Wired Intelligent Edge

Hi,

Newbie to this.

I've got core switch a monster 5406zl. what I want to do is setup dhcp relay. I've created the new vlan 2 on the switch, added new dhcp scope on the dhcp server for the vlan 2. The firewall router, DHCP server, fileserver etc is all connected to the default vlan 1. I want the clients on vlan 2 to be able to receive dhcp, access fileserver.

I want clients on vlan 1 maintain get 10.10.100.x/16 and clients on vlan 2 gets new scope 10.200.1.x/16 but they should be able to access each other.

I've started as below but couldn't get it working. What's missing here? Do I have to add static routes on the router and core switch. Once I get this working then I can start planning on my network segregation and control. Help please anyone.

Running configuration:

; J8697A Configuration Editor; Created on release #K.14.34

hostname "ProCurve Switch 5406zl"
module 1 type J8702A
module 2 type J8702A
module 3 type J8706A
module 4 type J8702A
ip routing
ip udp-bcast-forward
vlan 1
   name "DEFAULT_VLAN"
   untagged A1-A24,B1-B24,C1-C24,D1-D18,D20-D24
   ip address 10.10.20.1 255.255.0.0
   no untagged D19
   exit
vlan 2
   name "TEST"
   untagged D19
   ip helper-address 10.10.10.5
   ip address 10.200.0.1 255.255.0.0
   exit
no ip ssh
snmp-server community "public" unrestricted

What is being handed out as the router address by each of your DHCP scopes?

Default : 10.10.1.1 (firewall router)

vlan 2 scope router : 10.200.0.1

clients at default vlan 1 gets IP 10.10.100.1-254/16 GW: 10.10.1.1

so clients at vlan 2 should get IP based on the scope: 10.200.1.1-254/16 GW: 10.200.0.1 by right

Your default gateway isn't on your switch.

You need to redesign your network: you shouldn't extend your host VLANs onto your firewall, you need the router address in each subnet to be on the 5406, and you need a seperate subnet for the link to the firewall, with appropriate routing on each deivce.