HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Web and Unmanaged
cancel
Showing results for 
Search instead for 
Did you mean: 

VLAN Setup on ProCurve 1810G-24

 
wiseprt
Visitor

VLAN Setup on ProCurve 1810G-24

Hello, 

 

I am amateur to the networking setup and maybe this i want to achieve to be very simple. So excuse my ignorance.

 

I have a router under a  block IP of 8 static IPs. I want the one of the 8 IPs to use it as the ip for my HP Procurve 1810g-24 switch and to create a VLAN in order all the PCs are connected to a second simple switch (hub mainly) through the port 3 to be able to access network/internet through the vlan with a simple lan IP configuration (192.168.1.xx) 

 

The port 1 of procurve is used to connect the switch with the router.

 

So what i have done:

 

Lets say the static ip i want to use for VLAN is the 210.220.230.240.

1) i've setup the 210.220.230.240 ip as the procurve's IP address.

2) I've made a VLAN with  id 2 and name MAIN through the "VLAN Configuration"

3) I've change through the "Participation / Tagging" the port 3 for VLAN 2 to T (tagged) and all the others to E (exclude)

4) At the same time for VLAN 1 (Default) all the ports are U (untagged) except the port 3 which is E (exclude). 

5) When going to VLAN Ports i see all the interfaces to PVID 1 but the interface 3 which have to be to PVID 3 is to "none".

 

Can you please help me with this configuration/setup in order to achieve what i want?

 

Best Regards

7 REPLIES
Vince-Whirlwind
Honored Contributor

Re: VLAN Setup on ProCurve 1810G-24

You almost certainly want Port3 to be untagged.

 

However, that's a minor issue - the setup you are planning doesn't make a whole lot of sense to me.

 

Putting a public IP on your switch, for example, is definitely not something that seems to be advisable or even useful. I think what you really need isn't a switch, but a router/firewall of some sort, because it seems you would be needing to route, NAT, and hopefully secure your internal network.

 

 

Maybe you should explain exactly what you are trying to achieve first, before worrying to much about your network configuration details.

 

 

wiseprt
Visitor

Re: VLAN Setup on ProCurve 1810G-24

Hello @Vince-Whirlwind

 

thank you for your response.

 

The concept is the following:

 

With block of 8 IPs i have now, i can use only 5 PCs to access network/internet. 

I want without have to pay for an ip extension (for example going to a16 block IPs) to be possible to connect successfully  more than 5 PCs with some way.

 

So what are your sugestions?

 

Best Regards

 

henca
Advisor

Re: VLAN Setup on ProCurve 1810G-24

To me it sounds as if you are looking for a router/firewall with NAT (IP masquerading) functionality. With such a firewall you only need 1 public IP address and you can have any number of private IP adresses behind the firewall.

 

regards Henrik

wiseprt
Visitor

Re: VLAN Setup on ProCurve 1810G-24

Hi there @henca

 

So i don't have to use at all the HP Procurve right? Thereisno way to achive what i want wuth the switch as i can understand...

 

 

henca
Advisor

Re: VLAN Setup on ProCurve 1810G-24


wiseprt wrote:

So i don't have to use at all the HP Procurve right? Thereisno way to achive what i want wuth the switch as i can understand...


Depending upon what firewall you choose to buy you might want more network connections than it has builtin. If so, your switch will come to use at the inside of the firewall.

 

If you want to provide some kind of service to inernet you will probably need to use some kind of port forwarding mechanism in the firewall. If so, you might want to place the server machine in some special DMZ network which might be using another switch or might be using another VLAN in a single switch.

 

regards Henrik

wiseprt
Visitor

Re: VLAN Setup on ProCurve 1810G-24

Hi,

 

Thanks for helping me...

 

I want the simpliest possible way as i am not so familiar with netwrok administration as you can understand.

 

I found that my router have the ability for DMZ if i switch the procurve to DHCP and then, point the ip that procurve gets as a DMZ in the router? Is this going to help me or thing are going to messed up?

 

Regards

 

henca
Advisor

Re: VLAN Setup on ProCurve 1810G-24


wiseprt wrote:

I found that my router have the ability for DMZ if i switch the procurve to DHCP and then, point the ip that procurve gets as a DMZ in the router? Is this going to help me or thing are going to messed up? 


Read carefully in the router manual what that DMZ functionality means. It might mean that a separate network is considered to be a DMZ, maybe that network is connected to a specific port on the router.

 

It could also mean that your entire internal network is considered to become the DMZ which serves some services to internet.

 

The point of having DMZ in a separate network is that if a server is hacked your problems are at least not supposed to spread into your other internal network.

 

Port forwarding in the router should be sent to the IP address of the server providing the service, most likely not the switch. That service could be a web server, an ftp server or maybe some login service like ssh. If you don't know of any good reason to provide a service to internet there is no need to configure any DMZ or port forwarding.

 

regards Henrik