Aruba & ProVision-based

Re: Route of last resort needed?


Route of last resort needed?

I have a Procurve 2920 that acts as a router within my private network. On the switch I have created a VLAN with an associated gateway address. it does not need a dhcp helper address. Whenever a host uses an untagged connection to the vlan and is assigned an IP address in the subnet it cannot connect to the internet. I started a packet capture on my firewall but nothing is going to it when I do a web request. I can ping the firewal and the firewall can ping the gateway and host so I know they can see each other. I put in what I know from the Cisco world as a route of last resort like this in the global config "ip route firewall IP". That did not work. When I do a 'sh ip route" the statement I put in is not there. Also when I do a traceroute to google .com it diplays the ip address because I am using my dns but it says "destination net unreachable". So it is pretty obvious I am entering in something wrong or not enough. Do I have to reboot the router? Do I need to enable RIP? Any help would be greatly appreciated

Frequent Advisor

Re: Route of last resort needed?

You need to think about what each participant in the communication does. (You know, the changing of the IP header stuff)

Your PC wants to get to the internet, so it wants to get out of its subnet. To get out, it needs to ask his Default Gateway inside of the subnet. 
The default gateway gets the packet and forwards it according to its routing table. In your example your 2920 is the default gateway and it should forward it to the firewall. To forward traffic they again need to be connected to the same subnet. 

Also don't forget the way back from the internet. It goes the same way but backward.