LAN Routing
cancel
Showing results for 
Search instead for 
Did you mean: 

No connectivity between HP switch and firewall

eXPlosion_
Advisor

No connectivity between HP switch and firewall

Hi,
we have CR50iNG Cyberoam which is upgraded to Sophos XG Firewall. We just wanted to connect additional HP procurve 5120 switch to network.
Sophos have allready connected two HP switches 2510 on port C and port D.

Working HP 2510 configuration:

ip default-gateway 10.10.19.254
vlan 1
   name "DEFAULT_VLAN"
   no ip address
   no untagged 1-24
exit
vlan 17
   name "VLAN17"
   tagged 23-24
   exit
vlan 18
name "VLAN18"
   untagged 19
   tagged 23-24
exit
vlan 19
   name "VLAN19"
   untagged 21-22
   ip address 10.10.19.253 255.255.255.0
tagged 23-24
exit

 

 

Not working 5120 configuration:

<251>display current-configuration
#
version 5.20.99, Release 2221P20
#
sysname 251
#
clock timezone LT add 02:00:00
clock summer-time LT repeating 03:00:00 2011 March last Sunday 04:00:00 2011 October last Sunday 01:00:00
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 1 priority 31
#
domain default enable system
#
password-recovery enable
#
vlan 1
#
vlan 17 to 20
#
radius scheme system
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
local-user admin
password cipher 
authorization-attribute work-directory flash:/
authorization-attribute level 3
service-type ssh terminal
service-type web
local-user backup
password cipher 
authorization-attribute work-directory flash:/
authorization-attribute level 2
service-type ssh
#
stp mode rstp
stp bpdu-protection
stp enable
#
interface Bridge-Aggregation1
port link-type trunk
port trunk permit vlan 1 to 100
link-aggregation mode dynamic
dhcp-snooping trust
#
interface Bridge-Aggregation2
#
interface NULL0
#
interface Vlan-interface1
ip address 10.10.19.251 255.255.255.0
#
interface Vlan-interface19
#
interface GigabitEthernet1/0/1
port access vlan 20
#
interface GigabitEthernet1/0/2
port access vlan 20
#
interface GigabitEthernet1/0/3
port access vlan 20
#
interface GigabitEthernet1/0/4
port access vlan 20
#
interface GigabitEthernet1/0/5
port access vlan 20
#
interface GigabitEthernet1/0/6
port access vlan 20
#
interface GigabitEthernet1/0/7
port access vlan 20
#
interface GigabitEthernet1/0/8
port access vlan 20
#
interface GigabitEthernet1/0/9
port access vlan 20
#
interface GigabitEthernet1/0/10
port access vlan 20
#
interface GigabitEthernet1/0/11
port access vlan 20
#
interface GigabitEthernet1/0/12
port access vlan 20
#
interface GigabitEthernet1/0/13
port access vlan 20
#
interface GigabitEthernet1/0/14
port access vlan 20
#
interface GigabitEthernet1/0/15
port access vlan 20
#
interface GigabitEthernet1/0/16
port access vlan 20
#
interface GigabitEthernet1/0/17
port access vlan 20
#
interface GigabitEthernet1/0/18
port access vlan 20
#
interface GigabitEthernet1/0/19
port access vlan 20
#
interface GigabitEthernet1/0/20
port access vlan 20
#
interface GigabitEthernet1/0/21
port access vlan 20
#
interface GigabitEthernet1/0/22
port access vlan 20
#
interface GigabitEthernet1/0/23
port access vlan 20
#
interface GigabitEthernet1/0/24
port access vlan 20
#
interface GigabitEthernet1/0/25
port access vlan 20
#
interface GigabitEthernet1/0/26
port access vlan 20
#
interface GigabitEthernet1/0/27
port access vlan 20
#
interface GigabitEthernet1/0/28
port access vlan 20
#
interface GigabitEthernet1/0/29
port access vlan 20
#
interface GigabitEthernet1/0/30
port access vlan 20
#
interface GigabitEthernet1/0/31
port access vlan 20
#
interface GigabitEthernet1/0/32
port access vlan 20
#
interface GigabitEthernet1/0/33
#
interface GigabitEthernet1/0/34
#
interface GigabitEthernet1/0/35
#
interface GigabitEthernet1/0/36
#
interface GigabitEthernet1/0/37
#
interface GigabitEthernet1/0/38
#
interface GigabitEthernet1/0/39
#
interface GigabitEthernet1/0/40
#
interface GigabitEthernet1/0/41
#
interface GigabitEthernet1/0/42
#
interface GigabitEthernet1/0/43
#
interface GigabitEthernet1/0/44
#
interface GigabitEthernet1/0/45
port access vlan 19
#
interface GigabitEthernet1/0/46
port link-type trunk
port trunk permit vlan 1 to 100
#
interface GigabitEthernet1/0/47
port link-type trunk
port trunk permit vlan 1 to 100
port link-aggregation group 1
#
interface GigabitEthernet1/0/48
port link-type trunk
port trunk permit vlan 1 to 100
port link-aggregation group 1
#
interface GigabitEthernet1/0/49
shutdown
#
interface GigabitEthernet1/0/50
shutdown
#
interface GigabitEthernet1/0/51
shutdown
#
interface GigabitEthernet1/0/52
shutdown
#
interface Ten-GigabitEthernet1/1/1
#
interface Ten-GigabitEthernet1/1/2
#
interface Ten-GigabitEthernet1/2/1
#
interface Ten-GigabitEthernet1/2/2
#
dhcp-snooping
#
ip route-static 0.0.0.0 0.0.0.0 10.10.19.254
#
info-center loghost 10.10.70.14
info-center loghost 10.10.84.111
#
snmp-agent
snmp-agent local-engineid 800063A203D07E28BAAE7C
snmp-agent community read netCOM2kro
snmp-agent sys-info location
snmp-agent sys-info version v1 v2c
#
ntp-service unicast-server 10.10.70.4
ntp-service unicast-server 10.10.70.5
#
ssh server enable
sftp server enable
ssh user test service-type scp authentication-type password
ssh user admin service-type all authentication-type password
ssh user backup service-type all authentication-type password
#
ftp server enable
#
load xml-configuration
#
user-interface aux 0
user-interface vty 0 15
authentication-mode scheme
idle-timeout 45 0
#
return

5120 is connected on port 1/0/46 to firewall. There is no connectivity when pinging 5120 from firewall or from management pc to HP switch.
I also tried this configuration, but still no response:

interface Vlan-interface19
ip address 10.10.19.251 255.255.255.0