HPE Community
Web and Unmanaged
1753736 Members
4689 Online
108799 Solutions
New Discussion

Configure VLANs

 
Martens.Dimi
New Member

‎05-06-2010 10:46 PM

‎05-06-2010 10:46 PM

Configure VLANs

Hello,

I have a problem to configure my VLANs in the following senario:

Management VLAN: 6
Untrusted VLAN: 4
Trusted VLAN: 11
Trusted VLAN: 12
Trusted VLAN: 13
...

SW01 port 01 ------------ DNS Server port 1 (VLAN 6 Management LAN)
SW01 port 03 ------------ WEB-X Server port 1 (Untrusted VLAN 4 to Internet)
SW01 port 04 ------------ WEB-X Server port 2 (Trusted VLAN 11 to customer 1)
SW01 port 05 ------------ WEB-Y Server port 1 (Untrusted VLAN 4 to Internet)
SW01 port 06 ------------ WEB-Y Server port 2 (Trusted VLAN 12 to customer 2)
...
SW01 port 23 ------------ FW01 port 1 (UnTrusted)
SW01 port 24 ------------ FW01 port 2 (Trusted)

WEB-X on VLAN11 and WEB-Y on VLAN12 need to be able to contact the DNS Server on port 1 which is on VLAN 6. The DNS Server is allowed to talk to all Trusted VLAN (6, 11, 12, 13, ...). The WEB-X and WEB-Y are not allowed to contact eachother over the network at any time.

How can I implement this with VLAN tagging on a 1810-24G? The firewall on port 23 and 24 is VLAN aware but not configure for VLANs.

Thank you for your help!
0 Kudos
1 REPLY 1
Pieter 't Hart
Honored Contributor

‎05-09-2010 11:37 PM

‎05-09-2010 11:37 PM

Re: Configure VLANs

- VLAN's are used to separate traffic.
- Normal practice is to map each VLAN to a separate IP-subnet.
- You need a router to forward traffic between subnets.
- (afaik) the 1810 does not function as a router.

=> so you'll need an external device, make this aware of all vlan's and set this up to route between the vlan's.

Best option seems to configure your fiewall to forward traffic between vlan's.

Another option is to make the NIC's on your servers vlan aware (depending on your network driver), bassically hereby adding an interface for each VLAN.
But then again you must do something extra to NOT make WEB-X and WEB-Y talk to eachother directly.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.