HPE Community
Switches, Hubs, and Modems
1753547 Members
5515 Online
108795 Solutions
New Discussion юеВ

VLAN with HP Procurve and Cisco 2821

 
SOLVED
Go to solution
Andreas Schmidt_2
Advisor

тАО08-20-2006 08:03 PM

тАО08-20-2006 08:03 PM

VLAN with HP Procurve and Cisco 2821

Hello.

We have a new network infrastructure and want to build nearly 6 VLANs. We have 6 cabinets on 3 stages and uses Procurve 2650 as access-switches and a Procurve 2824 as core. VLAN-Routing and NAT should be done by Cisco 2821. Most of users get their IP-config from DHCP and the way to the internet goes via Cisco 7500. (This router we can not configure by ourselves). I outline the config i think in the attachment. Is this a possible configuration or can i do this much better ?

Thanks
Andreas
0 Kudos
22 REPLIES 22
Mohieddin Kharnoub
Honored Contributor

тАО08-20-2006 09:57 PM

тАО08-20-2006 09:57 PM

Re: VLAN with HP Procurve and Cisco 2821

Hi

No config attached.
Anyway, what you need is a Router-on-Stick for inter-vlan routing, and thats done on Cisco router by using Sub-interfaces, each one has an ip in the same subnet of each vlan, and all sub-interfaces related to one physical Interface doesn;t have an IP.
But, the disadvantages for this solution are:
├В - Single point of failure if only one router used
├В - Single traffic path can become congested
├В - Network topology can cause performance issues

And the other solution is to enable Routing between the Vlans on the Core Switch 2800, and also enable ip-helper address for each vlan, so any client in any vlan can get an IP from a Common DHCP server which has multiple scopes, each vlan one scope.

And then you can NAT on the Cisco router between Inside and Outside.

Good Luck !!!
Science for Everyone
0 Kudos
Andreas Schmidt_2
Advisor

тАО08-21-2006 01:00 AM

тАО08-21-2006 01:00 AM

Re: VLAN with HP Procurve and Cisco 2821

Sorry, i forgot the attachment.

Yes, i know that the Procurve-Core-Switch can rooting too, but without rules i think. And we want to declare some restrictive rules.
0 Kudos
Mohieddin Kharnoub
Honored Contributor

тАО08-21-2006 01:10 AM

тАО08-21-2006 01:10 AM

Re: VLAN with HP Procurve and Cisco 2821

Hi

In the attached file i can see your network map, it seems fine, and most of the configuration should be done on the Cisco Router and that includes:
1- Enable Inter-Vlan routing
2- Enable access control lists ACLs to control traffic between Vlans and the Network.

You should tag (Trunk) the port between the 2800 switch and the cisco router 2821, and on the Cisco router use the Standard 802.1q not the Cisco's ISL one.

Good Luck !!!

Science for Everyone
0 Kudos
Andreas Schmidt_2
Advisor

тАО08-21-2006 01:18 AM

тАО08-21-2006 01:18 AM

Re: VLAN with HP Procurve and Cisco 2821

Thanks for your answer.

I have configured the VLAN on switches and router and can ping all switches and the router from my notebook in the default vlan. But my clients cannot ping each other and get no ip address from dhcp. I'm sure i have enabled dhcp-relay and the ip-helper address. Any other ideas ?

Thanks in advance
Andreas
0 Kudos
Mohieddin Kharnoub
Honored Contributor

тАО08-21-2006 01:25 AM

тАО08-21-2006 01:25 AM

Re: VLAN with HP Procurve and Cisco 2821

Hi

If you joined a Vlan other than the default and assigned a static IP on your notebook and gateway , can you ping the router ? or the 2800 default-Vlan Ip address ?
If yes, then it maybe:
1- IP helper address is not enabled on this particular Vlan.
2- Router attribute on the DHCP scope is not configured which points to the IP address of the subinterface of this vlan on Cisco's Router.

If NO, you can;t, then:
- you have to add check your routing between vlans on the cisco Router, and be sure to have a Route back to any vlan other than the default.
- Enable ip default-gateway on all the switches pointing to the Cisco router's IP address of the default-Vlan.


Don;t forget to assign points to the posts that helped you.

Good Luck !!!
Science for Everyone
0 Kudos
Mohieddin Kharnoub
Honored Contributor

тАО08-21-2006 03:51 AM

тАО08-21-2006 03:51 AM

Re: VLAN with HP Procurve and Cisco 2821

Hi

few more points,
- Be sure to have the Native Vlan of the Cisco router is the same as the ProCurve switch default-vlan.
- I think you should enable the ip helper address in the interface you are using for inter-vlan routing:
Router(config)#interface Ethernet0
Router(config-if)#ip helper-address 171.16.1.2
Router(config-if)#exit

Good Luck !!!
Science for Everyone
0 Kudos
Andreas Schmidt_2
Advisor

тАО08-21-2006 04:21 AM

тАО08-21-2006 04:21 AM

Re: VLAN with HP Procurve and Cisco 2821

That's right. If i joined another VLAN i cannot ping may router as my default gateway. It should be a routing problem, but i only configure a default gateway to our externally router because i think the cisco configure the routing table itself. Don't have configured any ACl for routing, should I ? The attachment ist my actually routing table.

Thanks very much.
Andreas
0 Kudos
Mohieddin Kharnoub
Honored Contributor

тАО08-21-2006 03:22 PM

тАО08-21-2006 03:22 PM

Re: VLAN with HP Procurve and Cisco 2821

Hi

I want to clarify few points:
- Did you enable ip default-gateway on all switches, with the Cisco's IP address for the native or default-vlan (i assume its 192.168.10.x).
- When you connect by your notebook on another vlan, whats the Gateway ? it should be the IP address of the sub-interface for this vlan on the cisco router ?

Example: if you are in Vlan5, your ip must be in 192.168.60.0/24 range and GW is the Gigabitethernet0/0.5 IP address on the router.

Good Luck !!!
Science for Everyone
0 Kudos
Andreas Schmidt_2
Advisor

тАО08-21-2006 09:38 PM

тАО08-21-2006 09:38 PM

Re: VLAN with HP Procurve and Cisco 2821

I think my problem is understanding default or native vlan on hp or cisco hardware. HP knows default vlan with id 1, which connot deleted but renamed. I have it renamed to network with ip 192.168.1.0. On my cisco router vlan id 1 known as native vlan and bound to interface 0/0 which have no ip-address. I can not create a subinterface with vlan id 1 too and make it to native vlan. So is there a mismatch which could be result in my problems, or ???

Thanks in davance
Andreas
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.