Question

HP Pro Curve 2810 not picking up IP address from DHCP Server

Asked by: usmansultan

I am migrating a Cisco 2950 switch to HP Pro Curve 2810 switch, On Cisco 2950 switch there are 2 VLAN's and 2 trunck ports setted up, i am going to paste the configuration for both the switches.
There are two VLAN's on the Cisco switch, one is Desktop and the other is for Auth.Server, and we have two Gigabit (Trunck Ports) for firwall from where all the network connections goes through, the firewall that is being used is Astaro Securtiy Gateway V7.
Now on the weekend i was trying to migrate the Cisco2950 switch over to HP Pro Curve 2810, but when i plugged the firewall / Auth. Servers cables on to the new switch, the dektops were not able to get an IP address from the DHCP server. (i.e Microsoft SBS server), I setted the new switch DHCP to Manual, Disable and automatic but none of them worked out.I am missing something but not able to figure out what....

Cisco Switch
 
Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/1                        notconnect   3            auto   auto 10/100BaseTX
Fa0/2                        connected    3          a-full  a-100 10/100BaseTX
Fa0/3                        connected    2          a-full  a-100 10/100BaseTX
Fa0/4                        notconnect   2            auto   auto 10/100BaseTX
Fa0/5                        connected    2          a-full  a-100 10/100BaseTX
Fa0/6                        connected    2          a-full  a-100 10/100BaseTX
Fa0/7                        connected    2          a-full  a-100 10/100BaseTX
Fa0/8                        connected    2          a-full  a-100 10/100BaseTX
Fa0/9                        notconnect   2            auto   auto 10/100BaseTX
Fa0/10                       notconnect   2            auto   auto 10/100BaseTX
Fa0/11                       notconnect   2            auto   auto 10/100BaseTX
Fa0/12                       connected    2          a-full  a-100 10/100BaseTX
Fa0/13                       notconnect   2            auto   auto 10/100BaseTX
Fa0/14                       connected    2          a-full   a-10 10/100BaseTX
Fa0/15                       connected    2          a-full  a-100 10/100BaseTX
Fa0/16                       connected    2          a-full  a-100 10/100BaseTX
Fa0/17                       connected    2          a-full  a-100 10/100BaseTX
Fa0/18                       connected    2          a-full  a-100 10/100BaseTX
Fa0/19                       connected    2          a-full  a-100 10/100BaseTX
Fa0/20                       notconnect   2            auto   auto 10/100BaseTX
Fa0/21                       notconnect   2            auto   auto 10/100BaseTX
 
Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/22                       connected    2          a-full  a-100 10/100BaseTX
Fa0/23                       notconnect   2            auto   auto 10/100BaseTX
Fa0/24                       notconnect   2            auto   auto 10/100BaseTX
Gi0/1                        connected    trunk      a-full a-1000 10/100/1000BaseTX
Gi0/2                        connected    trunk      a-full a-1000 10/100/1000BaseTX
switch1#
                                  
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:

Select allOpen in new window

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2008-06-22 at 18:45:54ID23506415
Tags

Cisco, HP

,

Switch

,

Cisco 2950,HP Pro Curve 2810

,

Switch Transition

Topics

Dynamic Host Configuration Protocol (DHCP)

,

Network Analysis Software

,

Network Switches & Hubs

Participating Experts
3
Points
500
Comments
75

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Curves
    Hi all. in photoshop7 before, i was using curves very much OK. It has a gray background with some grid and a slanting line which, you obviously curve it to change the brightness and some properties with the picture. my brother and mom also use this technique and i dont know ...
  2. dhcp for vlans
    Hi, I have cisco 4503 and I'm planning to setup about 25 vlans. Should this switch be able to forward dhcp packets or will I need a dhcp server for each vlan? Thanks, Donnie
  3. Economical gigabit VLAN Switches
    In a previously posted question (http://www.experts-exchange.com/Networking/Microsoft_Network/Q_21746183.html), I have gotten confirmation that my solution would work. What i would like to know now is what options do i have in terms of economical gigabit vlan switches. Inte...
  4. DHCP fails on gigabit ports
    I have MS SBS 2003 running DHCP, and a Net Gear FS750T2 switch with 48 100M port and 2 1G ports. If I plug the SBS DHCP server into either of the Gigabit ports, DHCP clients fail to get an address. If I plug the server into one of the 100M ports, DCHP works fine. If I plug...
  5. vlan on Hp pro curve 2910al -48g
    How to setup a VLAN on HP Pro Curve 2910 al -PoE-48G. As i am not good in HP switches.

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: usmansultanPosted on 2008-06-22 at 18:48:49ID: 21843017

                     HP Pro Curve 2810
 
 Status and Counters - Port Status
 
                   | Intrusion                           MDI   Flow  Bcast
  Port   Type      | Alert     Enabled Status Mode       Mode  Ctrl  Limit
  ------ --------- + --------- ------- ------ ---------- ----- ----- ------
  1-Trk1 100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  2-Trk1 100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  3-Trk1 100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  4-Trk1 100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  5-Trk2 100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  6-Trk2 100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  7-Trk3 100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  8-Trk3 100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  9      100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  10     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  11     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  12     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  13     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  14     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  15     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  16     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  17     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  18     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  19     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  20     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  21     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  22     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  23     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  24     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  25     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  26     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  27     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  28     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  29     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  30     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  31     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  32     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  33     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  34     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  35     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  36     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  37     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  38     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  39     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  40     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  41     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  42     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  43     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  44     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  45     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  46     100/1000T | No        Yes     Down   1000FDx    MDI   off   0
  47     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0
  48     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:

Select allOpen in new window

 

by: usmansultanPosted on 2008-06-22 at 18:50:10ID: 21843025

               HP Pro Curve 2810 Config.
 
hostname "Facet HP2810 Switch"
snmp-server contact "Networks"
time timezone 10
mirror-port 10
trunk 1-4 Trk1 LACP
trunk 5-6 Trk2 LACP
trunk 7-8 Trk3 LACP
ip default-gateway 192.168.0.254
snmp-server community "Facet" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged Trk2-Trk3
   ip address 192.168.0.50 255.255.255.0
   no untagged 9-Trk1
   exit
vlan 3
   name "Auth Server"
   untagged Trk1
   exit
vlan 2
   name "Desktops"
   untagged 9-48
   exit
vlan 4
   name "FTP"
   exit
vlan 5
   name "Wireless"
   exit
interface 9
   monitor
   exit
spanning-tree
spanning-tree Trk1 priority 4
spanning-tree Trk2 priority 4
spanning-tree Trk3 priority 4
password manager
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:

Select allOpen in new window

 

by: jenkinsmePosted on 2008-06-22 at 18:53:04ID: 21843032

Does your server or your switch normally handle DHCP?
If it is your server then you may want to check services.msc
Start > Run > services.msc and make sure DHCP server service is still running
If you are doing DHCP orginally through the Cisco unit and you now want to use the DHCP features of the HP Pro Curve then first thing would be to setup the HP Pro Curve by itself and connect a laptop or a PC (not server) to one of the ethernet ports and see if it can get an ip address without any other network devices being between the laptop/PC and the HP Pro Curve. If at that point you can get an ip address then you may want to start checking settings on your security gateway it may be blocking packets from the HP Pro Curve being a new device on the network.

 

by: usmansultanPosted on 2008-06-22 at 19:03:16ID: 21843072

Yes the SBS server handels our DHCP.
The DHCP is running because when i plugged my computer to the HP switch, it got an IP address between the range of 169.254.218.201 and subnet 255.255.0.0,Gateway 169.254.150.177 and DHCP server 255.255.255.255, where as for our desktops my ip is 10.50.10.53/24 with a default gateway of 10.50.10.254,
Now when i plugged the cable back to Cisco Switch it got the IP of 10.50.10.53. That means its getting the IP from the server.
When i connect a Laptop directly to HP switch it shows limited connectivity, and gets an IP address between the range of 169.

 

by: jburgaardPosted on 2008-06-23 at 15:47:03ID: 21851029

169.254.x.x sure sounds like no good connection to DHCP-server.

Could you please clarify, at what port(s) is the DHCP-SBS server connected to in the old setup and to whitch port(s) in the new setup??
and at what port(s) is the Astaro Securtiy Gateway V7 ??

 

by: usmansultanPosted on 2008-06-24 at 00:26:49ID: 21853087

I am not sure on which ports the old switch was connected to,
On Cisco switch how can i find it out?
Do i have to define a new rule in Astaro firewall for the ports.
I tried doing one thing, i connected a laptop directly to switch, without connecting firewall or proxy, but still it shows that the network access is limited.

 

by: jburgaardPosted on 2008-06-24 at 03:13:34ID: 21853947

What I am after: do you actually in the new setup USE trunk in the HP sense, that is aggregated links?
In other words are you connecting more ports in the switch to more NIC's on the server?
(in Cisco-language trunks are something else, more vlans in one link, I think)

 

by: usmansultanPosted on 2008-06-25 at 00:30:23ID: 21863300

I have taken out the Trunk Port, because i thought that might be the problem, but when i took out the trunk port, it assigned those ports to the default vlan....which i dont want....
How can i find out that i am connecting more ports to the switch to more NIC's on the server?
All the workstations would be getting the DHCP from the SBS server, on that server we have one network card, and ip of that is 192.168.x.x, and the ip range for the desktops are 10.50.x.x, i didnt connected all of the computers i just connected mine.....and it showed limited connectivity.....

 

by: jburgaardPosted on 2008-06-25 at 04:39:24ID: 21864416

At what port is the DHCP-SBS server connected  in the new setup??
and at what port is the Astaro Securtiy Gateway V7 ??
As there is only one network card (=NIC) on the DHCP-server there is no need for trunk (in HP-terms) here.
There is only one cable to the Astaro Securtiy Gateway V7 I asume, so no need for trunk (in HP-terms) here either; but some tagging of vlans will be needed.
HTH

 

by: usmansultanPosted on 2008-06-25 at 17:00:12ID: 21870857

The DHCP-SBS server is using the ports 546 and 547.
the port that Astaro firewall is using is 444.
We have two identical Linux boxes on which Astaro firewall is running, so that when one go's down we have the other one, now two ports which were in trunk mode were used for these two boxes.
which VLANs will need tagging........

 

by: usmansultanPosted on 2008-06-25 at 17:52:41ID: 21871001

Sorry the Astaro firewall port is 4444

 

by: jburgaardPosted on 2008-06-25 at 23:21:19ID: 21872157

'which VLANs will need tagging........'
Plain access-ports no tag.
In other links the 'tagging-mix' in both ends must match, meaning the vlans you want to carry must be either tagged or untagged on the port. In a  common setup you would make all these vlan's tagged on all other vlan's but vlan1. (When connecting HP-HP you could also tag vlan1, but untag vlan1 in HP-Cisco links).

HTH

 

by: jburgaardPosted on 2008-06-25 at 23:36:35ID: 21872199


'which VLANs will need tagging........'
Plain access-ports no tag.
In other links(Cisco-term:trunk) the 'tagging-mix' in both ends must match, meaning the vlans you want to carry must be either tagged or untagged the same way on the ports in both ends of the link.

In a  common setup you would make all these vlan's tagged on all other vlan's but vlan1. (When connecting HP-HP you could also tag vlan1, but untag vlan1 in HP-Cisco links).
HTH

 

by: usmansultanPosted on 2008-06-25 at 23:54:17ID: 21872286

there will be no connection between Cisco and HP switch, once the HP switch is up and running, i will take out the cisco switch.
Now if i understand correctly i should untage VLAN1 (Default Vlan)
tag VLAN2 and VLAN3.
but if i dont assign the firewall ports any trunk or VLAN, they goes into Default Vlan.

 

by: jburgaardPosted on 2008-06-25 at 23:59:38ID: 21872317

yes

 

by: usmansultanPosted on 2008-06-26 at 00:10:31ID: 21872359

On the old cisco switch it didnt had any IP address, as well as it didnt had any DHCP address, no VLAN address was defined as well, if you can look at the top where i pasted the configuration for the switch, so should i do the same with HP switch....
Also if i dont assign the firewall ports to any trunk port or VLAN, they goes into Default Vlan, so is it going to make any difference........before the firewall ports were on trunk ports........

 

by: jburgaardPosted on 2008-06-26 at 01:23:52ID: 21872698

Where you used to connect to Cisco-term 'trunk' ports, you now should connect to HP-term 'tagged' ports

Only out-of-band configuration?
If you want to communicate with the HP-switch by means of serial-cable only, then you do not need an IP.
Otherwise asign IP's to the vlan's in witch you want to be able to communicate with the box.

 

by: usmansultanPosted on 2008-06-26 at 21:27:49ID: 21880986

Yes the two firewall cables from linux boxes were used to connect to Cisco trunk ports.
So if i am not wrong i have to connect the two firewall ports to tagged ports on HP switch with no or defailt vlan ?
I will be conneing throght the serial port,so do i need to provide IP and subnet mask t ht eirz

 

by: usmansultanPosted on 2008-06-26 at 22:07:25ID: 21881081

Sorry about the last reply...i just wrote.....didnt see it before sending i will write it again....

Yes the two firewall cables from linux boxes were used to connect to Cisco trunk ports, which was providing us a gigabyte link.
So if i am not wrong i have to connect the two firewall ports and make them tagged ports (i.e. on HP switch) but would it be with default or withour default vlan ?
I will be connecting the HP switch through the serial port,so do i need to provide IP address, subnet mask and default gateway to the HP switch.
Thanks.

 

by: jburgaardPosted on 2008-06-27 at 00:33:24ID: 21881531

Yes, if you do not plan to use vlan 1, on HP:
vlan 2 tagged
vlan 3 tagged
-----
Old setup I think (no config shown) Cisco trunk ports in HP-language would translate to:
vlan 2 tagged
vlan 3 tagged
vlan 1 untagged
HTH

 

by: usmansultanPosted on 2008-06-29 at 16:38:49ID: 21895938

so where i will connect the two firewall ports that were connected to the trunk ports in Cisco switch.

 

by: jburgaardPosted on 2008-06-30 at 02:05:13ID: 21897635

You connect to HP-'tagged ports' instead of Cisco-'trunk ports'  to let several vlans flow between devices.

 

by: usmansultanPosted on 2008-07-01 at 00:17:41ID: 21905484

Thanks.
If i didnt get it wrong, i will tagg two ports and connect the firewall ports to them, but then they will be automatically be assigned to default-vlan, would that be fine.
And to reconfirm one more thing, i will be connecting to the switch through serial cable, so i dont have to assign any IP address to VLAN's or DHCP, or Gateway.

 

by: jburgaardPosted on 2008-07-01 at 04:20:36ID: 21906487

'but then they will be automatically be assigned to default-vlan'
No, you decide.

Fex.: Asume port 7 is connected to  Astaro Securtiy Gateway V7
then a config without vlan 1 on port 7 would include:
vlan 1
...some settings
no untagged 7
...other settings
exit

HTH

 

by: jburgaardPosted on 2008-07-01 at 04:25:18ID: 21906508

'And to reconfirm one more thing, i will be connecting to the switch through serial cable, so i dont have to assign any IP address to VLAN's or DHCP, or Gateway.'
No

 

by: usmansultanPosted on 2008-07-01 at 19:30:44ID: 21913026

I have tagged the ports for VLAN2 and VLAN3, and untagged the Port for VLAN1 on which the firewall ports will be connected.I have taken out all the IP addresses.
Then i tried to connect a laptop directly to the HP switch (i.e. without the firewall or Authen.Server ports), but its still showing limited access.I tried doing releasing and renewing the IP, it showed the message that it not able to retrieve IP from DHCP server.

 

by: jburgaardPosted on 2008-07-01 at 22:38:39ID: 21913711

To find out if this is only a DHCP matter or a broader problem, please try to give the PC static settings of IP, netmask,dgw,DNS.. whatever would normaly be asigned by DHCP.
Then try if basic connectivity is as expected , ping dgw, ping dns-server , tracert www.google.com etc.

 

by: usmansultanPosted on 2008-07-02 at 00:24:05ID: 21914158

Ok, so i will assign static addresses to IP, Gateway, Netmaks and DNS.
After doing that i will connect it directly to HP switch, without connecting firewall or Auth.Server ports.
Am i right so far.

 

by: jburgaardPosted on 2008-07-02 at 03:25:37ID: 21914883

'without connecting firewall or Auth.Server ports'
Do you not need this to go to gateway and DNS?

 

by: usmansultanPosted on 2008-07-02 at 16:37:55ID: 21921736

No, i dont think so.
but if it had to go through the Gateway and DNS, what difference it will make........

 

by: jburgaardPosted on 2008-07-04 at 07:50:38ID: 21933403

IS basic connectivity as expected, when asigning static IP settings?
What is the IP ?
what is the netmask?
dgw?
dns?/wins?
can you ping dgw?
ping dns-server ?
tracert www.google.com etc.

Perhaps some topology and roles of involved componets could clear up the problem.
Where is the DHCP-server?
at what vlan is it operating?
is the PC in the same vlan?
where is routing taking place in your network?
How is the connection  from DHCP-server to the PC in question?
Does the DHCP-server have same network as your PC?
Is a switch in between with an IP helper adress configured?
Does trafic go th. some device with filtering capacities?

 

by: usmansultanPosted on 2008-07-09 at 23:30:53ID: 21970863

Sorry for lae reply, i was trying to test couple of things but it didnt worked out, anyways i will answer most of your questions, the ones i cant are because i have to unplug the firewall prots and attach it to HP switch, and i can only do that when there is no one in the office which is a rare chance, anyways i have taken the permission and i can do it over the weekend.

What is the IP ? 10.50.10.19
what is the netmask? 255.255.255.0
dgw? 192.168.0.1
can you ping dgw?I cant,because for that i have to take out the firewall and proxy ports, to get a response from dgw.
ping dns-server ?No
tracert www.google.com? I cant, because i cant ping the DHCP server.

Where is the DHCP-server? I will post the network diagram then it will be easy for you to understand.
at what vlan is it operating? Its not operating on any VLAN, all the windows server are connected through Netgear switch and are on the subnet of 192.168.x.x, and the desktops are on 10.50.x.x
is the PC in the same vlan?Workstations are on VLAN 2.
where is routing taking place in your network? I am not sure about the question so i will answer what i know, we have cisco 2600 router, but thats not managed by us, its managed by other comany,
How is the connection from DHCP-server to the PC in question?Not sure, thats where i am stuck.
Does the DHCP-server have same network as your PC? No, both are on different subnet.
Is a switch in between with an IP helper adress configured?There is a switch but its a normal 5 port Netgear switch.
Does trafic go th. some device with filtering capacities?Yes it goes through Astaro Firewall, and i have to add the machine in that firewall so that it can access the browser.

 

by: jburgaardPosted on 2008-07-12 at 00:43:19ID: 21988064

I F  Cisco 2950  is routing then 2810 should have
ip routing
AND  I F  Cisco 2950 has ip helper address configured, then
2810 should have the same.

As PC used for test I would use one known to work in the old setup.

HTH

 

by: usmansultanPosted on 2008-07-14 at 22:16:49ID: 22004296

I am not sure if the old Cisco had been configured to use IP helper or not, not sure how to check it.
Also the PC i used for testing used to work with the old setup.
If i do IPconfig/all on my worksations (with the old setup with Cisco), i get this.


Windows IP Configuration

        Host Name . . . . . . . . . . . . : Computer Name
        Primary Dns Suffix  . . . . . . . : Company Name.Local
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : Company Name.Local
                                           

Ethernet adapter Local Area Connection 4:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet8
        Physical Address. . . . . . . . . : 00-50-56-C0-00-08
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.x.x
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 192.168.11.x
        Primary WINS Server . . . . . . . : 192.168.11.x
        Lease Obtained. . . . . . . . . . : Monday, 14 July 2008 16:20:20
        Lease Expires . . . . . . . . . . : Monday, 14 July 2008 16:50:20

Ethernet adapter Local Area Connection 3:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet1
        Physical Address. . . . . . . . . : 00-50-56-C0-00-01
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.204.x
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 192.168.204.x
        Lease Obtained. . . . . . . . . . : Monday, 14 July 2008 16:20:20
        Lease Expires . . . . . . . . . . : Monday, 14 July 2008 16:50:20

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : Company Name.Local
        Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network C
onnection
        Physical Address. . . . . . . . . : 00-1A-6B-5B-00-68
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.50.10.x
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.50.10.x
        DHCP Server . . . . . . . . . . . : 192.168.0.x
        DNS Servers . . . . . . . . . . . : 192.168.0.x
        Primary WINS Server . . . . . . . : 192.168.0.x
        Lease Obtained. . . . . . . . . . : Monday, 14 July 2008 15:19:15
        Lease Expires . . . . . . . . . . : Tuesday, 22 July 2008 15:19:15

Ethernet adapter Local Area Connection 2:

        Media State . . . . . . . . . . . : Media disconnected
        Description . . . . . . . . . . . : TAP-Win32 Adapter V8
        Physical Address. . . . . . . . . : 00-FF-4C-89-E8-10


And when I do IPConfig/all on the DHCP(i.e. Microsoft SBS) server, I get this;


Windows IP Configuration

   Host Name . . . . . . . . . . . . : Windows SBS
   Primary Dns Suffix  . . . . . . . : Company Name.Local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : Company Name.Local

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-11-09-AF-45-B8
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.x
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.x
   DNS Servers . . . . . . . . . . . : 192.168.0.x
   Primary WINS Server . . . . . . . : 192.168.0.x

But when i connect it to HP switch i get allocated an IP address with the range of 169.x.x.x with limited access, i think its not able to get through to DHCP server.

 

by: usmansultanPosted on 2008-07-15 at 22:49:30ID: 22013474

and when i issue ip routing command on HP switch, it doest recognise routing, means it doesnt run.

 

by: usmansultanPosted on 2008-07-15 at 23:26:33ID: 22013610

Correct me if i am worng, i am not going to give any IP to the switch i am just going to assign it a default gateway of 192.168.0.254, and i am going to apply these settings.

Switch(config): ip default-gateway 192.168.0.254 (Default gateway address of the server)

VLAN2 (Desktops): 10.50.10.1 255.255.255.0 (port 9-45 untagged)

Vlan3(Auth.Server): 10.50.11.1 255.255.255.0 (Port 4-9 untagged)


The current scope options on the DHCP server are:
Servername [192.168.0.1]
Scope [10.50.10.0] Desktops
Ip's for distribution: 10.50.10.1 - 10.50.10.99
Scope options:
Router-->10.50.10.254
DNS Server-->192.168.0.1
WINS/NBNS Servers-->192.168.0.1
WINS/NBT Node Type-->0*8

Scope [192.168.0.0] Servers
IP's for distribution: 192.168.0.10 - 192.168.0.200
Router--> 192.168.0.254
DNS server -->192.168.0.1
WINS/NBNS Servers-->192.168.0.1


 

by: from_expPosted on 2008-07-15 at 23:39:09ID: 22013665

if you are migrating from cisco switch to hp switch it is goog to compare configurations:
please provide me with your cisco and hp configs.

 

by: usmansultanPosted on 2008-07-15 at 23:49:27ID: 22013720

Cisco Switch
 
Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/1                        notconnect   3            auto   auto 10/100BaseTX
Fa0/2                        connected    3          a-full  a-100 10/100BaseTX
Fa0/3                        connected    2          a-full  a-100 10/100BaseTX
Fa0/4                        notconnect   2            auto   auto 10/100BaseTX
Fa0/5                        connected    2          a-full  a-100 10/100BaseTX
Fa0/6                        connected    2          a-full  a-100 10/100BaseTX
Fa0/7                        connected    2          a-full  a-100 10/100BaseTX
Fa0/8                        connected    2          a-full  a-100 10/100BaseTX
Fa0/9                        notconnect   2            auto   auto 10/100BaseTX
Fa0/10                       notconnect   2            auto   auto 10/100BaseTX
Fa0/11                       notconnect   2            auto   auto 10/100BaseTX
Fa0/12                       connected    2          a-full  a-100 10/100BaseTX
Fa0/13                       notconnect   2            auto   auto 10/100BaseTX
Fa0/14                       connected    2          a-full   a-10 10/100BaseTX
Fa0/15                       connected    2          a-full  a-100 10/100BaseTX
Fa0/16                       connected    2          a-full  a-100 10/100BaseTX
Fa0/17                       connected    2          a-full  a-100 10/100BaseTX
Fa0/18                       connected    2          a-full  a-100 10/100BaseTX
Fa0/19                       connected    2          a-full  a-100 10/100BaseTX
Fa0/20                       notconnect   2            auto   auto 10/100BaseTX
Fa0/21                       notconnect   2            auto   auto 10/100BaseTX
 
Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/22                       connected    2          a-full  a-100 10/100BaseTX
Fa0/23                       notconnect   2            auto   auto 10/100BaseTX
Fa0/24                       notconnect   2            auto   auto 10/100BaseTX
Gi0/1                        connected    trunk      a-full a-1000 10/100/1000BaseTX
Gi0/2                        connected    trunk      a-full a-1000 10/100/1000BaseTX
switch1#

 

by: usmansultanPosted on 2008-07-15 at 23:54:14ID: 22013747

i keep changing the configuration of HP switch because i am not sure how to replicate that, it looks quite easy but when i replicated it, it didnt work, the reason i found was because when i connected my machine with the HP switch it was not able to get IP from the DHCP server, it got an IP address of 169.254.218.201; GW: 169.254.150.177, not sure from where it got these IP's, because they dont exist on our network, and i am not sure whether i should provide IP to the HP switch and VLAN's or not, because on Cisco switch there were no IP's given either to switch or to VLAN's, not sure how they work without it.

 

by: from_expPosted on 2008-07-15 at 23:55:15ID: 22013754

no,no I want CONFIG from cisco:
show running-config

 

by: usmansultanPosted on 2008-07-16 at 00:07:36ID: 22013799

switch1#show run
Building configuration...

Current configuration : 2653 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname switch1
!
enable secret 5 $1$bLVE$casHwhBk2NCRxhSvbpcvx/
!
ip subnet-zero
!
no ip domain-lookup
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/2
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 2
 switchport mode access

interface FastEthernet0/7
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/8
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/9
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/10
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/11
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/12
 switchport access vlan 2
 switchport mode access

interface FastEthernet0/13
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/14
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/15
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/16
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/17
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/18
 switchport access vlan 2
 switchport mode access

interface FastEthernet0/19
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/20
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/21
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/22
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/23
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/24
 switchport access vlan 2
 switchport mode access

interface GigabitEthernet0/1
 switchport mode trunk
!
interface GigabitEthernet0/2
 switchport mode trunk
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan2
 no ip address
 no ip route-cache
!
interface Vlan3
 no ip address
 no ip route-cache
 shutdown
!
ip http server
!
line con 0

login
line vty 0
 password
 login
line vty 1 4
 login
line vty 5 15
 login
!
!
end

 

by: from_expPosted on 2008-07-16 at 00:13:39ID: 22013826

hm, nothing interesting, can you provide me with your current hp config, also, please

 

by: usmansultanPosted on 2008-07-16 at 00:31:13ID: 22013892

HP running config....

Switch# show run

Running configuration:

; J9022A Configuration Editor; Created on release #N.11.06

hostname "Switch"
snmp-server contact "Networks"
time timezone 10
mirror-port 10
interface 1
   lacp Passive
exit
interface 4
   lacp Passive
exit
interface 5
   lacp Passive
exit
interface 6
   lacp Passive
exit
interface 7
   lacp Passive
exit
interface 8
   lacp Passive
exit
trunk 2-3 Trk1 Trunk
ip timep manual 192.168.0.1 interval 1
snmp-server community "switch1" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged Trk1
   no ip address
   no untagged 1,4-48
   ip proxy-arp
   exit
vlan 3
   name "Auth Server"
   no ip address
   tagged 1,4-8
   ip proxy-arp
   exit
vlan 2
   name "Desktops"
   untagged 9-48
   no ip address
   tagged Trk1
   ip proxy-arp
   exit
vlan 4
   name "FTP"
   no ip address
   exit
vlan 5
   name "Wireless"
   no ip address
   exit
interface 9
   monitor
   exit
spanning-tree
spanning-tree Trk1 priority 4
password manager

 

by: usmansultanPosted on 2008-07-16 at 00:46:05ID: 22013951

On HP switch we have decided to put more VLAN's, so ip routing command doesnt run on HP, not sure why, also i have mentioned the scope options on our DHCP server.

 

by: from_expPosted on 2008-07-16 at 00:56:44ID: 22014003

i can not find dhcp server on your picture. can you point me where it is

 

by: from_expPosted on 2008-07-16 at 00:58:44ID: 22014009

normally, when you have multiple vlans with dhcp clients in them, and single dhcp server only in one server vlan, then you should have dhcp relay configured on the switch.
it is done by ip helper address on the cisco. and possible, with the same command on procurve

 

by: jburgaardPosted on 2008-07-16 at 15:47:42ID: 22020882

Now it seems that no routing is taking place at the Cisco, you want to replace.
Then it should not be needed with routing and IP helper adress in new HP-switch.

As we now have a config of the old switch, perhaps it is possible to guess how you want the new setup:

config
interface 1-48
no lacp
exit
no trunk 2-3
vlan 1
   name "DEFAULT_VLAN"
   untagged 47,48
   no ip address
   no untagged 1-46
   no ip proxy-arp
   exit
vlan 3
   name "Auth Server"
   no ip address
   untagged 1-2
   tagged 47-48
   no ip proxy-arp
   exit
vlan 2
   name "Desktops"
   untagged 3-46
   no ip address
   tagged 47-48
   no ip proxy-arp
   exit
vlan 4
   name "FTP"
   no ip address
   tagged 47-48
   exit
vlan 5
   name "Wireless"
   tagged 47-48
   no ip address
   exit
no spanning-tree 47-48 edge-port
spanning-tree 47-48 priority 4
write mem

-here the Astaro Securtiy Gateway V7 can be connnected to port 47 or port 48 (used to be GigabitEthernet0/1 or  GigabitEthernet0/2) - all vlans in the links.
-Auth Server on port 1 or port 2 (used to be FastEthernet0/1 or FastEthernet0/2)
-PC's on all other ports

HTH

 

by: usmansultanPosted on 2008-07-16 at 18:26:07ID: 22021639


I am not sure if i have to use IP helper or not, anyways i am going to paste ipconfig from my machine and from the DHCP (Microsoft SBS) server, kindly have a look at it, and then i will ask some questions.

IPConfig/all from my machine.

Windows IP Configuration
Host Name . . . . . . . . . . . . : BNE01-053ws
Primary Dns Suffix . . . . . . . : Company.LOCAL
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Company.LOCAL
Company.LOCAL
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.11.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.11.254
Primary WINS Server . . . . . . . : 192.168.11.2
Lease Obtained. . . . . . . . . . : Thursday, 17 July 2008 10:24:28
Lease Expires . . . . . . . . . . : Thursday, 17 July 2008 10:54:28
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.204.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.204.254
Lease Obtained. . . . . . . . . . : Thursday, 17 July 2008 10:24:28
Lease Expires . . . . . . . . . . : Thursday, 17 July 2008 10:54:28
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Company.LOCAL
Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network C
onnection
Physical Address. . . . . . . . . : 00-1A-6B-5B-00-68
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.50.10.53
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.50.10.254
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Primary WINS Server . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Tuesday, 15 July 2008 16:37:34
Lease Expires . . . . . . . . . . : Wednesday, 23 July 2008 16:37:34
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : TAP-Win32 Adapter V8
Physical Address. . . . . . . . . : 00-FF-4C-89-E8-10

 

IpConfig/all from the DHCP Server.</P>


Windows IP Configuration
Host Name . . . . . . . . . . . . : bne01-001sv
Primary Dns Suffix . . . . . . . : Company.LOCAL
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : Company.LOCAL
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-11-09-AF-45-B8
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.254
DNS Servers . . . . . . . . . . . : 192.168.0.1
Primary WINS Server . . . . . . . : 192.168.0.1</SPAN>

1) Now do i have to give an IP address/Default GW to the switch, if yes then what IP addresses should i define for these.

2)If i have to use the IP helper command how i will use it, means how will i define the IP addresses for this command, should i use these IP's for VLAN2;

ip address: 10.50.10.1 255.255.255.0

ip helper-address: 10.50.10.1

and for VLAN3;

Ip address: 10.50.11.1 255.255.255.0

ip helper-address: 10.50.11.1

3)I have already posted the scope for the DHCP server yesterday at 04:26PM,  now do i have to define any new subnets under the DHCP scope.

4)Do i have to add these subnets under Astaro firewall.

 

by: usmansultanPosted on 2008-07-16 at 19:55:27ID: 22022033

I have received a call from HP Tech, and he told me that the ip helper will not work on this switch, and the reason why i need the ip-helper command is because we have two different subnets, and we need ip helper so that two subnets will be able to talk across each other, is he right?

 

by: usmansultanPosted on 2008-07-16 at 20:02:31ID: 22022048

and its a Layer 2 Switch.....

 

by: from_expPosted on 2008-07-16 at 22:36:14ID: 22022552

hm, take a look here:
ftp://ftp.hp.com/pub/networking/software/AdvTraff-Oct2005-59908853-Chap07-IProuting.pdf

it is possible, that you will need dhcp server at each vlan :(

 

by: usmansultanPosted on 2008-07-16 at 22:47:48ID: 22022594

Do you guys agree with what HP tech has said....that its a layer two switch and similar results cannot be obtained on this, it can only be done if i link two switches.........

 

by: usmansultanPosted on 2008-07-16 at 22:48:52ID: 22022596

its an HP PRO CURVE 2810 switch.

 

by: usmansultanPosted on 2008-07-16 at 23:20:51ID: 22022736

Its getting no where....

what if i wont migrate, means i keep both the switches, but i want to link the two switches, how can link both of them, the HP Pro switch provides gigbyte connection so can i link the Cisco switch and pass the VLAN information and connect my desktops to HP switch.

What configuration i need to do on the switches.......

 

by: usmansultanPosted on 2008-07-16 at 23:21:57ID: 22022741

The two switches that i am referring to are Cisco 2950 switch and HP Pro Curve 2810 switch.

 

by: from_expPosted on 2008-07-16 at 23:51:04ID: 22022853

you can configure both to use gigabits.
so on cisco config will look like:
conf t
int gi0/1
switchport
switchport mode trunk
switchport allowed vlans 1-3
end

on hp config should look very similar

 

by: usmansultanPosted on 2008-07-17 at 00:19:15ID: 22023000

Do i have to set up VLAN's on HP switch?

Also if you have looked at my cisco runinng configuration these two interfaces exist on the switch.

interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
switchport mode trunk

So if i am not wrong i have to go into config mode on cisco switch and run,

switchport allowed vlans 1-3.

Right.

and on the cisco switch port; 1-2 connects to Auth. Server (VLAN3), and from port 3-24 it connects to desktops (VLAN2), and there are two gigabyte ports which connects to the firewall.

So which port i have to use to connect the cisco switch to the HP switch?

 

by: from_expPosted on 2008-07-17 at 01:10:30ID: 22023271

if you don't have spare gig, then you should use 100M port :( do you need both FW ports to be 1G?
and yes, you have to setup vlans on hp.

 

by: jburgaardPosted on 2008-07-17 at 02:18:20ID: 22023580

did you read my post Date:07.16.2008 at 03:47PM PDT?

 

by: usmansultanPosted on 2008-07-17 at 08:06:53ID: 22026234

i dont need both the ports to be 1 gig, so you reccom, i should use one of these ports and connect it to the HP switch?, also do i have set any IP addresses or default GW on the HP yes....if yes then which IP's should i give?
Jburgaard; are you refferring to your post that you posted on 7:17.2008 at 8:47, because i cant find the post that you are mentioning....

 

by: jburgaardPosted on 2008-07-17 at 08:59:06ID: 22026923

cut&paste gives:
ID:22020882Author:jburgaardDate:07.16.2008 at 03:47PM PDT
-so things looks different where you are :-)

some point are:
1) run the switch as a layer 2 device, because Cisco is config'ed that way
2) to make vlans work: get rid of trunks, in a HP-config the term used is 'tagging'

HTH

 

by: from_expPosted on 2008-07-17 at 12:10:22ID: 22028971

hi.
in case when you are going to use your switch as simple L2 connected to cisco, it needs ip and default gw only for management, so you configure only vlan 1 (if it is management vlan) with ip.
if you don't want to connect to switch remotely you don't need to create ip addresses on hp at all

 

by: usmansultanPosted on 2008-07-17 at 17:12:42ID: 22031490

I am going tp connect to the switch through the serial port, but as you guys said i have to create VLANs on the HP switch, so if i only create VLAN1 as from_exp, suggested how its going to pass the information from both the VLANs on cisco to HP, do i need extra  VLAN's setted up on the HP? i am bit confused on which port should i use to connect both the switches, because i will assign the ports on the HP switch for the VLAN,so which port on HP switch should i dedicate for Cisco connection,on which VLAN it should be, or should i leave it without assigning it any VLAN?

Also which port can i use on the Cisco switch to connect it to HP switch,both the firewalls ports are connected to two Unix firewall boxes, so should i use one of them, if i use one of them where i will connect the other firewall port.?or can i use any other port, if i can use any other port then from which VLAN port i can use,
1-2 connects to Auth. Server (VLAN3), and from port 3-24 it connects to desktops (VLAN2), and there are two gigabyte ports which connects to the firewall.

 I am planning to test it out today, so please if you can guys help me out before that i would be highly grateful...

Thanks.

 

by: from_expPosted on 2008-07-17 at 22:50:23ID: 22033127

hi!
let me explain my vision of your network:
you are going to add additional 48 ports to your network, so I suppose, you can move one of the FW gig ports in cisco to HP gig port.
We need that gig cisco port to interconnect switches. on HP we can use port 48
so cisco port should look like:
conf t
int gi0/1
switchport
switchport mode trunk
switchport allowed vlans 1-3
end
procurve port 48 should be configured accordingly (not a hp expert, sorry ) - tagged with all 3 vlans allowed.
and sure thing procurve should have all 3 vlans created.
I would suggest using port 47 for firewall, so this port should also be tagged with all 3 vlans allowed.


 

by: usmansultanPosted on 2008-07-17 at 23:23:26ID: 22033216

I had a chat with the HP tech, he reccommends that if i take out the gigabyte (FW) port it will take out the network, so he is saying use any other port, but trunk (tag) it,

there are two VLAN's and both the vlans have different subnet's, VLAN2 has 10.50.10.254/24 and VLAN3 has 192.168.0.254/24, now if i use the switchport allowed vlans 1-3 command would it restrict the vlans?And can i use any other port, lets say port 6 which comes under VLAN2, and if i use port 6 on VLAN 2 do i have to do anything on VLAN3 because its a different subnet.

i just thought i will let you know, i will do whatever you say.

if anything goes wrong and i want to take out the "switchport mode trunk" from that port how i will do it, would it be like this

"no switchport mode trunk" (and it will stop broadcasting the information for vlan and it will come back to its original settings.)

 

by: from_expPosted on 2008-07-17 at 23:40:25ID: 22033267

hi
to change ports from trunk and back to access:
switchport mode trunk/switchport mode access
switchportr trun allowed vlans 1-3 - if you have more vlans, you have name them also, because when you don't issue this command all vlans are allowed on particular port, however I think that it is not a very good idea to allow all, instead of exactly what you need

you can save cisco's port 6 config and change it to trunk, and then you can paste back saved config to undo changes.
as for gig ports, I don't think that this is a good idea trunking 48 gigs via single 100M port. just imagine oversubscription ratio!
and it is not clear to me, why you can't place one of the FW ports (as I understand both gigs on cisco are used by FWs) to HP...

 

by: usmansultanPosted on 2008-07-17 at 23:58:29ID: 22033335

Thanks.

The tech from HP told me that my network will be disturbed if i take out one of the FW ports from there, he said that after looking at the diagram that i have posted over here as well.

The two firewall ports are already configured as trunk ports, if you look at my cisco config.

interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
switchport mode trunk

Now the only thing i need to add is this (correct me if i am wrong)

conf t
int gigabitethernet0/2
switchport allowed vlans 1-3
end

and if anything goes wrong and i want to go back to old settings i have to do this;

switchport mode trunk/switchport mode access

right.

and on HP switch i have created two VLAN's, and assign it a default GW of 192.168.0.254/24 (for managebility) if the Default GW is not required let me know.

Also i am going to tag the port 48 on hp switch which comes under all VLAN.

Please let me know if whatever i have written is right.  

 

 

by: usmansultanPosted on 2008-07-18 at 00:20:17ID: 22033416

if i take out one of the firewall ports, and connect it back again it sends out this message;  


HA node is now Slave

--
HA Status : HA SLAVE (node id: 2)
System Uptime : 95 days 6 hours 24 minutes
System Load : 0.45
System Version : Astaro Security Gateway 7.104

Please refer to the manual for detailed instructions.

 

by: from_expPosted on 2008-07-18 at 00:37:26ID: 22033506

hm...
wrong
so gi0/1 and gi0/2 are interfaces of FW, which works in failover mode.
you don't need to add this
conf t
int gigabitethernet0/2
switchport allowed vlans 1-3
end
if the port is occupied by firewall
however, I would recommend you to make a try to unplug FW (do not make and changes to port), plug your HP port 48(configured as tagged for all needed vlans), and then plug FW to port 47 (also configured tagged for all needed vlans).
after that FWs should be able to sense each other again and you can try to unplug second FW port from cisco to chech if you can reach internet via FW plugged to HP

 

by: usmansultanPosted on 2008-07-18 at 10:44:07ID: 22038097

ok if i got you right you asked me to take out the firewall port from cisco switch, plug in the uplink cable from cisco to the HP port (i.e 48), and the firewall cable that i took out from cisco switch, plug it to hp port #47.

If that doesnt work then i should use the switchport allowed vlans 1-3, command, and if that doesnt work, what shoud i do.

and how i will take out this command that i have run on the cisco switch.
</P>

 

by: from_expPosted on 2008-07-18 at 11:49:35ID: 22038634

if you don't save config, than simple reboot returns switch to orinal state.
tagging between cisco and hp should be configured!
(cisco port is in trunked mode and allows all vlans, so just configure port 48 and 47 on procurve)

 

by: usmansultanPosted on 2008-07-19 at 04:10:26ID: 22042174

I dont need to add this;

conf t
int gigabitethernet0/2
switchport allowed vlans 1-3
end

 

by: from_expPosted on 2008-07-20 at 04:32:26ID: 22045342

at this time - no, but later, I would do that, because you don't need all vlans to be there, but only needed

 

by: usmansultanPosted on 2008-07-28 at 17:12:07ID: 31469621

Thanks a ton, for helping me, i appreciate your help and time that you have spent to answer my questions.

 

by: usmansultanPosted on 2008-07-28 at 17:13:03ID: 22107821

Its done, thanks a lot for both of you...

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...