HPE Community
Windows Server 2003
1753587 Members
6611 Online
108796 Solutions
New Discussion

ML350G4 + VLAN + VPN reply ping on wrong VLAN

 
Joakim Hellstrom
Occasional Contributor

‎10-11-2005 07:39 AM

‎10-11-2005 07:39 AM

ML350G4 + VLAN + VPN reply ping on wrong VLAN

We have enabled VLAN on our ML350. Så we have VLAN 1, VLAN 100 - VLAN 128. VLAN 1 is the default VLAN.
The server is connected to a ProCurve 2524 on port 22. Port 22 is TAGGED on all VLAN.
For internet access there is an InGate 1450 connected with fw 4.3 (VLAN-capabilities) on port 16 whivh is TAGGED member of all VLAN.

VLAN 1 has IP 192.168.1.1, subnet 255.255.255.0 and dg 192.168.1.254.
The other VLAN has IP 192.168.x.1 and subnet 255.255.255.0 and NO dg.

If we ping internal from a client the server respond ok but if we connect to the server with VPN (IPSec handled by Ingate FW) we can ping 192.168.x.254 (dg) and clients on that VLAN but not the server UNLESS we connect to VLAN 1.

Checking the firewall log tells us that traffic comes in on the firewall on IPSec0 and goes out from fw to LAN on eth0.x, the server replies on eth0.1 and the firewall discards the package due to spoofed adress.
Thats why it only works for VLAN1.

So, why does the server respond on VLAN1 when the ping comes in on VLAN x???
0 Kudos
2 REPLIES 2
Jonathan Axford
Trusted Contributor

‎10-11-2005 07:25 PM

‎10-11-2005 07:25 PM

Re: ML350G4 + VLAN + VPN reply ping on wrong VLAN

What is doing the routing between the subnets?
Where there is a will there is a way...
0 Kudos
Joakim Hellstrom
Occasional Contributor

‎10-12-2005 08:39 PM

‎10-12-2005 08:39 PM

Re: ML350G4 + VLAN + VPN reply ping on wrong VLAN

What need to route?
It works fine locally but not with VPN.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.