HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Web and Unmanaged
cancel
Showing results for 
Search instead for 
Did you mean: 

V1700 - VLANs SHARING INTERNET ACCESS

 
GioIT
Frequent Visitor

V1700 - VLANs SHARING INTERNET ACCESS

Hi all,
I'm new here so please, be patient with me.
I can't figure out how to solve the following problem.
My aim is to split the LAN into 4 different VLANs, maintaining 1 shared port for Internet access.
I created 4 new VLANs on a V1700 switch as shown below:
VLAN 2 - ports: 2,3,4,5,6,7,8,9,10
VLAN 3 - ports: 2,11,12,13,14,15,16
VLAN 4 - ports: 2,17,19,21
VLAN 5 - ports: 2,18,20,22
I then removed all ports used by VLANs 2, 3, 4 and 5 from VLAN 1, except for port 2.
So, VLAN 1 - ports: 1, 2, 23, 24
The problem is that all VLANs should access port 2 for shared Internet access.
I tried many different configurations for filtering, packet type, etc. but no luck:
if I reach port 2 I also reach any other port (which is not desired).
If I don't reach ports on VLANs different than mine, I also don't reach port 2.
Any help would be very appreciated
Thanks
Giovanni

5 REPLIES
HDTCNM
Occasional Visitor

Re: V1700 - VLANs SHARING INTERNET ACCESS

Hi,

 

I was wondering if you received an answer to your request below?

GioIT
Frequent Visitor

Re: V1700 - VLANs SHARING INTERNET ACCESS

No, no answers yet .

 

molsen
Advisor

Re: V1700 - VLANs SHARING INTERNET ACCESS

Hello,

 

If the device you are using to access the Internet (what is connected to port 2) doesn't support multiple VALNS, then you'll need routing to achieve this, that is the only way to move traffic between VLANs.

 

Unfortunately the V1700 doesn't support routing, it is a simple layer 2 switch that is meant to extend existing VLANs (provide additional ports in an office/conference room etc.)

 

Kind regards,

Michael Olsen

Level 2 Networking Engineer
HP Networking EMEA
HDTCNM
Occasional Visitor

Re: V1700 - VLANs SHARING INTERNET ACCESS

I agree with Michael.

 

I recently installed an HP Procurve 2610 PoE switch in a small office with the intended pupose of setting up 3-6 Vlans to seperate networks for different tenants with VoIP.  I connected the switch directly to a switchport on a Sonicwall firewall.  Similar situation, the Vlans all semed to work just fine with communication from the nodes in each individual network being able to talk to one another, but no devices could get to the Internet.  The solution was to use a route stmt in the switch to route all traffic to the default-vlan AND to install route stmts in the firewall for each Vlan network to route to the default-vlan.

 

Hope that helps in your situation!

 

Rodney Nagel

High Desert Tech Consulting

GioIT
Frequent Visitor

Re: V1700 - VLANs SHARING INTERNET ACCESS

Hello Michael, Rodney,
thank you both for your suggestions.
Unfortunately, V1700 does not support static routing.
I suppose I don't have any other solution than this:
I'll split the physical LAN into separeted LANs, each one with its own switch and router.
On each LAN router I'll configure the external interface on the same IP class as the Internet router (10.0.0.x)
Then, I'll connect all LAN routers to the Internet router (not accessible by me) through a four ports switch.
The really disappointing aspect is that I have to use different IP classes for the 3 tenants.
:-(

 

 Giovanni