Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

HP2824 new subnet configured but cannot connect

ITchaps
Occasional Advisor

HP2824 new subnet configured but cannot connect

Hi
I would like to add another subnet 192.168.130.0/24, so I created VLAN130 then gave it an IP addres 192.168.130.241 then set up a route 192.168.130.0/24 192.168.130.2 which is the firewall. Added port 6 to VLAN130 and connected a laptop with 192.168.130.10 G/W 130.241 Can ping 130.241 but nothing else. The firewall is not seeing the call. I am confused about tagging/untagging, which could be the problem.

Please see attached diag (pdf).I hope you can help.

Thanks

12 REPLIES
Jonathan Axford
Trusted Contributor

Re: HP2824 new subnet configured but cannot connect

Hi,

You need to make sure that the PC is 'Untagged' in VLAN 130. I am not sure how you are set up, we use a Cisco PIX firewall and we have to make sure that the firewall has a route back to the relevant VLAN.

It might be worth adding a route like :

ip route 192.168.130.0 192.168.130.241 onto the firewall.

Can you ping the Router/switch on 192.168.130.241 from the firewall?

Depending on the setup as well, you might have to 'Tag' the link to the firewall in VLAN 130 on the switch.
Where there is a will there is a way...
Rich S
Honored Contributor

Re: HP2824 new subnet configured but cannot connect

sounds like you need to unjoin and rejoin PC to the domain.


Rich
ITchaps
Occasional Advisor

Re: HP2824 new subnet configured but cannot connect

Hi

Port 6 & 8 are on the new VLAN 130. PC is is not on the domain.

I can browse the main (168.20 network) but no internet. Can access to the internet go via the main network. Ie, the network on the default VLAN or do I need to set up an interface on the firewall/router?

Thanks
Mohieddin Kharnoub
Honored Contributor

Re: HP2824 new subnet configured but cannot connect

Hi

You can browse the main (168.20 network) because the switch is routing between the Vlans, But not to the internet , because what Jonathan Axford said is true, you have to give a way back for that Vlan.

Add o nthe Firewall this route:
ip route 192.168.130.0 255.255.255.0 192.168.20.241

(Not 192.168.130.241 because the Default Vlan IP address is 20.241 which is the Router Interface)

Try it, and i think everything will work fine with, and plaese update whats happened ....

Good Luck !!!
Science for Everyone
Mohieddin Kharnoub
Honored Contributor

Re: HP2824 new subnet configured but cannot connect

I think the Secondary Interface on the Router 130.1 is not needed if the firewall is doing the NAT to the router.

BUT if not, then the static route should be added to the Router not the Firewall.

:)
Science for Everyone
ITchaps
Occasional Advisor

Re: HP2824 new subnet configured but cannot connect

Hi there

The HP is not using the routing I specified for the 130 network. Calls from a .130 pc is going to the port on the firewall that the .47 network uses.
Not soure routing? Seems to be ignoring this route and using the default one instead.

Mohieddin Kharnoub
Honored Contributor

Re: HP2824 new subnet configured but cannot connect

Since you have 2 vlans, why don;t you enable routing on the 2824 switch , and make a static default route to the firewall for internet access, so routing will be at edge, and only internet access traffic will go to the firewall.

And that gives you more control on your network, and less overhead on the firewall, which suppose to be a very BUSY GUY , so why should we give him more work :)

Good Luck !!!
Science for Everyone
ITchaps
Occasional Advisor

Re: HP2824 new subnet configured but cannot connect

Well, I thought routing was already enalbed as I have a routing table. If I do a sh ip route I get.....

IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
0.0.0.0/0 192.168.47.2 1 static 1 1
127.0.0.0/8 eject static 0 250
127.0.0.1/32 lo0 connected 0 0
192.168.1.0/24 192.168.47.254 1 static 1 1
192.168.2.0/24 192.168.48.254 10 static 1 1
192.168.47.0/24 DEFAULT_VLAN 1 connected 0 0
192.168.48.0/24 Voice 10 connected 0 0
192.168.130.0/24 VLAN130 130 connected 0 0

Thanks for help
ITchaps
Occasional Advisor

Re: HP2824 new subnet configured but cannot connect

Hi

Everything is working except I cannot browse the LAN. Ie, \\192.168.47.13 does not work. Can ping th 47.0 network and internet is ok after fixing am incorrect NAT on the firewall.

Have added relevant trunks to VLAn 130 including other HP switches on the network.

So close, Hope you can help.

Thanks
Mohieddin Kharnoub
Honored Contributor

Re: HP2824 new subnet configured but cannot connect

Hi

Based on the Map you attached before, the devault_vlan on your switch is 192.168.20.241 , but in the routing table its :
192.168.47.0/24 DEFAULT_VLAN 1 connected 0 0

Any explaination ???
Science for Everyone
ITchaps
Occasional Advisor

Re: HP2824 new subnet configured but cannot connect

Hi, yes it was an error. Subnet 20 should read 47.

Thanks
ITchaps
Occasional Advisor

Re: HP2824 new subnet configured but cannot connect

Hello

Gave up with the VLAN method

The DEFAULT VLAN 1 is the 192.168.47.0/24 network, so I just set up a route for the new network, which is 192.168.120.0/24 to another port on the firewall (120.2) and added a mgt 192.168.120.241 to VLAN 1.

This kinda works, but it cannot browse everything. Internet and Voice works ok.

Is there anything else I need to do?
The HP2824 and all other 2600's have been upgraded to the latest Firmware.

Thanks