HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

VLAN Setup 3Com 4200G

 
sentin709
Occasional Visitor

VLAN Setup 3Com 4200G

Hey Guys,

Im relatively new at setting up VLANS.... Well entirely new to be honest and ill do my best to explain what im trying to accomplish.



Currently we occupy 3rd floor (accounting and server room) 4th floor (engineering / Geologists) and 5th floor (corporate and Admins) Each floor has a telco room with a 4200g 48 port switch with a tie in to each floor.



In the server room we have an OpenBSD firewall operating which allows all traffic OUT and only certain traffic IN. The Main network has PDC and BDC and other various servers operating on 192.168.25.xx subnet.



What i need to do is on the 4th floor we have 2 independant machines being installed for FRAC viewing (in the Oil and Gas industry this is used to view an active Frac which are explosions via feed from HTTP source)



I wanted to designate 2 ports on the switch (which link into the 2 data ports in that room) to a different subnet. This would allow me to keep these computers segregated from the main network traffic.



The problem is im getting confused with how the wording is laid out in the Web interface.



So lets say i want to make the other 2 independant machines operate on the subnet 192.168.50.XX with the netmask of 255.255.255.248.

This would give me 6 IP address to work with (more than enough)



I know i would create a new VLAN which ive done and called it VLAN 2 .. I have assigned this VLAN the IP of 192.168.50.1. (not really sure how that plays into this) ive assigned ports 15 and 16 on the switch to Vlan 2.



Rather than go on and on about this maybe im going down the wrong path completely. Some insight would be greatly appreciated.



Thanks in Advance.



Aaron

5 REPLIES
Fred_Mancen_1
Super Advisor

Re: VLAN Setup 3Com 4200G

Hi, Aaron.



You need to setup the interconnection ports between the switches - 4th floor and core switch - as trunk ports. Additionally, you need to permit the VLAN traffic in this trunk connection:



int gi 1/0/N -> Where "N" is the port connected to the core switch



port link-type trunk

port trunk permit vlan 1 2



I assume that you already created the VLAN (Layer 2) in both switches, and the interface VLAN (Layer 3 - IP) in the core switch.



HTH

sentin709
Occasional Visitor

Re: VLAN Setup 3Com 4200G

Thanks for your reply.

So we've been doing some reading and as far as i can tell this is what i would need to do.



Designate the trunk port (4th floor switch) to be tagged in Vlan 1 and Vlan2 and connect it to the 3rd floor teclo switch (also a 3com 4200) setup the trunk port on this as well and tag it with Vlan 1 and Vlan 2.



Connect this trunk port to a port on the Core switch (one that is directly linked into the firewall.) This is where i seem to have so many questions and something isnt making sense.



Here are a few questions that may help to force logic into my tiny brain.



1 - How would DHCP work ? ... My thoughts is it wouldn't as the PDC and BDC are on a separate sub net... DHCP would not be allowed with the above setup to talk to those 2 new machines (as its on vlan 1 and the machines are on vlan 2).. So do you always need to deploy either a seperate DHCP server for each subnet or use static IP's for each workstation?



And for that matter do i even need to use a different subnet if it is going to be static and not see (and theirfore not cause and IP conflicts)the other IPS?



And the dumb question of the day is...... What is the difference between the VLAN interface and the VLAN options in the web GUI?? i seem to be confused as to what the 2 different menus are used for.



Thanks again in advance.... I know these may seem lame and dumb but im missing something critical here that makes all of this work.



Aaron





paxvor
Occasional Advisor

Re: VLAN Setup 3Com 4200G

hi aaron



you need to enable dhcp relay on the switch ( or maybe UDP helper, port 67 ), and point it to another DHCP server.

You don't need DHCP server in every subnet.

Don't worry , the DHCP server somehow will know the IP subnet based on the vlan interface IP address.

At least it works in my win2k3 DHCP server :)





- paxvor -



sentin709
Occasional Visitor

Re: VLAN Setup 3Com 4200G

So guys i hate to ask anyone to spell it out for me. But im just not getting something here.



If i wanted to accomplish the above mentioned.. Have 2 ports on 4th floor switch in seperate VLan (instead of 192.168.25.XX it will be 192.168.50.xx) and have it link downstairs to the core switch. what steps do i need to take from start to finish.

The Vlans should not be able to talk to each other with the Exception of DHCP i would love to set up a new scope on the DHCP server and allow it to assign the IPs to this VLAN.



Im confused mainly on the Vlan Interface button and the VLan button. I do not use telnet to configure (wish i had time to read up on the commands)so if someone has the time to walk me through using the GUI to configure this I would appreciate it greatly.



And all the manuals seem to talk about super complex setups that don't really apply to what im trying to do.



Just a simple setup i had though....

I appreciate the already given responses it did give me some insight !

paxvor
Occasional Advisor

Re: VLAN Setup 3Com 4200G

If you want the vlan not to be able to talk each other. you can setup ACL in the switch. You must read the doc on how to setup this.



OR



you setup static IP address on each PC in vlans, without default gateway. For other PC that use DHCP, they will be able to talk to other vlan. ( I assume you setup your DHCP correctly, which is default gateway for client will be the vlan IP interface ).



- paxvor -