Switches, Hubs, and Modems
1748054 Members
5235 Online
108758 Solutions
New Discussion

Procurve 2610 Routing

 
SOLVED
Go to solution
Mitch Reed
Occasional Advisor

Procurve 2610 Routing

Ok I know I am probably doing something stupid here, but, I am trying to create a mini-lab setup for working with a MSM760 wireless controller. I have a new 2008R2 AD/DNS/DHCP server that is working as it should. I’m using a HP 2610-48 switch as my router. The config is as follows:

hostname "testing"
sntp server 10.10.70.2
ip routing
timesync sntp
sntp unicast
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 49-52
ip address 10.10.4.10 255.255.255.0
no untagged 1-48
exit
vlan 30
name "VLAN30"
untagged 3-4
ip address 10.10.30.10 255.255.255.0
ip helper-address 10.10.70.2
tagged 2
exit
vlan 70
name "VLAN70"
untagged 1-2
ip address 10.10.70.10 255.255.255.0
ip helper-address 10.10.70.2
exit
vlan 710
name "VLAN710"
untagged 5-48
ip address 69.155.227.10 255.255.255.0
tagged 2
exit
ip route 0.0.0.0 0.0.0.0 69.155.227.200
password manager

I can ping both inside (10.10.70.* or 10.10.30.*) addresses as well as outside addresses (12.127.16.69 & 69.150.163.100) from the switch. I cannot ping from my AD server (10.10.70.2) or any other inside machine to the outside world though. It gets to the 69.155.227.10 interface and dies. Routing is working for the 10.10.*.* networks, just not from them to the 69.155.227.*
4 REPLIES 4
Jeff Carrell
Honored Contributor

Re: Procurve 2610 Routing

Does the 69.155.227.200 have static route entries of 10.10.x.x pointing to 69.155.227.10? If not, add them...that is at least one configuration parameter you will need.

hth...Jeff
Mitch Reed
Occasional Advisor

Re: Procurve 2610 Routing

When I add a route for 10.10.*.*/24 69.155.227.10 it says that 69.155.227.10 can not be switch IP address and route gateway at the same time. I create a route to 69.155.227.200 which is the firewall address and it still does not pass traffic from 10.10.*.* to the outside. I can ping 69.155.227.10 but not 69.155.227.200. From the switch I can ping inside and out with no problem.
Jeff Carrell
Honored Contributor
Solution

Re: Procurve 2610 Routing

Mitch said "...When I add a route for 10.10.*.*/24 69.155.227.10 it says that 69.155.227.10 can not be switch IP address and route gateway at the same time..."

You are creating this static route on the firewall - yes? I f not, that's where it is required.

Basically, each side of the 69_net needs to point "unknown" networks to its opposite connected neighbor:

1) switch side is working with access out since it has presence in 69_net, so reply packets know how to get back
2) all other packets on 10_nets get to the firewall via the switch as you popinted access that direction, but
3) the firewall doesn't know how to send those return packets back without a static route entry pointing to those 10_nets via the switch 69_net address.

hth...Jeff
Mitch Reed
Occasional Advisor

Re: Procurve 2610 Routing

Jeff you hit it on the head. I am doing this in a test environment with no address translation enabled. 69.*.*.10 is a real address so it worked fine, 10.10.*.* doesn't go anywhere because it is never given a real address. I knew it was something I was missing there. Thanks!