HPE Community
Switches, Hubs, and Modems
1753681 Members
5666 Online
108799 Solutions
New Discussion юеВ

Procurve 2824 vlans and subnets problem

 
SOLVED
Go to solution
Ricardo Nuno
New Member

тАО01-25-2007 01:39 PM

тАО01-25-2007 01:39 PM

Procurve 2824 vlans and subnets problem

Hi all,

I'm new on vlan's but i tried to read and test everything i found to solve this issue.
maybe I'm not understanding how this work.

I have a HP Procurve 2824 and a 2524 I'm trying to set up 2 VLANs:
vlan-1 (moon-dmz) 192.168.10.0/24
vlan-2 (moon-int) 192.168.20.0/24

For now and since i don't have any space switch I'm working with only a few ports to test the setup
so i don't have really a big margin for error.

On the 2824:

- All servers on 192.168.10.0/24 subnet have a to exit on a Pix interface 192.168.10.254 that is connected on port 22
- All server have to communicate with the workstations on the 192.168.20.0/24 subnet
- Port 24 is here the uplink for the Procurve 2524 is connected
- Port 23 is here the Pix interface 192.168.20.1 is for internet access for subnet 192.168.20.0/24

this is the config on 2824:

Running configuration:

; J4903A Configuration Editor; Created on release #I.08.87

hostname "HP-ProCurve-Switch-2824"
snmp-server contact "bla"
snmp-server location "Ba"
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "moon-dmz"
untagged 1-9,11-22
ip address 192.168.10.91 255.255.255.0
no untagged 10,23-24
exit
vlan 2
name "moon-int"
untagged 10,23
ip address 192.168.20.60 255.255.255.0
tagged 24
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high

only port 10 is on vlan-2 here my test laptop is with this ip configuration:
IP:192.168.20.2
NM: 255.255.255.192
GW: 192.168.20.60


On the 2524 is the configuration:
Running configuration:

; J4813A Configuration Editor; Created on release #F.05.52

hostname "HP-ProCurve-Switch-2524"
snmp-server contact "bla"
snmp-server location "Ba"
time daylight-time-rule None
cdp run
ip default-gateway 192.168.10.91
snmp-server community "public" Unrestricted
snmp-server host 192.168.10.157 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 1-17,19-22,24-26
ip address 192.168.10.90 255.255.255.0
no untagged 18,23
exit
vlan 2
name "moon-int"
untagged 23
ip address 192.168.20.61 255.255.255.192
tagged 18
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
ip route 192.168.20.0 255.255.255.0 192.168.10.91
no aaa port-access authenticator active
password manager
password operator

From my test laptop i can ping the 2 ip's of the 2824 switch i can ping vlan-2 but i cannot ping or comunicate with vlan-1
and i have to because there are all the servers that we need to work on.

What im i doing wrong here? Please help.

Thanks in advance
Ricardo
0 Kudos
3 REPLIES 3
Matt Hobbs
Honored Contributor

тАО01-25-2007 04:01 PM

тАО01-25-2007 04:01 PM

Solution

Re: Procurve 2824 vlans and subnets problem

Your servers will need to have their default gateway as the 2824's VLAN1 address. I'm guessing at the moment they are currently using the PIX.

Next on your 2824, add a default route to the PIX 'ip route 0.0.0.0 0.0.0.0 192.168.10.254'

On the PIX you need to add a route to your VLAN2 network 'ip route 192.168.20.0/24 192.168.10.91'

With this setup you will not need the 2nd PIX interface in VLAN2.

Also you seem to have some misconfiguration with the subnet mask on VLAN2, sometimes you have 255.255.255.192 and sometimes 255.255.255.0.

There is one other step I would do which would be to create a 3rd VLAN, in this VLAN the PIX would be the only member.

VLAN1 - all servers default gateway pointing to 2824.
VLAN2 - all workstations default gateway pointing to 2824.
VLAN3 - PIX is member of this VLAN. 'ip route 0.0.0.0 0.0.0.0 ' and on the PIX add 2 routes for VLAN1 and VLAN2 point to the VLAN3 IP address. e.g. ip route 192.168.10.0/24 192.168.30.2 (VLAN 3 IP) and ip route 192.168.20.0/24 192.168.30.2
Ricardo Nuno
New Member

тАО01-26-2007 12:41 AM

тАО01-26-2007 12:41 AM

Re: Procurve 2824 vlans and subnets problem

Thanks for your reply Matt.

I'll try this setup today and i let you know how it went.

regards,
Ricardo
0 Kudos
Ricardo Nuno
New Member

тАО01-29-2007 02:59 AM

тАО01-29-2007 02:59 AM

Re: Procurve 2824 vlans and subnets problem

Worked like a charm.

Thanks for your help.

regards,
Ricardo
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.