- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Vlan routing on 5304xl
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-18-2009 04:39 AM
тАО01-18-2009 04:39 AM
My net has all static ip├в s.
Domain Controller 192.168.10.5
Backup Domain controller 192.168.10.7
Gateway 192.168.10.1 (Switch1 vlan10 ip)
Gateway for Host├в s: every host has the gateway set to its own vlan.
I set four VLAN├в s on all switches with those IP├в s
Switch 1 (Main)
VLAN10 192.168.10.1
VLAN20 192.168.20.1
VLAN30 192.168.30.1
VLAN40 192.168.40.1
Switch 2
VLAN10 192.168.10.2
VLAN20 192.168.20.2
VLAN30 192.168.30.2
VLAN40 192.168.40.2
Switch 3
VLAN10 192.168.10.3
VLAN20 192.168.20.3
VLAN30 192.168.30.3
VLAN40 192.168.40.3
Switch 4
VLAN10 192.168.10.25
VLAN20 192.168.20.25
VLAN30 192.168.30.25
VLAN40 192.168.40.25
All my servers are connected to switch 1 (Main). On two of my server I Installed Kerio WinRoute Firewall, the first to access to Internet and the other to access to a Remote LAN through a Modem HDSL.
Internet Server has the network interface with IP 192.168.10.4
Server to access the remote LAN has the network interface with IP 192.168.10.11.
On my switch 1 (Main) I created the following static route:
0.0.0.0/24 192.168.10.4
10.0.0.0 / 8 192.168.10.11
I enabled the IP routing on all switches, I assigned the gateway to hosts on their own VLAN, I can see all my host├в s on different vlan├в s, I can ping my domain controller server and the backup, but I├в m not able to ping both servers with kerio firewall installed (192.168.10.4 and 192.168.10.11) by vlan20, 30.40. If I tracert from a pc on vlan20, 30 or 40 one of the servers with kerio my packet stops at the gateway. But if I tracert from pc├в s on vlan10 everything is working fine. (Something more: when I installed kerio on servers all my host├в s where on vlan10, I did not have multiple vlan├в s)
Do you have any other suggestions to complete this VLAN routing?
Any kind of suggestion will be appreciated.
Roberto33
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-19-2009 04:05 AM
тАО01-19-2009 04:05 AM
Solutionfor this routing example config only switch-1 is important.
on the respective vlans switch-1 (x.x.x.1) must be configured as default gateway.
vlan20 ->gateway 192.168.20.1
vlan30 ->gateway 192.168.30.1
vlan40 ->gateway 192.168.40.1
switch-1 knows all the subnets used on your local lan and external networks.
so it is able to do all the routing.
for troubleshooting of your connectivity problem ip-adresses of switches 2-4 are not important the are not used for routing (layer-3).
these switches only need to pass vlan's (at layer-2).
enabling ip routing is not neccessary on these switches.
as the kerio-firewall has "firewall" in it's name, you may need to enable response to ping from other (non-local) subnets.
most likely the kerio firewall to the internet has an external router as it's default gateway, so you need to configure static route back for other local subnets 192.168.20.0 ->gateway 192.168.10.1
192.168.30.0 ->gateway 192.168.10.1
192.168.40.0 ->gateway 192.168.10.1
else response to ping is sent to the internet instead of back to the local interface.
probably the same goes for the other remote lan.
hope this helps
Pieter
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-20-2009 03:53 AM
тАО01-20-2009 03:53 AM
Re: Vlan routing on 5304xl
Thank you for your good suggestions.
I followed your advise and now everything is working nicely.
I used my switch1 as main router, I assigned to my host's the gateway for their own vlan and I add the route back to the kerio firewall and everything is working. The only problem I found is my intranet web site. The site is working only with host's on vlan10 but not with the others. as soon as I try to open the web page I have this kind of error:PHP Warning: display:
require(../mkportal/conf_mk.php) [function.display-require]: failed to open stream: No such file or directory in C:\Inetpub\wwwroot\forum\sources\classes\class_display.php on line 76
I don't know if you are able to help me out with this but anyway thank you much
roberto33
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-21-2009 12:45 AM
тАО01-21-2009 12:45 AM
Re: Vlan routing on 5304xl
thankt for feedback.
I'm no hero in php scripts, but >>> No such file or directory in C:\Inetpub\wwwroot\forum\sources\classes\class_display.php on line 76 <<< suggests that a file or directory referenced from the class_display.php script is missing.
Investigate this first.
As you call int an "intranet server" I assume it's a webserver for your local network?
As such it may have been configured to only see vlan-10 as the local network.
The other vlan's are probably sent to the kerio firewall as the default gateway.
maybe adding the same static route for your
local vlans to this host may help
route add 192.168.20.0 mask 255.255.255.0 192.168.10.1 /p
route add 192.168.30.0 mask 255.255.255.0 192.168.10.1 /p
route add 192.168.40.0 mask 255.255.255.0 192.168.10.1 /p
Else look if you can find in the webserver config (properties) a tab where only 192.168.10.0 adresses are allowed to this intranet website (i think it's called client security).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-21-2009 05:28 AM
тАО01-21-2009 05:28 AM
Re: Vlan routing on 5304xl
My int server is a different server.
My web server is connected directly to main switch1 and his ip is 192.168.10.6. There is no kerio firewall on this webserver, it is the one where all my net applications are running. I have on this also two more website and they are working correctly from all vlan's. This is the only one not working from vlan├Г┬мs other than 10. I will check if there are missconfig on web part and I will let you know.
Thanks Roberto
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-21-2009 06:01 AM
тАО01-21-2009 06:01 AM
Re: Vlan routing on 5304xl
how do you separate between the different websites on the same server?
do you use multiple ip-adresses each for a website or do you use something like host-headers?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-21-2009 07:08 AM
тАО01-21-2009 07:08 AM
Re: Vlan routing on 5304xl
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-23-2009 01:40 AM
тАО01-23-2009 01:40 AM
Re: Vlan routing on 5304xl
>>> No such file or directory in C:\Inetpub\wwwroot\forum\sources\classes\class_display.php on line 76 <<< suggests that a file or directory referenced from the class_display.php script is missing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-23-2009 02:26 AM
тАО01-23-2009 02:26 AM
Re: Vlan routing on 5304xl
Well I checked, but we were not able to solve the problem, so at the moment we are thinkig to change this portal ( was already in our plan) and make a new one.
So as soon as we are ready with the new portal over intranet we will set our new config that seems to work nicely (on our test). Thanks for your great help and as soon as I will have any kind of news I'll let you know.
Roberto.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-23-2009 03:27 AM
тАО01-23-2009 03:27 AM
Re: Vlan routing on 5304xl
regards
Pieter