Aruba & ProVision-based

core switch config

 
HPGuruUK
Occasional Advisor

core switch config

Hello,

 

I am testing and playing with a HP ProCurve 2610-24-PWR, I know this is a light version of a layer 3 switch, my question is, i've set the switch up as a core switch i can access all vlans and ping everything fine, my firewall is 192.168.1.250, if i go onto a different vlan say 192.168.6.254 i cannot ping 192.168.1.250 or access the internet, my config is below:

 

ostname "build-me-it-core-1"
time daylight-time-rule Western-Europe
console inactivity-timer 15
ip routing
timesync sntp
snmp-server community "public" Unrestricted
vlan 1
   name "bmi_svr"
   untagged 1-10,13-24
   ip address 192.168.1.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   no untagged 11-12
   ip igmp
   exit
vlan 2
   name "bmi_ilo"
   ip address 192.168.2.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
vlan 3  
name "bmi_cctv"
   ip address 192.168.3.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
vlan 4
   name "bmi_prt"
   ip address 192.168.4.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
vlan 5
   name "bmi_mgmt"
   ip address 192.168.5.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
vlan 6
   name "bmi_clients"
   untagged 11-12
   ip address 192.168.6.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
ip route 0.0.0.0 0.0.0.0 192.168.1.250
spanning-tree
spanning-tree priority 0 force-version RSTP-operation
password manager
password operator

build-me-it-core-1#
build-me-it-core-1#
build-me-it-core-1# show conf

Startup configuration:

; J9087A Configuration Editor; Created on release #R.11.30

hostname "build-me-it-core-1"
time daylight-time-rule Western-Europe
console inactivity-timer 15
ip routing
timesync sntp
snmp-server community "public" Unrestricted
vlan 1
   name "bmi_svr"
   untagged 1-10,13-24
   ip address 192.168.1.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   no untagged 11-12
   ip igmp
   exit
vlan 2
   name "bmi_ilo"
   ip address 192.168.2.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
vlan 3
   name "bmi_cctv"
   ip address 192.168.3.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
vlan 4
   name "bmi_prt"
   ip address 192.168.4.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
vlan 5
   name "bmi_mgmt"
   ip address 192.168.5.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
vlan 6
   name "bmi_clients"
   untagged 11-12
   ip address 192.168.6.254 255.255.255.0
   ip helper-address 192.168.1.51
   tagged 25-28
   ip igmp
   exit
ip route 0.0.0.0 0.0.0.0 192.168.1.250
spanning-tree
spanning-tree priority 0 force-version RSTP-operation
password manager
password operator

build-me-it-core-1#

build-me-it-core-1# show ip route

                                IP Route Entries

  Destination        Gateway         VLAN Type      Sub-Type   Metric     Dist.
  ------------------ --------------- ---- --------- ---------- ---------- -----
  0.0.0.0/0          192.168.1.250   1    static               1          1
  127.0.0.0/8        reject               static               0          250
  127.0.0.1/32       lo0                  connected            0          0
  192.168.1.0/24     bmi_svr         1    connected            0          0
  192.168.2.0/24     bmi_ilo         2    connected            0          0
  192.168.3.0/24     bmi_cctv        3    connected            0          0
  192.168.4.0/24     bmi_prt         4    connected            0          0
  192.168.5.0/24     bmi_mgmt        5    connected            0          0
  192.168.6.0/24     bmi_clients     6    connected            0          0

 

any ideas?

2 REPLIES 2
cenk sasmaztin
Honored Contributor

Re: core switch config

hi

your switch config is true

 

but you must write static route to local network on the firewall

 

ip route 192.168.0.0 255.255.0.0 192.168.1.254

cenk

HPGuruUK
Occasional Advisor

Re: core switch config

ic - i have a cisco pix 515, i think i saw a section called static routes, i'll add it in and report back, many thanks.