HPE Community
LAN Routing
1752770 Members
4857 Online
108789 Solutions
New Discussion

Connecting an Aruba 2540 Multi-VLAN directly to a modem

 
SOLVED
Go to solution
olpo
Visitor

‎02-28-2021 08:06 AM - edited ‎02-28-2021 08:24 AM

‎02-28-2021 08:06 AM - edited ‎02-28-2021 08:24 AM

Connecting an Aruba 2540 Multi-VLAN directly to a modem

Hello,

I'm new to switching and am looking to enable the connectivity of two VLANs configured on an Aruba 2540 Switch to Internet.

Desired Connectivity :
    - VLAN 1 -> VLAN 2: Reject
    - VLAN 2 -> VLAN 1 : Reject
    - VLAN 1 -> internet : Accept
    - VLAN 2 -> internet : Accept

I have the following configuration on my Aruba 2540 Switch:
    - ISP modem connection: 1
    - Trunk :
        - Trk1 : port 1
    - VLAN
        - Vlan 1: 2,Trk1
        - Vlan 2: 3,Trk1

I tried several configurations found on the internet and what seemed to be the closest to the solution was to configure routes after activating "ip route", but when I display them with "show ip route", I never see them in the table and what I try to do don'nt work.

Thanking you in advance for the time you spent on my post and helping me
Oliver

0 Kudos
6 REPLIES 6
akg7
HPE Pro

‎02-28-2021 11:30 AM

‎02-28-2021 11:30 AM

Re: Connecting an Aruba 2540 Multi-VLAN directly to a modem

Hello,

It seems you are not looking for communication between VLAN1 & VLAN2 but both should have communication with ISP.

Is this correct?

Can you please share interfaces which you wants to keep it for vlan 1 and vlan 2 and which interfaces towards ISP?

Thanks!

 

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
0 Kudos
olpo
Visitor

‎02-28-2021 11:40 PM - edited ‎02-28-2021 11:40 PM

‎02-28-2021 11:40 PM - edited ‎02-28-2021 11:40 PM

Re: Connecting an Aruba 2540 Multi-VLAN directly to a modem

Hello akg7,

Thanks for your reply !

Yes, it is correct. I want to :
- Block communication between VLAN1 & VLAN2
- Allow communication from VLAN1 to ISP router
- Allow communication from VLAN2 to ISP router.

Configuration :
- Trunk :
    - Port 1 connected to ISP router
    - Name Trk1
- VLAN1 : Untagged port 2 & Trk1
- VLAN2 : Untagged port 3 / Tagged Trk1

Desired Connectivity :
    - VLAN 1 -> VLAN 2: Reject
    - VLAN 2 -> VLAN 1 : Reject
    - VLAN 1 -> internet : Accept
    - VLAN 2 -> internet : Accept

Thanks in advance for your help,
Oliver

0 Kudos
akg7
HPE Pro

‎03-02-2021 05:57 PM

‎03-02-2021 05:57 PM

Re: Connecting an Aruba 2540 Multi-VLAN directly to a modem

Hello,

Which ports are under trk1.

Here trk1 is for LACP.

I believe you need to set up ACL as per your requirement.

Thanks!

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
0 Kudos
parnassus
Honored Contributor

‎03-03-2021 01:20 PM - edited ‎03-03-2021 01:22 PM

‎03-03-2021 01:20 PM - edited ‎03-03-2021 01:22 PM

Solution

Re: Connecting an Aruba 2540 Multi-VLAN directly to a modem

Hi! I'm under the impression you're improperly using the "Port Trunking" on your Aruba 2540 switch: "Port Trunking" means "Links Aggregation". Do you have aggregated physical links? it the answer is "No, I don't" then you should get rid of Trk<id> logical interface you configured and start working only on involved physical interfaces (this just for the VLAN tagging part).

ACL needs to be implemented in VLAN 1 and VLAN 2 to block traffic between them letting traffic to go to any other (non local) network...your Internet behind your Firewall/Router.


I'm not an HPE Employee
Kudos and Accepted Solution banner
0 Kudos
olpo
Visitor

‎03-04-2021 12:01 PM

‎03-04-2021 12:01 PM

Re: Connecting an Aruba 2540 Multi-VLAN directly to a modem

Hello,

Thanks for your answers

I was not able to try them today, but I will do it tomorrow and post if I reach my goal.

Have a good evening,
Oliver

0 Kudos
olpo
Visitor

‎03-05-2021 07:28 AM

‎03-05-2021 07:28 AM

Re: Connecting an Aruba 2540 Multi-VLAN directly to a modem

Hello,

It works with ACL

Thanks for your help !
Oliver

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.