HPE Community
Other HPE Product Questions
1838280 Members
3272 Online
110125 Solutions
New Discussion

Query: Inter VLAN Routing

 
tbar1704
Occasional Visitor

‎10-16-2023 11:45 AM

‎10-16-2023 11:45 AM

Inter VLAN Routing

We have a HP Switch as our Core switch doing Layer 3 routing. A small percentage of our VLAN interfaces have ACL's and I'd like to move the security to our Firewall.

The IP Address for the port on the firewall that connect to the core switch is 10.255.254.254

The trunk port on the core switch is configured as this:
#
interface GigabitEthernet4/0/23
port link-mode bridge
description Trunk to Firewall LAN
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 210 4000
port trunk pvid vlan 4000
#

The VLAN Interface for VLAN 4000 is configured on the core switch as
#
interface Vlan-interface4000
ip address 10.255.254.1 255.255.255.0
#


For testing I created a new VLAN Interface as a sub-interface on the physical port connecting the firewall to the switch. The VLAN Interface is on the firewall as 10.1.210.1. On the firewall and I created firewall policies for that Interface that look like this:

Name                                    From           To               Source   Dest   Service
VLAN 210 - Out to LAN     VLAN 210   LAN            All          All       All
VLAN 210 - In from LAN    LAN            VLAN 210   All          All       All


I have two resources that are downstream off the Core switch on the new VLAN. The resources are on different distribution switches connected to the core switch and are all able to see each other.
10.1.210.10
10.1.210.75

From the console of the Core Switch I can ping 10.1.210.1

From the console of the Core switch I am unable to ping the two resources on the the new VLAN. Nor am I able to ping those resources from the firewall.

Any help is appreciated. Thank you

0 Kudos
Reply
1 REPLY 1
support_s
System Recommended

‎10-16-2023 10:16 PM

‎10-16-2023 10:16 PM

Query: Inter VLAN Routing

Hello,

 

Thank you for Posting! HPE Networking forum has moved to Aruba Airheads Community and for HPE networking and Aruba product queries, request you to visit and post your query here.

 

You can refer to this link for more details.

Please click on "Thumbs Up/Kudo" icon to give a "Kudo".

 

Thank you for being a HPE valuable community member.


Accept or Kudo

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.