- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: 2510-24
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 08:54 AM
тАО05-15-2008 08:54 AM
I have a 2510-24 and I need to configure it this way:
port1 vlan1 + vlan2
port2 vlan1 + vlan2
port3 vlan1 + vlan2
port10 vlan2
port 25 vlan1
port 26 vlan1
port25 and port25 are uplink to another switch and Internet.
I need to connect one database server (port10) without Internet access, so without vlan1, and three servers with Internet access and with database access, so with vlan 1 and vlan2
How can I do this?
Actually I've done it in this way:
port1 vlan1 tagged vlan2 tagged
port2 vlan1 tagged vlan2 tagged
port3 vlan1 tagged vlan2 tagged
port10 vlan1 NO, vlan2 tagged
port25 vlan1 tagged, vlan2 NO
port26 vlan1 tagged, vlan2 NO
But it doesn't work.
I can't access the switch at all.
Any idea?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 09:44 AM
тАО05-15-2008 09:44 AM
Re: 2510-24
this configuration not working very normal...
you can make learn vlan config and tag ,untag port status.
1-very important vlan rule;one port only one vlan member :never one port happen two vlan member.
you config port 1 vlan 1 tag and vlan 2 tag
this port not member any vlan only vlan 1 and 2 carry information
you one port make member one vlan this port
for this vlan untag member
so please you think
untag state for vlan member
tag state cary vlan information
one port have state also vlan 1 untag also vlan 2 tag
your switch 2510 full L2 proparites switch not routing skill there for I think your network design.
I hope we not use vlan skill your system
you request:
I need to connect one database server (port10) without Internet access, so without vlan1, and three servers with Internet access and with database access, so with vlan 1 and vlan2
okeyyy please listen to me
2510 swith on very successfull working one protocol (source port filtering )
this protocol whit one or more ports between other ports trafic permit and deny
for example :
sw(config)# filter source-port 1,2,3 drop 10-20 forward 5-7
this command make port 1.2.3.with 10.11.12...20 not connection but port 5.6.7 connection
I hope understand ;)
good luck
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 10:02 AM
тАО05-15-2008 10:02 AM
SolutionSORRY...
not working on 2510 source port filtering
its instead you make port protected port
please you read
Protected Ports: To provide internet access to users but prevent them from accessing each
other, use the protected-ports command. The command applies per-port and filters the
outbound traffic from the port. See ├в Configuring Protected Ports├в in the ├в Configuring and
Monitoring Port Security├в chapter of the Access Security Guide for more information.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 11:42 AM
тАО05-15-2008 11:42 AM
Re: 2510-24
Can you post me an example configuration for doing what I'm trying to do?
I'll repeat:
I need to make two vlan inside a switch.
VLAN 1 with Internet connected servers
VLAN 2 with Database server.
How can I connect servers and database without connect database to internet?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 12:12 PM
тАО05-15-2008 12:12 PM
Re: 2510-24
port1 default_vlan untag, vlan2 tag
port2 default_vlan untag, vlan2 tag
port3 default_vlan untag, vlan2 tag
port4 default_vlan untag, vlan2 tag
port 10 default_vlan untag, vlan2 NO
port 25 default_vlan NO, vlan2 untag
If vlan2 is connected to internet (via port25) and if port 10 is connected to the database server, doing so I can connect port1,port2,port3,port4 to internet and to database server, database server only to default_vlan and NOT to the internet, and port 25 to the Internet and not to the database.
Is true?
After that, i must assign an IP to default_vlan to access the switch.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 12:27 PM
тАО05-15-2008 12:27 PM
Re: 2510-24
tag port only carry vlan information not possible working your config
I again say one port only one vlan member
not working your config
I hope for server connection port-protect command
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 12:33 PM
тАО05-15-2008 12:33 PM
Re: 2510-24
good luck
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 12:36 PM
тАО05-15-2008 12:36 PM
Re: 2510-24
There is also an example very smiliar to mine that say that!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 03:17 PM
тАО05-15-2008 03:17 PM
Re: 2510-24
To make things easier though, I would do as Cenk suggests and to use the Protected Port feature instead. This will simply stop the database server from going out the uplink port. All devices will remain in the one VLAN which will keep things simple.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-15-2008 11:31 PM
тАО05-15-2008 11:31 PM
Re: 2510-24
I'm not an expert and with a configuration I'll understand much better.
In short: you are saying to protect the port connected to database server and NON protect all other ports?