- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- LAN Routing
- >
- Re: HP 2920 Aruba Inter Vlan Problem
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-19-2016 10:15 AM
тАО08-19-2016 10:15 AM
HP 2920 Aruba Inter Vlan Problem
Hello,
i'm a little noob in networking.
I'm trying to implement VLAN in my network but i'm in trouble.
I have 3 switch, one 2920 layer 3, one 2530 layer 2 and an old 3com baseline switch. For the network wan connectivity i use Kerio Control
I have created 3 VLAN: VLAN10 VLAN20 VLAN90. Vlan 1, the default, is not used.
This is the configuration of the 2920 is this:
Running configuration: ; J9728A Configuration Editor; Created on release #WB.16.01.0004 ; Ver #0b:34.59.14.29.eb.8f.fc.f3.ff.37.2d:d5 hostname "mgz-b-cs-1" module 1 type j9728a trunk 43-48 trk1 lacp trunk 39-42 trk2 lacp trunk 35-38 trk3 lacp trunk 33-34 trk4 lacp logging severity error timesync sntp sntp unicast sntp server priority 1 10.0.10.100 4 ntp unicast ntp server 10.0.10.100 time timezone 120 ip default-gateway 10.0.10.1 ip route 0.0.0.0 0.0.0.0 10.0.10.1 metric 250 name "verso_RGCFW" ip routing interface 33 name "Trunk4-To-LAB-PT-CS-0" exit interface 34 name "Trunk4-To-LAB-PT-CS-0" exit interface 35 name "Trunk3-TO-VLL-P1-CS-0" exit interface 36 name "Trunk3-TO-VLL-P1-CS-0" exit interface 37 name "Trunk3-TO-VLL-P1-CS-0" exit interface 38 name "Trunk3-TO-VLL-P1-CS-0" exit interface 39 name "Trunk2-TO-MGZ-B-CS-0" exit interface 40 name "Trunk2-TO-MGZ-B-CS-0" exit interface 41 name "Trunk2-TO-MGZ-B-CS-0" exit interface 42 name "Trunk2-TO-MGZ-B-CS-0" exit interface 43 name "Trunk1-To-SRV-SO-CS-0" exit interface 44 name "Trunk1-To-SRV-SO-CS-0" exit interface 45 name "Trunk1-To-SRV-SO-CS-0" exit interface 46 name "Trunk1-To-SRV-SO-CS-0" exit interface 47 name "Trunk1-To-SRV-SO-CS-0" exit interface 48 name "Trunk1-To-SRV-SO-CS-0" exit snmp-server community "public" unrestricted snmp-server contact "Boldori Federico" location "Armadio B Magazzino Officina" oobm ip address dhcp-bootp exit vlan 1 name "DEFAULT_VLAN" no untagged 1-32,Trk4 tagged Trk1-Trk3 no ip address ip helper-address 10.0.10.100 exit vlan 10 name "VLAN10 Server" untagged 1-32,Trk4 tagged Trk1-Trk3 ip address 10.0.10.15 255.255.255.0 ip helper-address 10.0.10.100 exit vlan 20 name "VLAN20 Workstation" tagged Trk1-Trk3 ip address 10.0.20.15 255.255.255.0 ip helper-address 10.0.10.100 exit vlan 90 name "VLAN90 Management" tagged Trk1-Trk3 ip address 10.0.90.15 255.255.255.0 exit primary-vlan 90 spanning-tree Trk1 priority 4 spanning-tree Trk2 priority 4 spanning-tree Trk3 priority 4 spanning-tree Trk4 priority 4
I made a trunk between the 2920, the 2530 and the 3com.
Now the problem: if i try to move one pc to vlan20, let say i use the port 14 of the 3com switch, it take only the dhcp from the server but i can't ping nothing in vlan 10, i can ping only the gw address (10.0.10.15) from a client from vlan20, no anything else (and neither the dhcp server who has release correctly the address.). This happen also if i made a port of the 2920 a member of vlan20.
The dhcp (a W2012 R2 machine) in configured to deploy as Gw the address 10.0.20.15 that is the address of the VLAN 20 itnerface on the 2920. In fact the dhcp deploy this conf to the client:
IP 10.0.20.3
NETMASK 255.255.255.0
GW 10.0.20.15
DNS 10.0.10.100
On kerio control i've added a route to let know the kerio control (10.0.10.1) that 10.0.20.0 have 10.0.10.15 as gateway (the address of the VLAN10 interface, visibile to kerio, to let the 2920 do the routing.
But i can't ping any machine outside vlan 20 execpt the kerio machine 10.0.10.1 and the vlan10 interface on the 2920 (10.0.10.15) and obviusly the VLAN20 address (10.0.20.15).
Any hint???
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-20-2016 03:31 AM
тАО08-20-2016 03:31 AM
Re: HP 2920 Aruba Inter Vlan Problem
Howdy,
I can't see much wrong with what you have done. I don't think that you need ip default gateway as well as a static default route and I don't think that you need a dhcp on the oobm port if you are not using it. Other than that sin problema. :-)
Just to be sure:
1) Are the hosts / nodes / servers / things that you are trying to ping actually pingable or are their own firewalls preventing them from replying to the iCMP traffic? Sounds odd but many hours have been lost by network engineers looking for problems that were hosts not responding rather than broken networks. Getting an address via DHCP seems to suggest an end to end working network so lack of pings might be a red herring. Can a host ping all the way through to the outside world internet say one of Googles nameservers at 8.8.8.8 or 8.8.4.4 ?? Is there something else in the server network that you know for sure *should* respond to pings other than the kerio box?
2) If you had a simple (not a trunk) access port of each vlan 10, 20, 90 on say the 29, 30 and 31 ports would they then be able to ping each other. This limits the scope of the issue to one switch and takes the other switches out of the problem. Start as simple as you can and add just one complexity at a time and when it breaks thats probably where your problem is.
I often use a headless (no monitor) Raspberr Pi as a handy network tool that you can drop a copy of linux on and use for ping testing / ssh / network discovery etc.
Hope that helps (pls give Kudos if it does) :-)
Ian
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Edam!
Tweets: @2techie4me
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-20-2016 06:27 AM
тАО08-20-2016 06:27 AM
Re: HP 2920 Aruba Inter Vlan Problem
Hello,
thanks a lot for the respond!
Yes all the host are pingable: i enabled a GPO policy to activate ICMP on all windows firewall momentally. but i cant ping Win pc or linux boxes..
I cant ping from any machine to outside world... i have to take a look at kerio control (who is the router/firewall of the network)
I made a progress thinking about the problem:
i thought: "Before kerio control was the router, it was the GW of all the computer in lan. Now the router is the hp layer 3 switch, so maybe i should change the GW address of all the pc/server that are on VLAN10 from the old 10.0.10.1 of kerio control to the new 10.0.10.15 of the layer 3"
And Bam, as soos a moved the GW of the assett on the VLAN10, client from VLAN20 could ping all the pc/server that i've changed the gateway. I'm modifying all the gw of the static ip machines now.
What I couldn't understand is why that. On kerio control i have a route that say to redirect all network 10.0.20.0/24 to the gateway 10.0.10.15, to let the VLAN20 be rechable...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-20-2016 08:45 AM
тАО08-20-2016 08:45 AM
Re: HP 2920 Aruba Inter Vlan Problem
Cool,
Glad I could get you thinking along the right lines even if I couldn't nail the problem directly.
You might want to think longer term about migrating the Kerio in an additional "transit" VLAN of its own.
Then you have a nice logical division between servers / workstations / management and WAN access. At the moment you are essentially hair pinning traffic back through the server LAN to hit the Kerio LAN port to gain external connectivity. Nothing wrong with that as such but it will make your troubleshooting easier going forward (traceroute output, traffic statistics & logging etc) if outbound fraffic goes off into its own dedicated IP space. Plus now that youv'e abstracted the Internet behind the default / static route on the switch you only need to make two changes (on the switch and the kerio LAN port ) when you move it.
Hope that makes sense.
thanks
Ian
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Edam!
Tweets: @2techie4me