HPE Community
HPE Aruba Networking & ProVision-based
1832350 Members
2485 Online
110041 Solutions
New Discussion

Re: No VLAN Internet Access

 
voidmain26
Occasional Contributor

‎01-07-2014 06:46 AM

‎01-07-2014 06:46 AM

No VLAN Internet Access

Hi all,  I'm fairly desparate at this point and could really use some help.  I have a ProCurve 2920 and a new MSR 2003 router and am trying a fairly simple setup without any luck.

 

 

The router has two interfaces (1 - WAN, 2 - 10.51.10.1).  The switch has 24 ports, but I'm currently only using two of them.  Port 1 has VLAN 1001 associated with it.  VLAN 1001 is an untagged VLAN with an IP address of 10.51.50.1.  The default VLAN has an ID of 1 and an IP address of 10.51.10.2.  I am connecting port 2 of the router and port 48 of the switch.  I also have a static route in the router that points 10.51.50.0/24 to 10.51.10.2.

 

 

I have a laptop plugged into port 1 of the switch for testing purposes.  It has an IP address of 10.51.50.21.  From this laptop, with the gateway set to 10.51.50.1, I can ping 10.51.50.1, 10.51.10.2, and 10.51.10.1.  From the router console I can ping 10.51.50.21.  This tells me that VLANs are routing, and that the routing is correct between the two networks and network devices.  The problems begins when I try to ping 8.8.8.8 from the laptop.  I get a destination unreachable error.  From the router I can ping 8.8.8.8 successfully.  I can also move the laptop to port 2, change the IP address to 10.51.10.21, the gateway to 10.51.10.1 and reach the Internet (8.8.8.8) just fine.  I'm attaching the configs for both devices.  Thanks!

 

====================================================================================
=================================ROUTER START=====================================
====================================================================================

#
version 7.1.042, Release 0007P02
#
sysname HP
#
telnet server enable
#
dhcp enable
dhcp server always-broadcast
#
system-working-mode 
password-recovery enable
#
vlan 1
#
dhcp server ip-pool public
network 10.51.10.0 mask 255.255.255.0
address range 10.51.10.50 10.51.10.254
dns-list 8.8.8.8 8.8.4.4
gateway-list 10.51.10.1
#
controller Cellular0/0
#
interface Aux0
#
interface NULL0
#
interface GigabitEthernet0/0
port link-mode route
ip address dhcp-alloc
nat outbound
#
interface GigabitEthernet0/1
port link-mode route
ip address 10.51.10.1 255.255.255.0
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line aux 0
user-role network-admin
#
line vty 0 63
user-role network-operator
#
ip route-static 10.51.50.0 24 10.51.10.2
#
ssh server enable
#
domain system
#
aaa session-limit ftp 16
aaa session-limit telnet 16
aaa session-limit http 16
aaa session-limit ssh 16
aaa session-limit https 16
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
return

====================================================================================
=================================ROUTER END=====================================
====================================================================================

====================================================================================
=================================SWITCH START=====================================
====================================================================================

; J9728A Configuration Editor; Created on release #WB.15.11.0003
; Ver #03:12.15.0d:09

hostname "EN1 Core Switch"
module 1 type j9728a
ip default-gateway 10.51.10.1
ip routing
snmp-server community "public" unrestricted
oobm
  ip address dhcp-bootp
  exit
vlan 1
  name "DEFAULT_VLAN"
  no untagged 1
  untagged 2-48,A1-A2,B1-B2
  ip address 10.51.10.2 255.255.255.0
  exit
vlan 1001
  name "Engineering"
  untagged 1
  ip address 10.51.50.1 255.255.255.0
  exit

====================================================================================
=================================SWITCH END=====================================
====================================================================================

0 Kudos
1 REPLY 1
Chrisd131313
Trusted Contributor

‎01-31-2014 06:10 AM

‎01-31-2014 06:10 AM

Re: No VLAN Internet Access

Hi VoidMain26,

 

From a quick look at your switch config, you have enabled ip routing but have not set a default route for the switch to know where to send packets destined for outside of the 10.51.50.x. Ad in a default route of...

 

            ip route 0.0.0.0 0.0.0.0 10.51.10.1

 

That should then work.

 

It will work if you move the laptop to the same subnet as the Router's 2nd interface because it is on the same subnet, but as you need to route between 10.51.50.x and an IP address that the switch doesn't have a route to you need to tell it where to send the traffic to so it can reach that unknow IP. You could also put in a static route of...

 

         ip route 8.8.8.8 255.255.255.255 10.51.10.1

 

That will also work, but only for that individual IP.

 

HTH

-----------------------------------------------------

Don't forget to mark a post resolved if your question was answered.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.