HPE Community
Aruba & ProVision-based
1755044 Members
3143 Online
108828 Solutions
New Discussion

Inter Vlan routing

 
pojey
Visitor

‎08-21-2014 12:40 AM - edited ‎08-21-2014 08:17 PM

‎08-21-2014 12:40 AM - edited ‎08-21-2014 08:17 PM

Inter Vlan routing

Hi,

 

I got problem configuring HP Procurve 2920 with 4 vlan. How to make each other communicate. I cannot ping each other.  Below is my configuration done on HP 2920 and currently we also use cyberoam firewall. Here I attach my diagram showing what i have done.

 

Running configuration:

; J9726A Configuration Editor; Created on release #WB.15.11.0007
; Ver #03:12.15.0d:09

hostname "HP-2920-24G"
module 1 type j9726a
ip default-gateway 192.168.0.1
ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip routing
snmp-server community "public" unrestricted
oobm
   ip address dhcp-bootp
   exit
vlan 1
   name "VLAN_L11"
   no untagged 5-20
   untagged 1-4,A1-A2,B1-B2
   tagged 21-24
   ip address 192.168.0.4 255.255.255.0
   exit
vlan 10
   name "VLAN_L12"
   untagged 5-8
   tagged 21-24
   ip address 192.168.1.4 255.255.255.0
   exit
vlan 20
   name "VLAN_L16"
   untagged 9-12
   tagged 21-24
   ip address 192.168.2.4 255.255.255.0
   exit
vlan 30
   name "VLAN_L22"
   untagged 13-16
   tagged 21-24
   ip address 192.168.3.4 255.255.255.0
   exit
vlan 40
   name "VLAN_WIFI"
   untagged 17-20
   tagged 21-24
   ip address 192.168.4.4 255.255.255.0
   exit

 

thanks for helping.

0 Kudos
10 REPLIES 10
hansvb
Frequent Advisor

‎08-21-2014 07:44 AM

‎08-21-2014 07:44 AM

Re: Inter Vlan routing

what are you using as default gateway on your client ?

 

0 Kudos
Vince-Whirlwind
Honored Contributor

‎08-21-2014 05:44 PM

‎08-21-2014 05:44 PM

Re: Inter Vlan routing

And then, is your Windows firewall enabled and blocking the pings?

0 Kudos
pojey
Visitor

‎08-21-2014 08:13 PM

‎08-21-2014 08:13 PM

Re: Inter Vlan routing

hi hansvb... on client the gateway ip is 192.168.0.1
0 Kudos
pojey
Visitor

‎08-21-2014 08:14 PM

‎08-21-2014 08:14 PM

Re: Inter Vlan routing

Hi vince ... my firewall is not blocking ping...
0 Kudos
Vince-Whirlwind
Honored Contributor

‎08-21-2014 08:33 PM

‎08-21-2014 08:33 PM

Re: Inter Vlan routing

So change their default GW to .4

0 Kudos
Vince-Whirlwind
Honored Contributor

‎08-21-2014 08:43 PM

‎08-21-2014 08:43 PM

Re: Inter Vlan routing

What you've done is you've extended one subnet to a 2nd Layer3 device.

 

You should either create a new VLAN for the firewall connection, or create a new VLAN and move all your devices off VLAN1 onto it.

0 Kudos
hansvb
Frequent Advisor

‎08-22-2014 05:01 AM

‎08-22-2014 05:01 AM

Re: Inter Vlan routing

like vince told, change ur default gateway on the client to .4 in the subnet you want

Then you will be able to route between subnets

0 Kudos
pojey
Visitor

‎08-24-2014 09:26 PM - edited ‎08-24-2014 09:31 PM

‎08-24-2014 09:26 PM - edited ‎08-24-2014 09:31 PM

Re: Inter Vlan routing

hi,

 

now my vlan1 (default_vlan) can ping to pc on 192.168.1.x (vlan2) and pc on vlan2 got internet access and can ping to my firewall (192.168.0.1) but now the problem is pc on vlan2 cannot ping to pc on vlan1 (dfealut_vlan). During tracert to 192.168.0.252(Vlan1)  from machine 192.168.1.5(Vlan2), The L3 switch not forward the traffic to Cyberoam(firewall) next hop 192.168.0.1 

 

Even when i do traceroute 192.168.0.1 it say host unreacable....

 

Can someone help me?

0 Kudos
Vince-Whirlwind
Honored Contributor

‎08-24-2014 09:37 PM

‎08-24-2014 09:37 PM

Re: Inter Vlan routing

I'm confused - I thought your 192.168.1.0 subnet was on VLAN10?

Your PCs on the 192.168.1.0 subnet have 192.168.1.4 as their default GW, right?

192.168.1.4 is the L3 switch, right?

If you do a sh ip route on the L3 switch, you should see the 192.168.0.0 subnet is local, right?

So why would a traceroute from 192.168.1.0 subnet go to 192.168.0.1?

It should go to 192.168.1.4, then the L3 switch has the destination subnet as a local route, so it should forward the packet onto 192.168.0.0 locally, using 192.168.0.4 as the source IP address, no?

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.