HPE Community
Web and Unmanaged
1753300 Members
7146 Online
108792 Solutions
New Discussion юеВ

Re: How to setup VLANS, please

 
HPSeekeroe
Occasional Contributor

тАО01-15-2010 03:05 PM - last edited on тАО12-25-2013 06:14 PM by

тАО01-15-2010 03:05 PM - last edited on тАО12-25-2013 06:14 PM by

How to setup VLANS, please

Dear Community,

Can someone please give me some help with setting up Vlans on my Procurve 1810G.

As an example to illustrate what I want to achieve:


Eg:
1 Vlan for upstair, say VLan 101, ports 2 to 4
1 Vlan for downstair, say VLan 102, port 5 to 8
with Port 1 connected to the router as Trunk

Router can handle VLANS.

I have tried many but unable to get the second Vlan to work for some reason. This is my latest setting:

Default Vlan1:
Port 1 as Trunk and Untagged.
Ports 2 - 8 marked as Excluded (E)

VLan 101
Port 1 as Trunk and Tagged
Ports 2 - 4 Untagged
Port 5 - 8 Excluded

Vlan 102
Port 1 as Truck and Tagged
Ports 2 - 4 Excluded
Ports 5 - 5 Untagged

I must have missed something for Vlan 102 will not work at all.

Thank you for your help in anticipation.

 

 

P.S. This thread has been moved from Switches, Hubs, Modems (Legacy ITRC forum) to Web and Unmanaged. - Hp Forum Moderator

0 Kudos
6 REPLIES 6
Shadow13
Respected Contributor

тАО01-16-2010 09:57 PM

тАО01-16-2010 09:57 PM

Re: How to setup VLANS, please

What do you mean by Trunk and Tagged, in Hp Trunk has differenet meaning, it means link aggregation...

So you should enable trunk of the router side, on HP side you just tag the port that connects to the router on vlan 101 and 102, fo the router interface it should have sub interfaces one for each vlan.
0 Kudos
HPSeekeroe
Occasional Contributor

тАО01-17-2010 02:09 AM

тАО01-17-2010 02:09 AM

Re: How to setup VLANS, please

Thanks for your reply.

I managed to stumble on the correct settings for the Procurve.

Under firmware V1.16 of 1810G, once a port is selected as trunk, it is shown on the second row of each Vlan selection screen. While the first row is for selection of other port to be included in each Vlan.

What I did was excluding the Trunk from the non-default Vlans and everything is working fine. Here is the revised setting:

Default Vlan1:
Port 1 as Trunk and Untagged.
Ports 2 - 8 marked as Excluded (E)

VLan 101
Port 1 as Trunk and Excluded
Ports 2 - 4 Untagged
Port 5 - 8 Excluded

Vlan 102
Port 1 as Trunk and Excluded
Ports 2 - 4 Excluded
Ports 5 - 5 Untagged

And traffic flows through like water under the bridge.

Cheers
0 Kudos
Colin Butcher
Esteemed Contributor

тАО01-17-2010 03:09 AM

тАО01-17-2010 03:09 AM

Re: How to setup VLANS, please

Physical connectivity first using port based vlans:

Port 1 tagged only. No untagged packets. Allow vlans 1, 101 and 102 through port 1. Set the router up to accept tagged packets only (what Cisco call a trunk).

Ports 2-4 untagged in vlan 101, default vlan 101 for ingress tagging.

Ports 5-8 (not 5-5) untagged in vlan 102, default vlan 102 for ingress tagging.

vlan 1 remains the default management vlan.


YOu may also need to map IP V4 subnets to vlans:

We'll assume that the router does dhcp server on a per vlan basis on the lan side.

One subnet for the default management vlan 1 (eg: 10.1.x.y/16).

A second subnet for the 101 vlan (eg: 10.101.x.y/16).

A third subnet for the 102 vlan (eg: 10.102.x.y/16).


I suggest that you create yet another vlan for things like shared printers and then route between the vlans to get to the printers.

I recommend that you set it up to cater for functionality, not physical location. For example:

vlan a = management

vlan b = shared access devices (typically printers, maybe a local insecure internal web server)

vlan c = dmz for externally accessible web server, sftp server etc

vlan d = secure systems (eg: office)

vlan e = insecure systems (eg: domestic / home)

vlan f = guest access

You could then perhaps set up wireless lan access using a decent access point capable of multiple ssids and have each ssid map to a specific vlan (eg: secure wireless, domestic wireless and guest wireless). Or you could use multiple access points, each connected to a port the 'correct' vlan.

You can then use routing (in your router) between the different IP subnets to get access to shared printers, and other local resources such as web and file servers, but keep the guest, domestic and office subnets from being able to route between each other.

Lots of possibilities, depending how far you want (or need) to go and what kinds of equipment you buy!

Cheers, Colin
Entia non sunt multiplicanda praeter necessitatem (Occam's razor).
0 Kudos
HPSeekeroe
Occasional Contributor

тАО01-17-2010 06:06 PM

тАО01-17-2010 06:06 PM

Re: How to setup VLANS, please

Colin,

Thank you.

If I am not wrong, your hints re Tagging make a lot of sense to me with my earlier switch (the 1800 - 8ports) for which I never quite got the whole implementation of VLANS sorted out. But I will revisit the 1800 and see if it will give me a new angle of approaching to solve the few remaining issues which I ignored until seeing your post. As I was saying earlier, my 1810G is now working after I selected port 1 as Trunk and Untagged in the default Vlan 1. (See my earlier post which was immediate above yours).

Appreciated your very good suggestion in regards to VLANs. It's along what I want to do with VLANs. But being a late comer to the network infrastructure games, VLAN was challenging stuff for me when it comes to implementing it on different switches since there is a great deal of varieties at this level.

I use static IPs for all my network, except my old HP printer 5N for which I use a DHCP server on the Mikrotik router and bind the only leased DHCP IP to the printer via MAC address, in effect making it as a static IP.

Again I thank you for your suggestion and your time in replying.

Cheers
0 Kudos
Jarrod 3S
New Member

тАО07-27-2010 11:19 PM

тАО07-27-2010 11:19 PM

Re: How to setup VLANS, please

Hmm, it appears that your solution was to set port 1 as trunk?

I'm having the same problem and have tried using the trunk setting without success. Could it be possible that it works for you coz you're on firmware 1.16? I'm on 1.17.

In any case, I'd think that this idea shouldn't work, since HP's trunk has a totally different meaning from Cisco's trunk.
0 Kudos
HPSeekeroe
Occasional Contributor

тАО10-08-2010 12:50 AM

тАО10-08-2010 12:50 AM

Re: How to setup VLANS, please

I have not visited this site till a couple of days ago, so I missed your posting back in June. Sorry for that oversight.

To start with, I upgraded my HP 1810G-24 to firmware P_1-17.stk so there should not be any issue from diff versions of the switch b/w yours and mine.

Since I have expanded and changed my home network, below are the configuration settings.


To recap, I want to have:

- default VLAN 1 - set for trunk ports 1, 7 and 8. (p1 connects to MikroTik router, p7 to Netgear #1, and p8 to Netgear switch #2. All are VLAN-capable).
- VLAN 101 set for ports 2 to 4.
- VLAN 102 for ports 5 to 6.
- VLAN 103 for p7 (connects to Netgear switch #1. Every port of switch #1 is in VLAN 103, including switch #1 itself).
- VLAN 104 for p8 (connects to the 2nd switch. Some ports are to set to be in VLAN 104, while the switch and remaining ports are in VLAN 101).

And my current set up is as follows:

1. Under Trunk membership screen:

Ports 1, 7 and 8 are all M(embers) of Trunk 1. Other ports are blank.


2. Under VLAN participation/Tagging screen,

- VLAN 1:
Trunk ports 1, 7 and 8 set as T(agged)
P2 set as T for access management.
Remaining ports are E(xcluded).

- VLAN 101:
Trunk P1 set as U(ntagged)
Ports 2-4 also set as U
Trunk ports 7 & 8 set as T
Remaining ports set as E

- VLAN 102
Trunk ports 1,7,8 set as T
Ports 5 & 6 marked as U
Remaining ports marked as E

- VLAN 103
Trunk P7 set as U
Trunk ports 1 and 8 set as T
Remaining ports set as E

-VLAN 104
Trunk Ports 1 & 7 set as T
Trunk P8 set as U
Remaining ports set as E

The above settings work for what I want. However, I can't be 100% sure that my settings are correctly set the way that HP networking experts would do.

I will be happy to hear if my arrangement can be made better.

Cheers
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.