HPE Community
Switches, Hubs, and Modems
1752290 Members
4473 Online
108786 Solutions
New Discussion юеВ

Re: Procurve 4108gl Vlan Help

 
Netmin
Advisor

тАО07-05-2011 07:53 PM

тАО07-05-2011 07:53 PM

Re: Procurve 4108gl Vlan Help

After reading over our post I think I may have misrepresented my "router" its just a interent firewall not doing any internal routing. I wanted to make the switch route the traffic by turning on ip routing. Any more suggestions? Thanks for the help regardless, documentation is poor at best on setting this up.

0 Kudos
EckerA
Respected Contributor

тАО07-05-2011 10:30 PM

тАО07-05-2011 10:30 PM

Re: Procurve 4108gl Vlan Help

Hi,

you need a static route at the switch:

 

ip route 0.0.0.0 0.0.0.0 10.240.0.8

 

and you need a route at the device with the ip 10.240.0.8, something like

 

ip route 10.240.16.0 255.255.255.0 10.240.0.30

 

but syntax depends on the device..

hth

alex

0 Kudos
LucianoCarvalho
Respected Contributor

тАО07-06-2011 07:11 AM

тАО07-06-2011 07:11 AM

Re: Procurve 4108gl Vlan Help

Hello Netmin,

 

If you want to use your switch for routig between the two vlans, all you have to do is make sure the clients use as the default gateway, the ip address configured on the switch for the two vlans. Clients on vlan 1 will use as default gateway ip address 10.240.0.30 and clients on the new vlan will use default gateway 10.240.16.1.

If its not working, there is something not right with the configuration on the switch.

If you want, post the config so we can sugest you some other solutions.

 

regards

 

0 Kudos
Netmin
Advisor

тАО07-06-2011 03:37 PM

тАО07-06-2011 03:37 PM

Re: Procurve 4108gl Vlan Help

I have the default gateways set as the Vlan IPs for my host I can ping the gateway from Vlan 2 and the Ip of Vlan 1 but nothing else. Heres the config, sorry for the delay we had a long day with down interfaces... Glad its over!!

 

уАА

уАА

уАА

Running configuration:

hostname "HP ProCurve Switch 4108GL"

snmp-server contact

snmp-server location

time timezone -300

cdp run

module 3 type J4862B

module 4 type J4862B

module 5 type J4862B

module 6 type J4862B

module 7 type J4862B

module 2 type J4908A

module 1 type J4908A

module 8 type J4908A

exit

ip default-gateway 10.240.0.8

sntp server 192.43.244.18

ip routing

timesync sntp

sntp unicast

snmpv3 enable

snmp-server community "public" Unrestricted

snmp-server host 10.240.0.25 "public" Not-INFO

snmp-server host 10.240.0.78 "public" Not-INFO

snmp-server host 10.211.55.4 "public"

vlan 1

name "DEFAULT_VLAN"

untagged A1-A22,B1-B22,C1-C24,D1-D24,E1-E24,F1-F24,G1-G24,H3-H22

ip address 10.240.0.30 255.255.240.0

no untagged H1-H2

ip igmp

exit

vlan 2

name "vmkernel"

untagged H1-H2

ip address 10.240.16.1 255.255.255.0

ip igmp

exit

fault-finder bad-driver sensitivity high

fault-finder bad-transceiver sensitivity high

fault-finder bad-cable sensitivity high

fault-finder too-long-cable sensitivity high

fault-finder over-bandwidth sensitivity high

fault-finder broadcast-storm sensitivity high

fault-finder loss-of-link sensitivity high

уАА

Bottom of Form 0

0 Kudos
Netmin
Advisor

тАО07-07-2011 06:50 AM

тАО07-07-2011 06:50 AM

Re: Procurve 4108gl Vlan Help

Anyone see anything wrong with the config?

0 Kudos
Netmin
Advisor

тАО07-07-2011 10:57 AM

тАО07-07-2011 10:57 AM

Re: Procurve 4108gl Vlan Help

The device 10.240.0.8 is just a watchguard firewall, I am only routing internally on the same switch.

0 Kudos
Mark Wibaux
Trusted Contributor

тАО07-07-2011 02:59 PM

тАО07-07-2011 02:59 PM

Re: Procurve 4108gl Vlan Help

As has been previously mentioned you don't have a default route set on the switch so any device pointing at the switch as a default gateway will not be able to get beyond your network.

The command you need to run on the switch is

 

ip route 0.0.0.0 0.0.0.0 10.240.0.8

 

You also need to make sure that in your watchguard configuration you setup a route to your 10.240.16.0/24 network.

Open up your watchguard in Policy Manager. Go to the "Network" menu and choose "Routes..."

Click add. Set the Type to Network IP. Set the Route to: 10.240.16.0/24. Set the Gateway to 10.240.0.30. Leave the metric as 1.

Save the configuration back to your Watchguard and you are done.

 

Once this is done it wont matter which default gateway you gear is pointing at (either watchguard or 4108gl), both devices know how to get to all of your networks and where to go to get beyond your network.

0 Kudos
Netmin
Advisor

тАО07-07-2011 04:28 PM

тАО07-07-2011 04:28 PM

Re: Procurve 4108gl Vlan Help

Mark,

The watchguard is just my internet gateway. I am trying to use the switch to route traffic between the two Vlans. Both vlans are one the same switch. Will that configuration allow me to see all devices on both Vlans? I thought by enabling ip routing on the switch it would route the traffic. Is that incorrect?

0 Kudos
Mark Wibaux
Trusted Contributor

тАО07-08-2011 10:43 PM

тАО07-08-2011 10:43 PM

Re: Procurve 4108gl Vlan Help

Yes IP routing must be enabled so the switch will "route" between vlans. However your host devices need to know how to get to each network. Instead of having to configure every host with every network you generally work with "default gateways" on the device side.

 

I would expect your devices in vlan 2 will be pointing at the switch (10.240.16.1) for their default gateway. They have no worries about getting to the subnet in VLAN 1 because the switch knows both networks. However with your current config they would not be able to get to the internet as the switch doesn't have a "default route". This is why I sugest adding the 0.0.0.0 route to the switch.

 

I would imagine that your devices in vlan 1 are probably set with a default gateway of the watchguard (10.240.0.8). The watchguard is not directly attached to the subnet in VLAN 2 so it doesn't know how to get to it unless you tell it how, which was what I described in my previous post.

 

NOTE: the "ip default-gateway 10.240.0.8" in your switch config only applies to the management interface of the switch. If you enable routing on the switch you must set a default route which is the command I gave you. If you are going to have IP routing enabled you should really remove the ip default-gateway from the config.

0 Kudos
Netmin
Advisor

тАО07-12-2011 05:40 AM

тАО07-12-2011 05:40 AM

Re: Procurve 4108gl Vlan Help

@Mark Wibaux wrote:

Yes IP routing must be enabled so the switch will "route" between vlans. However your host devices need to know how to get to each network. Instead of having to configure every host with every network you generally work with "default gateways" on the device side.

 

I would expect your devices in vlan 2 will be pointing at the switch (10.240.16.1) for their default gateway. They have no worries about getting to the subnet in VLAN 1 because the switch knows both networks. However with your current config they would not be able to get to the internet as the switch doesn't have a "default route". This is why I sugest adding the 0.0.0.0 route to the switch.

 

I would imagine that your devices in vlan 1 are probably set with a default gateway of the watchguard (10.240.0.8). The watchguard is not directly attached to the subnet in VLAN 2 so it doesn't know how to get to it unless you tell it how, which was what I described in my previous post.

 

NOTE: the "ip default-gateway 10.240.0.8" in your switch config only applies to the management interface of the switch. If you enable routing on the switch you must set a default route which is the command I gave you. If you are going to have IP routing enabled you should really remove the ip default-gateway from the config.


HI Mark my first problem I described earlier is that I can't route between Vlans on the same switch. I can't ping any devices from Vlan 1 when im in Vlan 2 or vice versa. I added the routes you suggested but it still wont work.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.