HPE Community
Switches, Hubs, and Modems
1752793 Members
5790 Online
108789 Solutions
New Discussion юеВ

Re: 5406zl config

 
SOLVED
Go to solution
EwongSPM
Occasional Advisor

тАО04-28-2008 11:13 AM

тАО04-28-2008 11:13 AM

5406zl config

Hello All,

i recently got a 5406.

i configured 3 vlans in addition to the administrative vlan.

vlan 2 = internet
vlan 3 = priv network
vlan 4 = priv network

so all the traffic routes properly within each vlan. now i have my firewall connected to vlan 2 which goes out to the internet. all the nodes from vlan 2 can get out to the internet, but vlan 3/4 cannot. i can ping the gateway of vlan 2 and the other nodes in vlan 2, but i cannot ping the firewall.

when i am plugged into vlan 2, it goes out fine, well here is the config. so the question is, how do i go about getting vlan 3/4 to route out to the internet too?

; J8697A Configuration Editor; Created on release #K.12.16

hostname "ProCurve Switch 5406zl"
module 1 type J8702A
module 2 type J8702A
ip default-gateway 192.168.100.1
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
no untagged A1-A24,B1-B24
no ip address
exit
vlan 2
name "internet"
untagged A1-A12
ip address 192.168.100.2 255.255.255.0
exit
vlan 3
name "spm_cluster"
untagged B1-B24
ip address 192.168.50.1 255.255.255.0
exit
vlan 4
name "spm_priv"
untagged A13-A24
ip address 192.168.10.1 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 192.168.100.1

the switch can always ping the firewall, but the clients cannot. i've checked and double check the client and their gateways. i've been searching the forums for an answer for 3 days, but i have yet to figure it out. any help would be appreciated.

thanks.
0 Kudos
5 REPLIES 5
cenk sasmaztin
Honored Contributor

тАО04-28-2008 11:38 AM

тАО04-28-2008 11:38 AM

Solution

Re: 5406zl config

hi ...
please you write your firewall below command

ip route 192.168.100.0 255.255.255.0 192.168.100.2

ip route 192.168.50.0 255.255.255.0
192.168.50 1

ip route 192.168.10.0 255.255.255.0
192.168.10.1

and you assign each vlan member default gateway own vlan ip address

good luck...
cenk

0 Kudos
EwongSPM
Occasional Advisor

тАО04-28-2008 11:45 AM

тАО04-28-2008 11:45 AM

Re: 5406zl config

i put in those two ip routes, but it does not make a difference.

my firewall is 192.168.100.1 (it can be changed however)

vlan 2 administrative/gateway ip is 192.168.100.2
0 Kudos
cenk sasmaztin
Honored Contributor

тАО04-28-2008 09:58 PM

тАО04-28-2008 09:58 PM

Re: 5406zl config

hii your switch config true

you make write above ip routing command on firewall


good luck
cenk

0 Kudos
EwongSPM
Occasional Advisor

тАО04-30-2008 06:12 AM

тАО04-30-2008 06:12 AM

Re: 5406zl config

thanks, i finally i figured out what you were trying to say.

problem solved!

the solution is to put the routes to your firewall so that it knows how to respond back to the switch.
0 Kudos
EwongSPM
Occasional Advisor

тАО04-30-2008 06:13 AM

тАО04-30-2008 06:13 AM

Re: 5406zl config

solution found, see above for additional comments.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.