

127.0.0.1/32 lo0 connected 1 0

CORE2910al(config)# show config

Startup configuration:

; J9147A Configuration Editor; Created on release #W.15.08.0012

; Ver #02:11.05:16

hostname "CORE2910al"

module 1 type j9147a

no web-management

ip default-gateway 12.34.56.1

ip dns server-address priority 1 208.67.222.222

ip dns server-address priority 2 208.67.220.220

no ip ssh

ip route 0.0.0.0 0.0.0.0 12.34.56.1

ip routing

snmp-server contact "Me"

spanning-tree priority 0 force-version rstp-operation

vlan 1

name "VLAN1-Management"

no untagged 1

untagged 2-48

ip address 10.7.1.250 255.255.255.0

exit

vlan 2

name "VLAN2-Server"

ip address 10.7.2.1 255.255.255.0

exit

vlan 4

name "VLAN4-Guest"

tagged 3

ip address 10.7.4.1 255.255.255.0

exit

vlan 11

name "VLAN11-OfficeFloor"

ip address 10.7.11.1 255.255.255.0

exit

vlan 20

name "VLAN20-EmployeeWireless"

tagged 3

ip address 10.7.20.1 255.255.254.0

exit

vlan 30

name "VLAN30-InternetUplink"

untagged 1

ip address 12.34.56.78 255.255.255.224

exit

kbop · ‎12-26-2013

Ah... I see

I need something to perform NAT because this particular model doesn't support it.

http://h30499.www3.hp.com/t5/Switches-Hubs-Modems-Legacy-ITRC/Procurve-2910al-Routing-Question/td-p/4715895#.UryvOmRDuhY

I have yet to get my hands on a router but when i do the plan is to:

1. remove vlan 30

2. connect ethernet with public ip address to router

3. connect router to procurve on interface 1

4. tag all the vlans on interface 1

Does that sound right?

RouterGuy · ‎01-04-2014

Hey there!

My first obvious question is - WHY are you assigning your public IP to your switch?

I DO NOT believe that you will run NAT in the switch.

I would use a firewall. Use that as your NAT gateway. Then create an L3 SVI to go from switch to router and have your switch handle the internal L3.

You could use a pair of ports, NO l3 on them as an isolated vlan so you coud ultimately use another span port to monitor the traffic to the internet if you felt you needed to.

Chris

RouterGuy · ‎01-04-2014

KBOP - ignore my next comment below questioning the L3 - the previous fellow kinda asked/answered the same.

My sample config would be something like:

vlan 800
name "LastHopOut"
ip address 172.16.1.2 255.255.255.252

untagged 1
exit

ip route 0.0.0.0 0.0.0.0 172.16.1.1

Then you can have all of your other vlan configs as previsouly laid out by the others on this thread.

In an IOS router envoronment for your internet gateway, you can use something like this:

Interface fastethernet 0/0

description To ISP

ip address 12.z.z.z 255.255.255.252

ip nat outside

interface fastethernet 0/1

description To Internal

ip address 172.16.1.1 255.255.255.252

ip nat inside

ip route 0.0.0.0 0.0.0.0 12.z.z.y (the gateway from ATT)

ip access-list extended NAT

remark - define your internal subnets here

permit ip 10.1.1.0 0.0.0.255 any

permit ip 10.1.2.0 0.0.0.255 any

route-map nonat permit 10

match address NAT

ip nat inside source route-map nonat interface fastethernet 0/0 overload

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Need help with configuring 2910al-48 port, please!

Need help with configuring 2910al-48 port, please!