Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

procurve 2524 simple port based VLAN

SOLVED
Go to solution
Hannu Sehm
Occasional Visitor

procurve 2524 simple port based VLAN

Hi!

I would like to make 23 VLAN's so that every port are in a different VLAN with port 24. Like 1,24; 2,24; 3,24 etc.

The port 24 is connected to GateWay and all clients in ports 1-23 should be in a different VLAN.

I have tryed this with tagged VLAN but with no success. VLAN ID 1 has now two tagged ports: 1 and 24. All others are "No". Now there is no link. If I change the the ports 1 and 24 to "untagged" then I have a link. But I think the port 24 can not have multiple untagged VLAN's.

Could you tell me all the configurations I have to make.

Thanks!
3 REPLIES
Ron Kinner
Honored Contributor
Solution

Re: procurve 2524 simple port based VLAN

Communicaton between VLANs requires a layer three aware switch which the 2524 is not so it is not going to work using normal VLANs.

If you just want the same effect then the latest release of the software does offer a feature called Port Isolation Groups which will do what you want.

I'm at home on a slow link right now so can't download the 2524 info but if you look in the release notes for F.05.17 you should see something on how to set up Port Isolation Groups. From memory you set the ports 1-23 in group Private then port 24 goes in its own group whose name I don't remember - maybe Public or Gateway. Members of group Private can not talk to each other but they can talk to the gateway.

You can get F.05.17 here:

http://www.hp.com/rnd/software/j4812517.htm

Release notes are at:

ftp://ftp.hp.com/pub/networking/software/59903102-E2.pdf

Ron
OLARU Dan
Trusted Contributor

Re: procurve 2524 simple port based VLAN

1. Check that you have 'Maximum VLANs to support [8]' equal to 23, so your swt can support 23 VLANs.
2. As Ron said, you'll need a router or an L3 switch (device capable of IP routing and 802.1Q frame tagging) connected at the other end of your switch's 24th port (the uplink) so that the hosts on ports 1 to 23 can communicate between them. Only a router or L3 swt can change the tag of a frame, so a source device on one VLAN can send a frame to a destination in other VLAN.
3. If you intend to connect hubs or individual workstations to ports 1-23, then you need to select 'untagged' for the VLAN you desire, since 99.9999% of the NICs do not understand VLAN tagging, but send all their frames without tagging them.
4. Indeed, one swt port can NOT be set as 'untagged' in more than 1 VLAN. The very purpose of tagging the Ethernet frames is to separate the VLANs, so that the simultaneous transport of data from multiple VLANs using the same physical link is possible. Thus the uplink port may be 'untagged' in only 1 VLAN (your choice) but must be 'tagged' in the other VLANs.
Hannu Sehm
Occasional Visitor

Re: procurve 2524 simple port based VLAN

Thank you! The port-isolation was the right thing I was looking for. Now it works fine!