HPE Community
Switches, Hubs, and Modems
1752773 Members
4985 Online
108789 Solutions
New Discussion юеВ

Re: Management VLAN routing problem on 5304

 
Igoris_1
Frequent Advisor

тАО09-26-2008 03:35 AM

тАО09-26-2008 03:35 AM

Management VLAN routing problem on 5304

assigned VID9 as management, expected it to disappear from routing table, but it is still there and static route that was added to reach VID9 over firewall is not in the table.
See thread http://forums12.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1222340288104+28353475&threadId=1259359 saying that:
"Management Vlan Subnet won't be inserted in the Routing Table and it will be accessible only from the Same Vlan"
It's not true, management VLAN is still 'connected' and VID9 is unreachable through firewall.
Status and Counters - VLAN Information

Maximum VLANs to support : 40
Primary VLAN : DEFAULT_VLAN
Management VLAN : valdymas

VLAN ID Name | Status Voice
------- -------------------- + ---------- -----
1 DEFAULT_VLAN | Port-based No
5 LAN3 | Port-based No
6 10.2.2.X | Port-based No
7 DMZ | Port-based No
8 fire-fire | Port-based No
9 valdymas | Port-based No


IP Route Entries

Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
10.27.71.0/24 valdymas 9 connected 0 0

0 Kudos
15 REPLIES 15
cenk sasmaztin
Honored Contributor

тАО09-27-2008 05:40 AM

тАО09-27-2008 05:40 AM

Re: Management VLAN routing problem on 5304

hi Igoris

please send me sh run print
cenk

0 Kudos
Igoris_1
Frequent Advisor

тАО09-28-2008 09:54 PM

тАО09-28-2008 09:54 PM

Re: Management VLAN routing problem on 5304

see attached config, I removed some non relevant lines.
0 Kudos
cenk sasmaztin
Honored Contributor

тАО09-29-2008 02:57 AM

тАО09-29-2008 02:57 AM

Re: Management VLAN routing problem on 5304


you can write managemet vlan comman on switch for declare.


sw(config)# management-vlan 9


cenk
cenk

0 Kudos
Igoris_1
Frequent Advisor

тАО09-29-2008 03:02 AM

тАО09-29-2008 03:02 AM

Re: Management VLAN routing problem on 5304

it is already done, I probably accidentally deleted this from posted config.
0 Kudos
cenk sasmaztin
Honored Contributor

тАО09-29-2008 03:15 AM

тАО09-29-2008 03:15 AM

Re: Management VLAN routing problem on 5304

hi Igoris

please send me true sh run print

and sh ip route print

cenk
cenk

0 Kudos
Igoris_1
Frequent Advisor

тАО09-29-2008 03:29 AM

тАО09-29-2008 03:29 AM

Re: Management VLAN routing problem on 5304

see attached both outputs in one file.
0 Kudos
cenk sasmaztin
Honored Contributor

тАО09-29-2008 03:39 AM

тАО09-29-2008 03:39 AM

Re: Management VLAN routing problem on 5304


??????????

ip route 10.27.71.0 255.255.255.0 10.27.58.244
cenk

0 Kudos
Igoris_1
Frequent Advisor

тАО09-29-2008 03:43 AM

тАО09-29-2008 03:43 AM

Re: Management VLAN routing problem on 5304

10.27.58.244 is the firewall, but this static route is not in the table, as 10.27.71.0/24 is still 'connected' regardless it's management VLAN
0 Kudos
cenk sasmaztin
Honored Contributor

тАО09-29-2008 03:47 AM

тАО09-29-2008 03:47 AM

Re: Management VLAN routing problem on 5304

which device have 10.27.58.244 ip

managemet vlan isolated routing between vlans
but
you write ip route command for 10.27.71.0 network
delete this routing command for management vlan security
cenk

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.