- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Web and Unmanaged
- >
- Re: problems with intervlans communication
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-14-2019 04:08 AM
02-14-2019 04:08 AM
problems with intervlans communication
hi and sorry for my bad english,
i have some problems of configuration on my new installation.
i have 2 switch (2530 and 1920s) behind a stormshield appliance.
on the old installation we haven't vlan yet, and the old ip configuration is reused in the new configuration for the vlan 1.
i have 3 vlan (1 data, 20 management, 90 visitor), and here is my 1920s configuration :
!Current Configuration:
!
!System Description "HPE OfficeConnect Switch 1920S 48G 4SFP PPoE+ (370W) JL386A, PD.02.06, Linux 3.6.5-a07f8920, U-Boot 2012.10-00118-g3773021 (Oct 11 2016 - 15:39:54)"
!System Software Version "PD.02.06"
!System Up Time "0 days 23 hrs 21 mins 8 secs"
!Additional Packages HPE QOS,HPE IPv6 Management,HPE Routing
!Current SNTP Synchronized Time: SNTP Client Mode Is Disabled
!
network protocol none
network parms 192.168.20.253 255.255.255.0 0.0.0.0
vlan database
vlan 20,90,100
vlan name 20 "MANAGEMENT"
vlan name 90 "INVITE"
vlan name 100 "VOIP"
vlan routing 1 1
vlan routing 20 2
vlan routing 90 3
exitnetwork mgmt_vlan 20
ip ssh server enable
ip ssh protocol 2
sshcon timeout 30
configure
sntp server "37.187.5.167"
!clock timezone 1 minutes 0
clock timezone id 38
time-range Schedule-1
exit
time-range Schedule-2
exit
ip routing
ip helper enable
ip helper-address 192.168.1.11 dhcp
username "admin" password xxxxxxxxxxxxxxxxxxxxx level 15 encrypted override-complexity-check
no username guest
voice vlan
line console
exitline telnet
exitline ssh
exitport-channel name TRK 1 pont-HP-1920-N1
interface 46
addport TRK 1
exit
port-channel name TRK 2 ROC1
interface 47
addport TRK 2
exit
snmp-server sysname "HP-1920S-N1"
snmp-server location "N1"
snmp-server contact "administrateur"
!
ip access-list DATA
permit ip any any
exitip access-list INVITE
permit ip any any
exitip access-list MGMT
permit ip any any
exitip access-group DATA vlan 1 in 1
ip access-group MGMT vlan 20 in 1
ip access-group INVITE vlan 90 in 1interface 1
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 2
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 3
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 4
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 5
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 6
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 7
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 8
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 9
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 10
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 11
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 12
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 13
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 14
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 15
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 16
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 17
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 18
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 19
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 20
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 21
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 22
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 23
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 24
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 25
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 26
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 27
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 28
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 29
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 30
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 31
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 32
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 33
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 34
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 35
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 36
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 37
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 38
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 39
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 40
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 41
vlan pvid 100
vlan participation exclude 1,20
vlan participation include 100
exit
interface 42
vlan pvid 100
vlan participation exclude 1,20
vlan participation include 100
exit
interface 43
vlan pvid 100
vlan participation exclude 1,20
vlan participation include 100
exit
interface 44
vlan participation exclude 20
vlan participation include 100
vlan tagging 100
exit
interface 45
vlan pvid 90
vlan participation exclude 1
vlan participation include 90
exit
interface 48
vlan pvid 20
vlan participation exclude 1
vlan participation include 20
exit
interface TRK 1
vlan participation include 20,90,100
vlan tagging 1,20,90,100
exit
interface TRK 2
vlan participation include 20,90,100
vlan tagging 1,20,90,100
exit
interface vlan 1
bandwidth 10000
routing
ip address 192.168.1.253 255.255.255.0
ip mtu 1500
no ip unreachables
no ip redirects
exit
interface vlan 20
bandwidth 10000
routing
ip mtu 1500
no ip unreachables
no ip redirects
exit
interface vlan 90
bandwidth 10000
routing
ip address 192.168.90.253 255.255.255.0
ip helper-address 192.168.1.11 dhcp
ip mtu 1500
no ip unreachables
no ip redirects
exit
ip route 0.0.0.0 0.0.0.0 192.168.1.254 10exit
the ping between vlan1 and 90 work fine but vlan90 won't going out on the web.
does anyone have some ideas of what i have done wrong?
thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2019 06:31 PM
02-17-2019 06:31 PM
Re: problems with intervlans communication
Hi,
Do you mean you are not able to login from a client in Vlan 90 to the switch web interface?
If yes, by default only VLAN 1 clients can login to the switch, you can change the management vlan and management port. Please refer page 19 of the configuration guide for more information.
URL: https://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-a00003478en_us-6.pdf
Thank You!
I am an HPE Employee
Was the post useful? Click on the white KUDOS! Thumb below. Kudos is a way of saying thank you to a post.
To mark a message as a solution, click "ACCEPT AS SOLUTION" on the reply
I am an HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-18-2019 03:02 AM - edited 02-18-2019 03:03 AM
02-18-2019 03:02 AM - edited 02-18-2019 03:03 AM
Re: problems with intervlans communication
Hello, not in fact I already restricted access to the switch management via a particular port and another vlan.
the trouble is that the vlan-90 computers are able to communicate with the computers of vlan 1 but fail to access the net.
which is annoying because I intend to restrict the communication to vlan 1 that some IP using ACL and allow access to the net.