Comware

 View Only

  • 1.  Route Between VLAN's

    Posted Aug 10, 2014 02:59 PM

    Hi Guys,

     

    I have a HP 2910AL which I wont to use to route traffic on our small network. I have 5 VLAN's:

     

    VLAN100: 172.16.100.0/23 DG 172.16.100.1 (MAIN NETWORK)

    VLAN120: 172.16.104.0/24 DG 172.16.104.1 (WIRELESS NETWORK)

    VLAN150: 172.16.114.0/24 DG 172.16.114.1 (Management)

    VLAN125: 172.16.106.0/24 DG 172.16.106.1 (Guest Network)

    VLAN777: 192.168.0.0/24 DG 192.168.0.1 (External Network)

     

    I wont traffice from VLANS 100, 150, 120 to communicate with each other and route and external traffice to VLAN 777. I also want any Computer on VLAN 125 to be able to access the following IP Addresses 172.16.100.8 and 9 but nothing else and then to route any other traffic (External Traffic) to VLAN 777.

     

    Finally I want each VLAN to get the Relevent IP Address to the VLAN from our DHCP Server. I have configured the IP Addressses and the VLAN's but I am not sure on the routing part. Eventually I will wont any traffic for 172.16.0.0/22 to be Directed to 172.16.100.2 which is a VPN Server.

     

    Can anyone give me some pointers on how to go about configuring this. I have been reading the IP Routing manuals to see if I can find anything that would help with the config of this switch.

     

    Any help is appreaciated.

     

    Kind Regards



  • 2.  RE: Route Between VLAN's

    Posted Aug 10, 2014 07:08 PM

    Once you configure IP addresses on your VLAN interfaces, the switch will "know" each of the subnets and will therefore automatically be able to route between the subnets.

     

    What you want is an access list on your VLAN125 which

    a. allows access from 125 to the two IP addresses you mention

    b. denies access from 125 to everything else in 100, 120, 150

    c. allows everything else

     

    You need a default route pointing at the next hop on the 777 VLAN.

     

    You need IP helper addresses on each VLAN interface where that VLAN doesn't have the DHCP server, pointing to the DHCP server.



  • 3.  RE: Route Between VLAN's

    Posted Aug 11, 2014 05:21 AM

    Hi,

     

    Thank you for the information. I don't think the 2910AL Supports VLAN Based ACL's as it is an Edge Switch, I have a HP 5400 at my Main Site but currently there isn't a VPN Connection to our remote site so would be unable to configure ACL's at this stage. 

     

    Is there any other way of doing this without using an ACL?

     

    Kind Regards



  • 4.  RE: Route Between VLAN's

    Posted Aug 11, 2014 06:38 PM

    I haven't ever used a 2910 for routing myself, but according to the manual, you seem to have ACLs:


    http://cdn.procurve.com/training/Manuals/2910-ASG-Feb09-W_14_03.pdf

     

     



Related Content