Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Procurve 2900 VLAN Routing no Internet access

nenad1
Occasional Collector

Procurve 2900 VLAN Routing no Internet access

Can someone exaplin me how I can get the following setup to work:

 

ROUTER (176.XXX.XXX.1)

      |

Procurve2900 (stacked, 2 VLAN one private 10.10.10.0/24 and one public 176.XXX.XXX.0/24)

 

I'm setup on the Switch 2 VLAN one for private Network and another for the public network. 

I have set default gateway and default route pointing to my Router, but I can not access from the Switch the Internet and same from all my PC's inside vlan 1 with 10.10.10.X IP's what I'm doing wrong? 

 


; J9050A Configuration Editor; Created on release #T.13.71

hostname "AAA-0"
module 1 type J86yyA
module 2 type J86xxA
module 3 type J90XXA
stack commander "AAA1"
stack member 1 mac-address 0000000000000
trunk A2-A3 Trk1 Trunk
ip default-gateway 176.XXX.XXX.1
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged 1-39,41-A1,A4,Trk1
ip address 10.10.10.20 255.255.255.0
no untagged 40
exit
vlan 2
name "MGT"
untagged 40
ip address 176.XXX.XXX.8 255.255.255.0
exit
no ip ssh
ip route 0.0.0.0 0.0.0.0 176.XXX.XXX.1
snmp-server community "public" Unrestricted
snmp-server location "aaa"
spanning-tree Trk1 priority 4

 

7 REPLIES
Fredrik Lönnman
Honored Contributor

Re: Procurve 2900 VLAN Routing no Internet access

first of all, the ip default-gateway 176.xxx.xxx.1 isnt needed since you have routing enabled.

 

It seems you should be able to access internet directly from the switch. Can you poste a traceroute to google or the like?

 

The internal devices on the private 10.10.10.0/24 network wont be able to access the internet without something NATing them, and the procurve wont do that. You'll need a router for that.

---
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S

nenad1
Occasional Collector

Re: Procurve 2900 VLAN Routing no Internet access

I don't understand why I should be not able to access the Internet from my private net too, if I'm not wrong the Procurve can route to the public vlan which will have access or is this a bad setup? Should I better use the Router for this kind of routing?

 

Actually I can not access any outside host from the switch.

 

AAA-0(vlan-2)# traceroute 8.8.8.8
traceroute to 8.8.8.8 ,
              1 hop min, 30 hops max, 5 sec. timeout, 3 probes
 1  *  *  *
 2  *  *  *
 3 Trace failed (error 65): Network is unreachable on this VLAN.

 

 

AAA-0(vlan-1)# traceroute 8.8.8.8
traceroute to 8.8.8.8 ,
              1 hop min, 30 hops max, 5 sec. timeout, 3 probes
 1  *  *  *
 2  *  *  *
 3  *  *  *
 4  *  * Trace failed (error 65): Network is unreachable on this VLAN.

From a server that is connected to the switch with a public IP and the Router as GW I have access to the Internet.

Fredrik Lönnman
Honored Contributor

Re: Procurve 2900 VLAN Routing no Internet access

How would the devices with ip addresses in the 10-net be able to access the internet without NAT? It wont work, they are private adresses.

 

Can you ping the router gw from the switch? And can you paste a "show ip route"?

---
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S

nenad1
Occasional Collector

Re: Procurve 2900 VLAN Routing no Internet access

I have think the 2900 can work as a Router between my private and public vlan and pass the traffic trough then I have missunderstand this. I will add for the private vlan a own GW on the router.

 

I can not ping the router.

 

AAA-0(config)# ping 176.xxx.xxx.1
Request timed out.


 

 

AAA-0(config)# show ip route

                                IP Route Entries

  Destination        Gateway         VLAN Type      Sub-Type   Metric     Dist.
  ------------------ --------------- ---- --------- ---------- ---------- -----
  0.0.0.0/0          176.xxx.xxx.1   2    static               1          1
  10.10.10.0/24      DEFAULT_VLAN    1    connected            1          0
  127.0.0.0/8        reject               static               0          0
  127.0.0.1/32       lo0                  connected            1          0
  156.153.78.192/27                       connected            1          0
  176.xxx.xxx.0/24   MGT             2    connected            1          0

 

Fredrik Lönnman
Honored Contributor

Re: Procurve 2900 VLAN Routing no Internet access

Yeah well the 2900 can work as a router between the private and public vlan without problem, but the private IPs still has to be NATed somewhere to reach the internet.

 

Dunno but looks as something arent right with your connection to the gateway. Are you able to see its mac address or arp?

---
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S

nenad1
Occasional Collector

Re: Procurve 2900 VLAN Routing no Internet access

Within show arp it is not showed.

To remember: Servers connected to the switch with Public IP's and Router as GW can reach the Internet and the Router.

 

AAA-0(config)# show arp

 IP ARP table

  IP Address       MAC Address       Type    Port
  ---------------  ----------------- ------- ----
  10.10.10.59      bc305b-d69xxx     dynamic 27
  10.10.10.70      001819-5bexxx     dynamic Trk1

 

Fredrik Lönnman
Honored Contributor

Re: Procurve 2900 VLAN Routing no Internet access

Yeah well, the switch should be able to arp up the router also. Your configurations seems to be right so I cant really help you there.

 

Are the servers able to communicate with the switch on its public IP address?

---
CCIE Service Provider
MASE Network Infrastructure [2011]
H3CSE
CCNP R&S