Web and Unmanaged
cancel
Showing results for 
Search instead for 
Did you mean: 

HP 1920 VLAN Configuration question

jongeorg
Occasional Visitor

HP 1920 VLAN Configuration question

I have a client that wanted 3 VLANs for internal political reasons. 192.168.45.x is the shared/management network that houses the domain controller/file server and network printer, 192.168.46.x is one half of the building, and 192.168.47.x is the other half of the building.

I have one 1920 16port switch with the 3 VLANs set up and configured in the main building and everything works fine. The Untangle Firewall handles the traffic between the two VLANs preventing traffic from crossing from 46.x to 47.x and vice versa. Both the 46.x and 47.x networks can access 45.x and vice versa which is how the client wants it.

The issue I have is that the other building houses the domain controller as well as a few other workstations. I have it set to port 16 on the main switch goes to port 16 on the second switch. The only combination that I have found that allows traffic is to set both port 16's to Untagged VLAN 1 (45.x), Tagged 46-47, Hybrid, PVID 1. When it is set to that, the entire second switch will generate 45.x addresses. If I try and give a workstation a 47.x address like I did on switch 1 [Untagged 1,47; Hybrid; PVID 47] all I get is a 169.x address. So clearly the tagged packets are not passing from switch 1 to switch 2 and vice versa. Both switches are configured exactly the same as far as the VLANs, etc. I'm clearly missing something straightforward and obvious, but I'm not seeing it. 

Untangle Firewall/Default Gateway - 192.168.45.1

Switch 1
Static IP - 192.168.45.2
VLAN's 1, 46, 47
VLAN Interface 192.168.45.2, 192.168.46.2, 192.168.47.2
DHCP Relay, Server Group 1-192.168.45.1, 2-192.168.46.1, 3-192.168.47.1
vlan-interface1-disabled, vlan-interface2-enabled -> Server Group2, vlan-interface3 -> Server Group3
Ports for 47.x addresses set to Untagged 1,47, Tagged - blank, Hybrid, PVID 47
Ports for 46.x addresses set to Untagged 1,46, Tagged - blank, Hybrid, PVID 46
Ports for 45.x addresses set to Untagged 1, Tagged - blank, Access, PVID 1
Port 16 to Switch 2, Port 16 set to Untagged 1, Tagged 46-47, Hybrid, PVID 1

Switch 2
Static IP - 192.168.45.3
VLAN's 1, 46, 47
VLAN Interface 192.168.45.3, 192.168.46.3, 192.168.47.3
DHCP Relay, Server Group 1-192.168.45.1, 2-192.168.46.1, 3-192.168.47.1
vlan-interface1-disabled, vlan-interface2-enabled -> Server Group2, vlan-interface3 -> Server Group3
Ports for 47.x addresses set to Untagged 1,47, Tagged - blank, Hybrid, PVID 47
Ports for 46.x addresses set to Untagged 1,46, Tagged - blank, Hybrid, PVID 46
Ports for 45.x addresses set to Untagged 1, Tagged - blank, Access, PVID 1
Port 16 to Switch 1, Port 16 set to Untagged 1, Tagged 46-47, Hybrid, PVID 1

Thanks

-Jon

3 REPLIES
AlexisKoch
Advisor

Re: HP 1920 VLAN Configuration question

Hello,

I don't have a 1920 but I'll try to help.

IMHO, two untagged vlan is bad. Why don't you put vlan46 ports in access mode? Or at least, you can put vlan1 in tagged and vlan 46 (PVID) in untagged... Same for vlan 47 of course.

Tell me is it helped!

Regards,

Alexis.

jongeorg
Occasional Visitor

Re: HP 1920 VLAN Configuration question

When I tried it as only untagged 46, I could not ping vlan 1 at all. I tried Access and Hybrid and Hybrid was the only one that appeared to allow traffic. I can try it again but I'm hesitant to mess with the first switch since it is working like the client wanted. 

-Jon

16again
Respected Contributor

Re: HP 1920 VLAN Configuration question

Don't use hybrid ports, stick to access ports for PCs and servers, and trunk ports  in between switches and towards router