HPE Community
Switches, Hubs, and Modems
1752577 Members
5160 Online
108788 Solutions
New Discussion

Re: VLAN configuration

 
SOLVED
Go to solution
Pedro Saraiva
New Member

‎06-13-2008 07:44 AM

‎06-13-2008 07:44 AM

VLAN configuration

I Have 3 3400cl 24 Ports, and 2 3400cl 48 Ports.

Want to configure 3 vlans, that should be able to comunicate from vlan 1 to 2, and vlan 1 to 3. but vlan 2 and 3 cannot see each other.

VLAN 1. ip 192.168.1.0 mask 255.255.255.0
VLAN 2. ip 192.168.2.0 mask 255.255.255.0
VLAn 3. ip 192.168.3.0 mask 255.255.255.0

DHCP Server is 192.168.1.100, and is able to service all ip networks.

Default gateway on the network should be 192.168.1.254

All vlan's should be able to acess their ip network, plus ip addresses 192.168.1.100, and 192.168.1.254, to be able to get dhcp, dns, and internet.

All vlan's are configured on all sWitchs, routing is enabled on all switches.

I'm only able to comunicate between each ip vlan, across all switches, this is, if I'm connected on a Port that belongs to vlan2, I Ping all Vlan ip addrresses over vlan 2, but not the one's on vlan 1 and 3.

What am I Doing Wrong?
0 Kudos
10 REPLIES 10
cenk sasmaztin
Honored Contributor

‎06-13-2008 08:07 AM

‎06-13-2008 08:07 AM

Re: VLAN configuration

hi Pedro

please send me all swich sh run print

and please sen your network topology layout

cenk
cenk

0 Kudos
cenk sasmaztin
Honored Contributor

‎06-13-2008 08:16 AM

‎06-13-2008 08:16 AM

Re: VLAN configuration

and please check vlan member pc default gateway address

for example
vlan 2 member pc ip address and default gateway must be

ip address 192.168.2.20
subnet mask 255.255.255.0
default gateway :192.168.2.1(2.1 vlan ip address)

you can assign only core switch vlans ip address other switches not needed ip address other switches only managemet vlan ip address


please send all switch sh run print and topology layout.
cenk

0 Kudos
Pedro Saraiva
New Member

‎06-13-2008 09:27 AM

‎06-13-2008 09:27 AM

Re: VLAN configuration

here goes conf files you asked.


topology layout quit simple

Switch with ip address 192.168.1.242 (Port 48) uplinks to swicth 192.168.1.241 (Port 47)

Switch With ip 192.168.1.241 (Port 48) uplinks to Switch 192.168.1.245 (Port 23)

Switch With ip 192.168.1.245 (Port 24)
Uplinks to Draytek NLB with ip 192.168.1.254 (Def Gat)

Switch With ip 192.168.1.245 (Port 22) Uplinks to Switch 192.168.1.243 (Port 24)

Switch With Ip 192.168.1.243 (Port 23) Uplinks to Switch 192.168.1.244 (Port 21)

Ip 192.168.1.100, is on Port 16 of Switch 192.168.1.244.

3 Vlans; Default Vlan (192.168.1.0) Wireless (192.168.2.0) PVA (192.168.3.0)

Vlan Wireles intended to connect HP Wireless AP's 420 that will support 3 Diferent SSID Wireless networks, 1 of them only for internet access (Geuest) and two more for Network acess to vlan's PVA and Default. But we are not there Yet!

Thanks in advanced

0 Kudos
cenk sasmaztin
Honored Contributor

‎06-13-2008 11:09 AM

‎06-13-2008 11:09 AM

Re: VLAN configuration

ok Pedro
you can make wait tomorrow

I make full configuration for yor network

cenk
cenk

0 Kudos
cenk sasmaztin
Honored Contributor

‎06-13-2008 11:27 PM

‎06-13-2008 11:27 PM

Solution

Re: VLAN configuration

hi Pedro
please look be carefully my config with attach file
this config very good runing

good luck
cenk

----------------------------------------------
hostname "3400cl-24/1"
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 3-5,17-24
ip address 192.168.1.210 255.255.255.0
no untagged 1,2,6-16
exit
vlan 2
name "guest"
untagged 1-2
tagged 17-18,23,24
exit
vlan 3
name "PVA"
untagged 6-15
ip address 192.168.3.210 255.255.255.0
ip-helper address 192.168.1.101
tagged 17-18,23,24
exit
vlan 10
name "managemet"
untagged 16
ip address 10.0.10.1 255.255.255.0
tagged 17,18,23,24
exit
ip route 0.0.0.0 0.0.0.0 192.168.1.100
managemet-vlan 10

----------------------------------------------
note:
*vlan 10 managemet vlan for only switch managemet
for security.int 16 connect admin pc

*connect vlan 1 member port (for example int 20)
internet router and assign lan ip 192.168.1.100 on router
(please look below router config)

*connect 420 access point on 17-18 interface
(please look below 420 config)

*connect for guest internet access router vlan 2 member
(for example interface 1)
gues internet router ip address 172.16.0.1/24

*connect dhcp server vlan 1 member(for example 21)
and nic ip address 192.168.1.101
(please look below dhcp server config)

----------------------------------------------
hostname "3400cl-48/1"
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-5,16-48
no untagged 6-15
exit
vlan 2
name "guest"
tagged 1-5,47,48
exit
vlan 3
name "PVA"
untagged 6-15
tagged 1-5,47,48
exit
vlan 10
name "managemet"
ip address 10.0.10.2 255.255.255.0
tagged 1-5,47,48
exit
managemet-vlan 10
---------------------------------------------
note:connect 420 access point int 1-5(please look below 420 config)

---------------------------------------------
hostname "3400cl-48/2"
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-5,16-48
no untagged 6-15
exit
vlan 2
name "guest"
tagged 1-5,48
exit
vlan 3
name "PVA"
untagged 6-15
tagged 1-5,48
exit
vlan 10
name "managemet"
ip address 10.0.10.3 255.255.255.0
tagged 1-5,48
exit
managemet-vlan 10
---------------------------------------------
note:connect 420 access point int 1-5(please look below 420 config)
-----------------------------------------------
hostname "3400cl-24/2"
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-5,16-24
no untagged 6-15
exit
vlan 2
name "guest"
tagged 1-5,23,24
exit
vlan 3
name "PVA"
untagged 6-15
tagged 1-5,23.24
exit
vlan 10
name "managemet"
ip address 10.0.10.4 255.255.255.0
tagged 1-5,23,24
exit
managemet-vlan 10
------------------------------------------------
note:connect 420 access point int 1-5(please look below 420 config)
------------------------------------------------
hostname "3400cl-24/3"
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 1-5,16-24
no untagged 6-15
exit
vlan 2
name "guest"
tagged 1-5,24
exit
vlan 3
name "PVA"
untagged 6-15
tagged 1-5,24
exit
vlan 10
name "managemet"
ip address 10.0.10.5 255.255.255.0
tagged 1-5,24
exit
managemet-vlan 10

------------------------------------------------
note:connect 420 access point int 1-5(please look below 420 config)
------------------------------------------------

*******************************************************
internet router config :
you make basic config on internet router for internet connection
lan ip address 192.168.1.100/24
and connect vlan 1 member port interface 21 on 3400cl-24/1 switch
after you make write route command on router

ip route 192.168.1.0 255.255.255.0 192.168.1.210
ip route 192.168.3.0 255.255.255.0 192.168.1.210
*******************************************************
guest router config
you make basic config on router for guest internet connection
lan ip address 172.16.0.1/24 and connect vlan 2 member port 1
on 3400cl-24/1 switch and enable dhcp server on router

ip range:172.16.0.10.........172.16.1.200
subnet mask:255.255.255.0
default gateway:172.16.0.1
*******************************************************
dhcp config
dhcp server nic ip address 192.168.1.101
and connect vlan 1 member port int 20
on 3400cl-24/1 switch

you can create two scobe same server

frist scobe
scobe name :vlan 1
ip range:192.168.1.10.......192.168.1.250
subnet mask:255.255.255.0
default gateway:192.168.1.210

secont scobe
scobe name:vlan 3
ip range 192.168.3.10.......192.168.3.250
subnet mask:255.255.255.0
default gateway:192.168.3.210
*******************************************************
420 access point config

one access point config

ethernet interface
ip address 10.0.10.6 for managemet
subnet mask:255.255.255.0
defaut gateway 10.0.10.1

managemet vlan id 10 tagged
vlan enable

ssid settings

ssid 1
ssid name :guest
broadcast:enable(no closet system)
vlan id 2 tag

ssid 2
ssid name :vlan1user
closet system
vlan id 1 no tag(untag)

ssid 3
ssid name:PVA
closet system
vlan id 3 tag

for internet guest connection :when connect guest ssid a guest pc send dhcp request packet in vlan 2
and in vlan 2 guest router dhcp server response this message and
offer in 172.16.0.0 network ip for this guest.

for default vlan connection when connect domain pc vlan1user ssid and send dhcp request packet
in vlan 1 i n vlan 1 dhcp server response this pc scobe vlan1 and assign vlan 1 scobe in ip address for pc

for pVA vlan connection :when connect domain pc PVA ssid and send dhcp request packet in vlan 3 and
with routing (ip-helper command)vlan 1 in dhcp server response this pc asing vlan 3 scobe in ip address for pc.


all access point connect interface 1-5
only 3400cl-24/1 switch connect access point 17-18 interface
*********************************************************
GOOD LUCK.....


cenk

Pedro Saraiva
New Member

‎06-14-2008 02:51 AM

‎06-14-2008 02:51 AM

Re: VLAN configuration

I Cenk

Hope You have good luck with Czech Republic!

Go Portugal Go!

Comming back to IT, Has I understand you are using My Draytek V3300 Network Load Balancer to insure routing between Vlan's. Why not using One of HP Switchs to ensure Ip Routing?

They do support Ip Routing, Wright? Was this what I was doing wrong? I was using gvrp. Isn't this easy way?

Only to small changes to your config. DHCP Server will be 192.168.100
Default Gateway Router will be 192.168.1.254. I wil cjhange that on your configuration

I'm going to try your configuration next Monday Night. When I Can work at ease.

I Will come back to you on the results after.
0 Kudos
cenk sasmaztin
Honored Contributor

‎06-14-2008 03:43 AM

‎06-14-2008 03:43 AM

Re: VLAN configuration

*****************************************************
hi Pedro

yess good luck czech Republic
very good team ,I hope be your europe champion

comming back your questions

*Has I understand you are using My Draytek V3300 Network Load Balancer
to insure routing between Vlan's. Why not using One of HP Switchs to ensure Ip Routing?
********************************************************
all local network one switch (core switch )make routing operation other switch only
L2 vlan configuration and connect router/switch,unnecessary and all switch routing operetion on lan

you have core swich we call (3400cl-24/1)main router on network all routing operation your network this switch

you have draytek device for internet connection all vlan's
not vlan between routing


core switch 0.0.0.0 0.0.0.0 192.168.1.100 command routing to draytek device
and draytek device on routing command to core switch
ip route 192.168.1.0 255.255.255.0 192.168.1.210
ip route 192.168.3.0 255.255.255.0 192.168.1.210

*I was using gvrp. Isn't this easy way?
*****************************************************
yes gvrp very easy way for vlan administration and configuraiton
because you use all etnernet card include 802.1q protocol
you can config all card vlan id.
for exmaple :
one pc settings for vlan 3

ip address 192.168.3.23
subnet mask:255.255.255.0
default gateway:192.168.3.210

vlan id:3

ip ,subnet,dgw to take dhcp server but you make vlan id 3 manuel config
on pc and change must be all pc ethernet card.

there fore I suggestion don't make gvrp config.

*******************************************************

Only to small changes to your config. DHCP Server will be 192.168.100
Default Gateway Router will be 192.168.1.254. I wil cjhange that on your configuration

yes I make change your dhcp server ip architecture
must be new ip address dhcp server(please look be carefully default gateway address for dhcp nic)

ip address 192.168.1.101
subnet mask 255.255.255.0
default gateway :192.168.1.210

for all pc information
ip address:in vlan network
subnet mask:255.255.255.0
default gateway:in vlan ip address


good luck ...
cenk





cenk

0 Kudos
cenk sasmaztin
Honored Contributor

‎06-16-2008 04:59 AM

‎06-16-2008 04:59 AM

Re: VLAN configuration

hi Pedro
wooo wooo woowoowww:D
http://www.dizifrm.com/izle/cek-cumhuriyeti-turkiye-maci-tum-golleri

you say
I'm going to try your configuration next Monday Night. When I Can work at ease.

I'm in office this night please send message you complate test config.

cenk
cenk

0 Kudos
Miguela Fernandes
New Member

‎07-24-2008 03:28 PM

‎07-24-2008 03:28 PM

Re: VLAN configuration

Hi,

I ´ve seen all information posted by you and Cenk and maybe you both could help me to implement this solution.
What we have:
- One network that has a server (Windows 2003) where everybody can validate and save their stuff (students and some teachers)
- Have a free access wireless
- Other server for administrative staff, school headmaster and others. This is the server with the most important information at school.
What we would like to have with security (VLAN and maybe ACL???)
- A server (Windows 2003) where everybody can validate and save their stuff (students and teachers)
-Other server for administrative staff, school headmaster and others. This is the server with the most important information at school. But since we are implementing digital control in each classroom, teacher must use one of the databases on this server.
- Internet for everybody
- Have a separated free access wireless
- Have a Drytec vigor 3300 that we pretend to use for balancing the 2 internet we have and act as firewall (but don´t no yet how must the read manual).

What is the best solution. Feel free to give other advices related with this solution.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.