HPE Community
Comware Based
1752701 Members
5667 Online
108789 Solutions
New Discussion

Using VLAN but need to access external network

 
sigidwu
New Member

‎01-20-2010 10:55 PM

‎01-20-2010 10:55 PM

Using VLAN but need to access external network

I had configured VLAN using 4200G switch for my PC. The 4200G switch connected to layer 2 switch and goes to our mikrotik router to access external networks such as intranet, WAN and internet.





Here are my required conditions:


1. PC on VLANs is not allowed to access each other.


2. PC on each VLAN has to be able to access to intranet, WAN and internet.


3. PC on intranet/LAN is not allowed to access the pc on VLAN.





Here are some item that i already configure:


1. Setup IP to default vlan interface (vlan 1) for switch management via telnet and web interface.


IP: 192.9.168.250


Netmask: 255.255.255.0


static route to gateway: 192.9.168.254





2. Create VLANs and its IP for it interface to do layer 3 switching.


- VLAN 2


   IP: 192.9.77.254


   Netmask: 255.255.255.0





- VLAN 3


  IP: 192.4.77.254


  Netmask: 255.255.255.0





3. Enabling SFP port 16 (default is disable and share with UTP port 12) also changing its link type from "access" to "trunk"





4. The trunk port is configured to allow packet traffic from both VLAN.





5. Each PC connected to VLAN are using ip segment depends on its VLAN IP segment.





6.  PC connected to VLAN are using gateway from its VLAN interface IP address.





The main problem:


1. Because each PC has gateway using VLAN interface IP address therefore VLAN member can communicate each other.


2. If i remove the gateway of VLAN member it would be imposible to connect to external network such intranet, WAN or internet.





Question:


Is it posible to make my required condition come true?

0 Kudos
1 REPLY 1
Fred_Mancen_1
Super Advisor

‎01-21-2010 02:04 PM

‎01-21-2010 02:04 PM

Re: Using VLAN but need to access external network

If your router does support 802.1Q, maybe you can try to enable the inter VLAN routing on it, setting up a trunk between the switch and the router and optimizing the routing policies in order to achieve your needings.



HTH



 



Regards,
Fred Mancen
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.