HPE Community
Comware Based
1753944 Members
8664 Online
108811 Solutions
New Discussion

Re: VLAN through MPLS

 
Mairie
Occasional Advisor

‎03-02-2015 12:22 AM

‎03-02-2015 12:22 AM

Re: VLAN through MPLS

@Vince-Whirlwind wrote:

You can see what they are trying to do: they want VLAN2 segmented from other VLANs all the way back to the Main Site's firewall.
It seems they are trying to do something similar with VLAN10 in relation to the Branch Site only.

 

I took it from the original request that seeing as there were multiple VLANs trunked to the ISP router, the MPLS provider must be providing VPLS.  As he says he's spoken to his provider about this, you would *hope* they would set him straight if he had misunderstood the service.

Actually, I tested on Friday and something's wrong with the VLAN2, my provider has to modify its configuration:

ping is possible from the 5120 at the Branch Office to the Firewall

ping is impossible from a PC on the VLAN2 connected to the 5120 at the Branch Office to the Firewall

I'm waiting for them to recontact me.

0 Kudos
Vince-Whirlwind
Honored Contributor

‎03-02-2015 12:38 AM

‎03-02-2015 12:38 AM

Re: VLAN through MPLS

If you ping from the 5120 switch itself you are only testing VLAN1, which is the subnet the switch IP is in, and which you already know is working.

 

Just to be clear - is the ISP router configured to trunk multiple VLANs from you?

Mairie
Occasional Advisor

‎03-03-2015 01:41 AM

‎03-03-2015 01:41 AM

Re: VLAN through MPLS

@Vince-Whirlwind wrote:

If you ping from the 5120 switch itself you are only testing VLAN1, which is the subnet the switch IP is in, and which you already know is working.

 

Just to be clear - is the ISP router configured to trunk multiple VLANs from you?

I spoke with a 3rd IT engineer of my ISP; one who actually understood what I was trying to do. Unfortunately, they don't support Layer2, only Layer3. So my VLAN cannot be extended from the HQ to the Branch Office.

I'll have to do routing at the Core with ACLs to prevent the PC BYOD (originally on VLAN2 at the Branch Office) to access services other than web access.

I'd like to thank everybody who contributed to this post and make me ask the good questions.

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.