HPE Community
Switches, Hubs, and Modems
1751764 Members
5802 Online
108781 Solutions
New Discussion юеВ

Re: VLAN Help Tagging/Untagging

 
SOLVED
Go to solution
Chris Boundey
Advisor

тАО08-06-2006 09:41 PM

тАО08-06-2006 09:41 PM

Re: VLAN Help Tagging/Untagging

Hi Mohieddin,

Thanks very much for your help so far.
We have managed to configure all of VLANs, however we have hit a problem whilst trying to create the ACL for VLAN200. We get this error...


HP ProCurve Switch 5308xl# config
HP ProCurve Switch 5308xl(config)# access-list 200 permit ip host 172.16.0.1 any

Invalid input: permit
HP ProCurve Switch 5308xl(config)#

Any ideas why it is coming up with this error?

Once again, thank you VERY much for your time... its going very well at the moment.

Points assigned :-)
0 Kudos
Mohieddin Kharnoub
Honored Contributor

тАО08-06-2006 10:26 PM

тАО08-06-2006 10:26 PM

Re: VLAN Help Tagging/Untagging

Hi
I want to apologize for the ACL 200 and 400 , please change the numbers and make it less than 200 like , the ACL 200 make it ACL 102 , and ACL 400 make it ACL 104.

Explaination:

<100-199> ACL numbers to Configure an extended Access Control List.

Good Luck !!!
Science for Everyone
0 Kudos
Chris Boundey
Advisor

тАО08-07-2006 02:27 AM

тАО08-07-2006 02:27 AM

Re: VLAN Help Tagging/Untagging

Mohieddin, we have hit a wave of problems now. :-#(

We cant seem to get our servers or workstations on VLAN200 to communicate with any other VLAN, or gain access to the internet.

Please see attached our ACLs.

The main server on VLAN200 is running DHCP and can communicate fine with our workstations. But this fails when trying to communicate with other VLANS.

The workstations on VLAN200 need to access the following IP's...

172.16.0.1
172.16.0.2
172.16.0.5
172.16.0.12
172.16.0.254 (internet gateway)

Could you please advise.

Many thanks once again... great support from yourself. :)

0 Kudos
Mohieddin Kharnoub
Honored Contributor

тАО08-07-2006 04:00 AM

тАО08-07-2006 04:00 AM

Re: VLAN Help Tagging/Untagging

Hi Chris

I think its now your mistake :)
you missed the last tne the most important line in ACL200 (or now its 102) , which is :

(config)# access-list 102 permit ip any any ,

so now since you can't edit ACL102, just drop it, and past the configuration again in CLI after adding the previous line to the end.

Please let me know you have other problems :)

Good Luck !!!
Science for Everyone
0 Kudos
Mohieddin Kharnoub
Honored Contributor

тАО08-07-2006 04:17 PM

тАО08-07-2006 04:17 PM

Re: VLAN Help Tagging/Untagging

Hi again

I took another look on the config. of ACL102 and the others also, and i think it has some wrong lines.

Asper what i know from your old posts, i reconfigured the ACLs for you, see the attached file.

Good Luck !!!


Science for Everyone
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.