HPE Community
Switches, Hubs, and Modems
1752866 Members
4340 Online
108791 Solutions
New Discussion юеВ

hp procurve 2650 vlan?

 
hansi2009
New Member

тАО09-10-2009 03:00 AM

тАО09-10-2009 03:00 AM

hp procurve 2650 vlan?

hi,

i build 2 vlans :
- vlan1 (192.168.220.0/24)set switchport 10 and 11 on tagged and put on port 10 a client1 192.168.220.1) on port 11 a printserver1(192.168.220.20)

-vlan2 (192.168.230.0/24) set port 12,13 on tagged and put on port 10 a client2 192.168.230.1) and on port 13 a printserver2(192.168.230.2).

so ican ping from clint1 tu printserver1
and
ping from client 2 to printserver 2.
ok!
but now:

our productive net (dc,wts, exchange etc.) is in subnetz 192.168.100.0 /24.

How can can i configure the vlans, so that vlan1 and vlan2 can send packets to the 192.168.100.0 /24?

what have to configure under configuartion-> ipconfiguration ? there you can select every vlan and give them a ip, subnetmask and a default gateway!?

0 Kudos
2 REPLIES 2
Mohammed Faiz
Honored Contributor

тАО09-10-2009 07:30 AM

тАО09-10-2009 07:30 AM

Re: hp procurve 2650 vlan?

Hi,

You would need to enable "ip routing" (through CLI interface, I'm not very familiar with the Web interface) on the switch and make sure that the VLAN for the 192.168.100.0/24 subnet has an IP address assigned to it.

HTH

Mo
0 Kudos
cenk sasmaztin
Honored Contributor

тАО09-10-2009 08:58 AM

тАО09-10-2009 08:58 AM

Re: hp procurve 2650 vlan?

hi
fristly vlan member port must have untaggad port
so your vlan member pc or printer must connect untagged port

Let us come to your problems
you need DMZ zone
you can create new vlan on 2650 switch
for example vlan 3 and ip address must have 192.168.100.1/24 and assing member port this vlan (untag port) connect this ports (dc,wts, exchange etc.) machines this machines ip address must have in 192.168.100.0 network and this machine default gateway address must have 192.168.100.1(vlan ip address) all pc and printer or other network equpment default gateway address must have vlan ip address
for example vlan 2 member pc default gateway address must have switch vlan 2 ip address in this way tree subnet routing between (ip routing enable on switch )
but this solution unsecure

you need DMZ zone
2650 switch deprived access control list your (dc,wts, exchange etc.) machine must have out zone your local network and you make must have a firewall your inline network between outline network

my advice
you can use vlan 1 and vlan 2 inline network
on switch buy new firewall device and create on new DMZ zone for (dc,wts, exchange etc.) machine
cenk

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.