Solved

HP Pro Curve 2810 not picking up IP address from DHCP Server

Posted on 2008-06-22
75
11,729 Views
Last Modified: 2012-08-14
I am migrating a Cisco 2950 switch to HP Pro Curve 2810 switch, On Cisco 2950 switch there are 2 VLAN's and 2 trunck ports setted up, i am going to paste the configuration for both the switches.
There are two VLAN's on the Cisco switch, one is Desktop and the other is for Auth.Server, and we have two Gigabit (Trunck Ports) for firwall from where all the network connections goes through, the firewall that is being used is Astaro Securtiy Gateway V7.
Now on the weekend i was trying to migrate the Cisco2950 switch over to HP Pro Curve 2810, but when i plugged the firewall / Auth. Servers cables on to the new switch, the dektops were not able to get an IP address from the DHCP server. (i.e Microsoft SBS server), I setted the new switch DHCP to Manual, Disable and automatic but none of them worked out.I am missing something but not able to figure out what....
Cisco Switch

 

Port      Name               Status       Vlan       Duplex  Speed Type

Fa0/1                        notconnect   3            auto   auto 10/100BaseTX

Fa0/2                        connected    3          a-full  a-100 10/100BaseTX

Fa0/3                        connected    2          a-full  a-100 10/100BaseTX

Fa0/4                        notconnect   2            auto   auto 10/100BaseTX

Fa0/5                        connected    2          a-full  a-100 10/100BaseTX

Fa0/6                        connected    2          a-full  a-100 10/100BaseTX

Fa0/7                        connected    2          a-full  a-100 10/100BaseTX

Fa0/8                        connected    2          a-full  a-100 10/100BaseTX

Fa0/9                        notconnect   2            auto   auto 10/100BaseTX

Fa0/10                       notconnect   2            auto   auto 10/100BaseTX

Fa0/11                       notconnect   2            auto   auto 10/100BaseTX

Fa0/12                       connected    2          a-full  a-100 10/100BaseTX

Fa0/13                       notconnect   2            auto   auto 10/100BaseTX

Fa0/14                       connected    2          a-full   a-10 10/100BaseTX

Fa0/15                       connected    2          a-full  a-100 10/100BaseTX

Fa0/16                       connected    2          a-full  a-100 10/100BaseTX

Fa0/17                       connected    2          a-full  a-100 10/100BaseTX

Fa0/18                       connected    2          a-full  a-100 10/100BaseTX

Fa0/19                       connected    2          a-full  a-100 10/100BaseTX

Fa0/20                       notconnect   2            auto   auto 10/100BaseTX

Fa0/21                       notconnect   2            auto   auto 10/100BaseTX

 

Port      Name               Status       Vlan       Duplex  Speed Type

Fa0/22                       connected    2          a-full  a-100 10/100BaseTX

Fa0/23                       notconnect   2            auto   auto 10/100BaseTX

Fa0/24                       notconnect   2            auto   auto 10/100BaseTX

Gi0/1                        connected    trunk      a-full a-1000 10/100/1000BaseTX

Gi0/2                        connected    trunk      a-full a-1000 10/100/1000BaseTX

switch1#

Open in new window

Astaro-Firwall.JPG
0
Comment
Question by:usmansultan
  • 42
  • 18
  • 14
  • +1
75 Comments
 
LVL 1

Author Comment

by:usmansultan
ID: 21843017

                     HP Pro Curve 2810
 

 Status and Counters - Port Status
 

                   | Intrusion                           MDI   Flow  Bcast

  Port   Type      | Alert     Enabled Status Mode       Mode  Ctrl  Limit

  ------ --------- + --------- ------- ------ ---------- ----- ----- ------

  1-Trk1 100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  2-Trk1 100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  3-Trk1 100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  4-Trk1 100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  5-Trk2 100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  6-Trk2 100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  7-Trk3 100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  8-Trk3 100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  9      100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  10     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  11     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  12     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  13     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  14     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  15     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  16     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  17     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  18     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  19     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  20     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  21     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  22     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  23     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  24     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  25     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  26     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  27     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  28     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  29     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  30     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  31     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  32     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  33     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  34     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  35     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  36     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  37     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  38     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  39     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  40     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  41     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  42     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  43     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  44     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  45     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  46     100/1000T | No        Yes     Down   1000FDx    MDI   off   0

  47     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

  48     100/1000T | No        Yes     Down   1000FDx    MDIX  off   0

Open in new window

0
 
LVL 1

Author Comment

by:usmansultan
ID: 21843025

               HP Pro Curve 2810 Config.
 

hostname "Facet HP2810 Switch"

snmp-server contact "Networks"

time timezone 10

mirror-port 10

trunk 1-4 Trk1 LACP

trunk 5-6 Trk2 LACP

trunk 7-8 Trk3 LACP

ip default-gateway 192.168.0.254

snmp-server community "Facet" Unrestricted

vlan 1

   name "DEFAULT_VLAN"

   untagged Trk2-Trk3

   ip address 192.168.0.50 255.255.255.0

   no untagged 9-Trk1

   exit

vlan 3

   name "Auth Server"

   untagged Trk1

   exit

vlan 2

   name "Desktops"

   untagged 9-48

   exit

vlan 4

   name "FTP"

   exit

vlan 5

   name "Wireless"

   exit

interface 9

   monitor

   exit

spanning-tree

spanning-tree Trk1 priority 4

spanning-tree Trk2 priority 4

spanning-tree Trk3 priority 4

password manager

Open in new window

0
 
LVL 5

Expert Comment

by:jenkinsme
ID: 21843032
Does your server or your switch normally handle DHCP?
If it is your server then you may want to check services.msc
Start > Run > services.msc and make sure DHCP server service is still running
If you are doing DHCP orginally through the Cisco unit and you now want to use the DHCP features of the HP Pro Curve then first thing would be to setup the HP Pro Curve by itself and connect a laptop or a PC (not server) to one of the ethernet ports and see if it can get an ip address without any other network devices being between the laptop/PC and the HP Pro Curve. If at that point you can get an ip address then you may want to start checking settings on your security gateway it may be blocking packets from the HP Pro Curve being a new device on the network.
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21843072
Yes the SBS server handels our DHCP.
The DHCP is running because when i plugged my computer to the HP switch, it got an IP address between the range of 169.254.218.201 and subnet 255.255.0.0,Gateway 169.254.150.177 and DHCP server 255.255.255.255, where as for our desktops my ip is 10.50.10.53/24 with a default gateway of 10.50.10.254,
Now when i plugged the cable back to Cisco Switch it got the IP of 10.50.10.53. That means its getting the IP from the server.
When i connect a Laptop directly to HP switch it shows limited connectivity, and gets an IP address between the range of 169.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21851029
169.254.x.x sure sounds like no good connection to DHCP-server.

Could you please clarify, at what port(s) is the DHCP-SBS server connected to in the old setup and to whitch port(s) in the new setup??
and at what port(s) is the Astaro Securtiy Gateway V7 ??

0
 
LVL 1

Author Comment

by:usmansultan
ID: 21853087
I am not sure on which ports the old switch was connected to,
On Cisco switch how can i find it out?
Do i have to define a new rule in Astaro firewall for the ports.
I tried doing one thing, i connected a laptop directly to switch, without connecting firewall or proxy, but still it shows that the network access is limited.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21853947
What I am after: do you actually in the new setup USE trunk in the HP sense, that is aggregated links?
In other words are you connecting more ports in the switch to more NIC's on the server?
(in Cisco-language trunks are something else, more vlans in one link, I think)
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21863300
I have taken out the Trunk Port, because i thought that might be the problem, but when i took out the trunk port, it assigned those ports to the default vlan....which i dont want....
How can i find out that i am connecting more ports to the switch to more NIC's on the server?
All the workstations would be getting the DHCP from the SBS server, on that server we have one network card, and ip of that is 192.168.x.x, and the ip range for the desktops are 10.50.x.x, i didnt connected all of the computers i just connected mine.....and it showed limited connectivity.....
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21864416
At what port is the DHCP-SBS server connected  in the new setup??
and at what port is the Astaro Securtiy Gateway V7 ??
As there is only one network card (=NIC) on the DHCP-server there is no need for trunk (in HP-terms) here.
There is only one cable to the Astaro Securtiy Gateway V7 I asume, so no need for trunk (in HP-terms) here either; but some tagging of vlans will be needed.
HTH
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21870857
The DHCP-SBS server is using the ports 546 and 547.
the port that Astaro firewall is using is 444.
We have two identical Linux boxes on which Astaro firewall is running, so that when one go's down we have the other one, now two ports which were in trunk mode were used for these two boxes.
which VLANs will need tagging........
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21871001
Sorry the Astaro firewall port is 4444
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21872157
'which VLANs will need tagging........'
Plain access-ports no tag.
In other links the 'tagging-mix' in both ends must match, meaning the vlans you want to carry must be either tagged or untagged on the port. In a  common setup you would make all these vlan's tagged on all other vlan's but vlan1. (When connecting HP-HP you could also tag vlan1, but untag vlan1 in HP-Cisco links).

HTH
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21872199

'which VLANs will need tagging........'
Plain access-ports no tag.
In other links(Cisco-term:trunk) the 'tagging-mix' in both ends must match, meaning the vlans you want to carry must be either tagged or untagged the same way on the ports in both ends of the link.

In a  common setup you would make all these vlan's tagged on all other vlan's but vlan1. (When connecting HP-HP you could also tag vlan1, but untag vlan1 in HP-Cisco links).
HTH
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21872286
there will be no connection between Cisco and HP switch, once the HP switch is up and running, i will take out the cisco switch.
Now if i understand correctly i should untage VLAN1 (Default Vlan)
tag VLAN2 and VLAN3.
but if i dont assign the firewall ports any trunk or VLAN, they goes into Default Vlan.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21872317
yes
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21872359
On the old cisco switch it didnt had any IP address, as well as it didnt had any DHCP address, no VLAN address was defined as well, if you can look at the top where i pasted the configuration for the switch, so should i do the same with HP switch....
Also if i dont assign the firewall ports to any trunk port or VLAN, they goes into Default Vlan, so is it going to make any difference........before the firewall ports were on trunk ports........
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21872698
Where you used to connect to Cisco-term 'trunk' ports, you now should connect to HP-term 'tagged' ports

Only out-of-band configuration?
If you want to communicate with the HP-switch by means of serial-cable only, then you do not need an IP.
Otherwise asign IP's to the vlan's in witch you want to be able to communicate with the box.

0
 
LVL 1

Author Comment

by:usmansultan
ID: 21880986
Yes the two firewall cables from linux boxes were used to connect to Cisco trunk ports.
So if i am not wrong i have to connect the two firewall ports to tagged ports on HP switch with no or defailt vlan ?
I will be conneing throght the serial port,so do i need to provide IP and subnet mask t ht eirz
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21881081
Sorry about the last reply...i just wrote.....didnt see it before sending i will write it again....

Yes the two firewall cables from linux boxes were used to connect to Cisco trunk ports, which was providing us a gigabyte link.
So if i am not wrong i have to connect the two firewall ports and make them tagged ports (i.e. on HP switch) but would it be with default or withour default vlan ?
I will be connecting the HP switch through the serial port,so do i need to provide IP address, subnet mask and default gateway to the HP switch.
Thanks.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21881531
Yes, if you do not plan to use vlan 1, on HP:
vlan 2 tagged
vlan 3 tagged
-----
Old setup I think (no config shown) Cisco trunk ports in HP-language would translate to:
vlan 2 tagged
vlan 3 tagged
vlan 1 untagged
HTH
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21895938
so where i will connect the two firewall ports that were connected to the trunk ports in Cisco switch.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21897635
You connect to HP-'tagged ports' instead of Cisco-'trunk ports'  to let several vlans flow between devices.
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21905484
Thanks.
If i didnt get it wrong, i will tagg two ports and connect the firewall ports to them, but then they will be automatically be assigned to default-vlan, would that be fine.
And to reconfirm one more thing, i will be connecting to the switch through serial cable, so i dont have to assign any IP address to VLAN's or DHCP, or Gateway.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21906487
'but then they will be automatically be assigned to default-vlan'
No, you decide.

Fex.: Asume port 7 is connected to  Astaro Securtiy Gateway V7
then a config without vlan 1 on port 7 would include:
vlan 1
...some settings
no untagged 7
...other settings
exit

HTH
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21906508
'And to reconfirm one more thing, i will be connecting to the switch through serial cable, so i dont have to assign any IP address to VLAN's or DHCP, or Gateway.'
No
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21913026
I have tagged the ports for VLAN2 and VLAN3, and untagged the Port for VLAN1 on which the firewall ports will be connected.I have taken out all the IP addresses.
Then i tried to connect a laptop directly to the HP switch (i.e. without the firewall or Authen.Server ports), but its still showing limited access.I tried doing releasing and renewing the IP, it showed the message that it not able to retrieve IP from DHCP server.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21913711
To find out if this is only a DHCP matter or a broader problem, please try to give the PC static settings of IP, netmask,dgw,DNS.. whatever would normaly be asigned by DHCP.
Then try if basic connectivity is as expected , ping dgw, ping dns-server , tracert www.google.com etc.

0
 
LVL 1

Author Comment

by:usmansultan
ID: 21914158
Ok, so i will assign static addresses to IP, Gateway, Netmaks and DNS.
After doing that i will connect it directly to HP switch, without connecting firewall or Auth.Server ports.
Am i right so far.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21914883
'without connecting firewall or Auth.Server ports'
Do you not need this to go to gateway and DNS?
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21921736
No, i dont think so.
but if it had to go through the Gateway and DNS, what difference it will make........
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21933403
IS basic connectivity as expected, when asigning static IP settings?
What is the IP ?
what is the netmask?
dgw?
dns?/wins?
can you ping dgw?
ping dns-server ?
tracert www.google.com etc.

Perhaps some topology and roles of involved componets could clear up the problem.
Where is the DHCP-server?
at what vlan is it operating?
is the PC in the same vlan?
where is routing taking place in your network?
How is the connection  from DHCP-server to the PC in question?
Does the DHCP-server have same network as your PC?
Is a switch in between with an IP helper adress configured?
Does trafic go th. some device with filtering capacities?
0
 
LVL 1

Author Comment

by:usmansultan
ID: 21970863
Sorry for lae reply, i was trying to test couple of things but it didnt worked out, anyways i will answer most of your questions, the ones i cant are because i have to unplug the firewall prots and attach it to HP switch, and i can only do that when there is no one in the office which is a rare chance, anyways i have taken the permission and i can do it over the weekend.

What is the IP ? 10.50.10.19
what is the netmask? 255.255.255.0
dgw? 192.168.0.1
can you ping dgw?I cant,because for that i have to take out the firewall and proxy ports, to get a response from dgw.
ping dns-server ?No
tracert www.google.com? I cant, because i cant ping the DHCP server.

Where is the DHCP-server? I will post the network diagram then it will be easy for you to understand.
at what vlan is it operating? Its not operating on any VLAN, all the windows server are connected through Netgear switch and are on the subnet of 192.168.x.x, and the desktops are on 10.50.x.x
is the PC in the same vlan?Workstations are on VLAN 2.
where is routing taking place in your network? I am not sure about the question so i will answer what i know, we have cisco 2600 router, but thats not managed by us, its managed by other comany,
How is the connection from DHCP-server to the PC in question?Not sure, thats where i am stuck.
Does the DHCP-server have same network as your PC? No, both are on different subnet.
Is a switch in between with an IP helper adress configured?There is a switch but its a normal 5 port Netgear switch.
Does trafic go th. some device with filtering capacities?Yes it goes through Astaro Firewall, and i have to add the machine in that firewall so that it can access the browser.
Facet-Netwrok-Infrastructure.JPG
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 21988064
I F  Cisco 2950  is routing then 2810 should have
ip routing
AND  I F  Cisco 2950 has ip helper address configured, then
2810 should have the same.

As PC used for test I would use one known to work in the old setup.

HTH
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22004296
I am not sure if the old Cisco had been configured to use IP helper or not, not sure how to check it.
Also the PC i used for testing used to work with the old setup.
If i do IPconfig/all on my worksations (with the old setup with Cisco), i get this.


Windows IP Configuration

        Host Name . . . . . . . . . . . . : Computer Name
        Primary Dns Suffix  . . . . . . . : Company Name.Local
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : Company Name.Local
                                           

Ethernet adapter Local Area Connection 4:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet8
        Physical Address. . . . . . . . . : 00-50-56-C0-00-08
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.x.x
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 192.168.11.x
        Primary WINS Server . . . . . . . : 192.168.11.x
        Lease Obtained. . . . . . . . . . : Monday, 14 July 2008 16:20:20
        Lease Expires . . . . . . . . . . : Monday, 14 July 2008 16:50:20

Ethernet adapter Local Area Connection 3:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet1
        Physical Address. . . . . . . . . : 00-50-56-C0-00-01
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.204.x
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
        DHCP Server . . . . . . . . . . . : 192.168.204.x
        Lease Obtained. . . . . . . . . . : Monday, 14 July 2008 16:20:20
        Lease Expires . . . . . . . . . . : Monday, 14 July 2008 16:50:20

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : Company Name.Local
        Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network C
onnection
        Physical Address. . . . . . . . . : 00-1A-6B-5B-00-68
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 10.50.10.x
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 10.50.10.x
        DHCP Server . . . . . . . . . . . : 192.168.0.x
        DNS Servers . . . . . . . . . . . : 192.168.0.x
        Primary WINS Server . . . . . . . : 192.168.0.x
        Lease Obtained. . . . . . . . . . : Monday, 14 July 2008 15:19:15
        Lease Expires . . . . . . . . . . : Tuesday, 22 July 2008 15:19:15

Ethernet adapter Local Area Connection 2:

        Media State . . . . . . . . . . . : Media disconnected
        Description . . . . . . . . . . . : TAP-Win32 Adapter V8
        Physical Address. . . . . . . . . : 00-FF-4C-89-E8-10


And when I do IPConfig/all on the DHCP(i.e. Microsoft SBS) server, I get this;


Windows IP Configuration

   Host Name . . . . . . . . . . . . : Windows SBS
   Primary Dns Suffix  . . . . . . . : Company Name.Local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : Company Name.Local

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-11-09-AF-45-B8
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.x
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.x
   DNS Servers . . . . . . . . . . . : 192.168.0.x
   Primary WINS Server . . . . . . . : 192.168.0.x

But when i connect it to HP switch i get allocated an IP address with the range of 169.x.x.x with limited access, i think its not able to get through to DHCP server.
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22013474
and when i issue ip routing command on HP switch, it doest recognise routing, means it doesnt run.
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22013610
Correct me if i am worng, i am not going to give any IP to the switch i am just going to assign it a default gateway of 192.168.0.254, and i am going to apply these settings.

Switch(config): ip default-gateway 192.168.0.254 (Default gateway address of the server)

VLAN2 (Desktops): 10.50.10.1 255.255.255.0 (port 9-45 untagged)

Vlan3(Auth.Server): 10.50.11.1 255.255.255.0 (Port 4-9 untagged)


The current scope options on the DHCP server are:
Servername [192.168.0.1]
Scope [10.50.10.0] Desktops
Ip's for distribution: 10.50.10.1 - 10.50.10.99
Scope options:
Router-->10.50.10.254
DNS Server-->192.168.0.1
WINS/NBNS Servers-->192.168.0.1
WINS/NBT Node Type-->0*8

Scope [192.168.0.0] Servers
IP's for distribution: 192.168.0.10 - 192.168.0.200
Router--> 192.168.0.254
DNS server -->192.168.0.1
WINS/NBNS Servers-->192.168.0.1


0
 
LVL 21

Expert Comment

by:from_exp
ID: 22013665
if you are migrating from cisco switch to hp switch it is goog to compare configurations:
please provide me with your cisco and hp configs.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:usmansultan
ID: 22013720
Cisco Switch
 
Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/1                        notconnect   3            auto   auto 10/100BaseTX
Fa0/2                        connected    3          a-full  a-100 10/100BaseTX
Fa0/3                        connected    2          a-full  a-100 10/100BaseTX
Fa0/4                        notconnect   2            auto   auto 10/100BaseTX
Fa0/5                        connected    2          a-full  a-100 10/100BaseTX
Fa0/6                        connected    2          a-full  a-100 10/100BaseTX
Fa0/7                        connected    2          a-full  a-100 10/100BaseTX
Fa0/8                        connected    2          a-full  a-100 10/100BaseTX
Fa0/9                        notconnect   2            auto   auto 10/100BaseTX
Fa0/10                       notconnect   2            auto   auto 10/100BaseTX
Fa0/11                       notconnect   2            auto   auto 10/100BaseTX
Fa0/12                       connected    2          a-full  a-100 10/100BaseTX
Fa0/13                       notconnect   2            auto   auto 10/100BaseTX
Fa0/14                       connected    2          a-full   a-10 10/100BaseTX
Fa0/15                       connected    2          a-full  a-100 10/100BaseTX
Fa0/16                       connected    2          a-full  a-100 10/100BaseTX
Fa0/17                       connected    2          a-full  a-100 10/100BaseTX
Fa0/18                       connected    2          a-full  a-100 10/100BaseTX
Fa0/19                       connected    2          a-full  a-100 10/100BaseTX
Fa0/20                       notconnect   2            auto   auto 10/100BaseTX
Fa0/21                       notconnect   2            auto   auto 10/100BaseTX
 
Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/22                       connected    2          a-full  a-100 10/100BaseTX
Fa0/23                       notconnect   2            auto   auto 10/100BaseTX
Fa0/24                       notconnect   2            auto   auto 10/100BaseTX
Gi0/1                        connected    trunk      a-full a-1000 10/100/1000BaseTX
Gi0/2                        connected    trunk      a-full a-1000 10/100/1000BaseTX
switch1#
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22013747
i keep changing the configuration of HP switch because i am not sure how to replicate that, it looks quite easy but when i replicated it, it didnt work, the reason i found was because when i connected my machine with the HP switch it was not able to get IP from the DHCP server, it got an IP address of 169.254.218.201; GW: 169.254.150.177, not sure from where it got these IP's, because they dont exist on our network, and i am not sure whether i should provide IP to the HP switch and VLAN's or not, because on Cisco switch there were no IP's given either to switch or to VLAN's, not sure how they work without it.
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22013754
no,no I want CONFIG from cisco:
show running-config
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22013799
switch1#show run
Building configuration...

Current configuration : 2653 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname switch1
!
enable secret 5 $1$bLVE$casHwhBk2NCRxhSvbpcvx/
!
ip subnet-zero
!
no ip domain-lookup
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/2
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 2
 switchport mode access

interface FastEthernet0/7
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/8
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/9
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/10
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/11
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/12
 switchport access vlan 2
 switchport mode access

interface FastEthernet0/13
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/14
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/15
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/16
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/17
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/18
 switchport access vlan 2
 switchport mode access

interface FastEthernet0/19
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/20
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/21
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/22
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/23
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/24
 switchport access vlan 2
 switchport mode access

interface GigabitEthernet0/1
 switchport mode trunk
!
interface GigabitEthernet0/2
 switchport mode trunk
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan2
 no ip address
 no ip route-cache
!
interface Vlan3
 no ip address
 no ip route-cache
 shutdown
!
ip http server
!
line con 0

login
line vty 0
 password
 login
line vty 1 4
 login
line vty 5 15
 login
!
!
end

0
 
LVL 21

Expert Comment

by:from_exp
ID: 22013826
hm, nothing interesting, can you provide me with your current hp config, also, please
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22013892
HP running config....

Switch# show run

Running configuration:

; J9022A Configuration Editor; Created on release #N.11.06

hostname "Switch"
snmp-server contact "Networks"
time timezone 10
mirror-port 10
interface 1
   lacp Passive
exit
interface 4
   lacp Passive
exit
interface 5
   lacp Passive
exit
interface 6
   lacp Passive
exit
interface 7
   lacp Passive
exit
interface 8
   lacp Passive
exit
trunk 2-3 Trk1 Trunk
ip timep manual 192.168.0.1 interval 1
snmp-server community "switch1" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged Trk1
   no ip address
   no untagged 1,4-48
   ip proxy-arp
   exit
vlan 3
   name "Auth Server"
   no ip address
   tagged 1,4-8
   ip proxy-arp
   exit
vlan 2
   name "Desktops"
   untagged 9-48
   no ip address
   tagged Trk1
   ip proxy-arp
   exit
vlan 4
   name "FTP"
   no ip address
   exit
vlan 5
   name "Wireless"
   no ip address
   exit
interface 9
   monitor
   exit
spanning-tree
spanning-tree Trk1 priority 4
password manager
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22013951
On HP switch we have decided to put more VLAN's, so ip routing command doesnt run on HP, not sure why, also i have mentioned the scope options on our DHCP server.
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22014003
i can not find dhcp server on your picture. can you point me where it is
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22014009
normally, when you have multiple vlans with dhcp clients in them, and single dhcp server only in one server vlan, then you should have dhcp relay configured on the switch.
it is done by ip helper address on the cisco. and possible, with the same command on procurve
0
 
LVL 17

Accepted Solution

by:
jburgaard earned 250 total points
ID: 22020882
Now it seems that no routing is taking place at the Cisco, you want to replace.
Then it should not be needed with routing and IP helper adress in new HP-switch.

As we now have a config of the old switch, perhaps it is possible to guess how you want the new setup:

config
interface 1-48
no lacp
exit
no trunk 2-3
vlan 1
   name "DEFAULT_VLAN"
   untagged 47,48
   no ip address
   no untagged 1-46
   no ip proxy-arp
   exit
vlan 3
   name "Auth Server"
   no ip address
   untagged 1-2
   tagged 47-48
   no ip proxy-arp
   exit
vlan 2
   name "Desktops"
   untagged 3-46
   no ip address
   tagged 47-48
   no ip proxy-arp
   exit
vlan 4
   name "FTP"
   no ip address
   tagged 47-48
   exit
vlan 5
   name "Wireless"
   tagged 47-48
   no ip address
   exit
no spanning-tree 47-48 edge-port
spanning-tree 47-48 priority 4
write mem

-here the Astaro Securtiy Gateway V7 can be connnected to port 47 or port 48 (used to be GigabitEthernet0/1 or  GigabitEthernet0/2) - all vlans in the links.
-Auth Server on port 1 or port 2 (used to be FastEthernet0/1 or FastEthernet0/2)
-PC's on all other ports

HTH
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22021639

I am not sure if i have to use IP helper or not, anyways i am going to paste ipconfig from my machine and from the DHCP (Microsoft SBS) server, kindly have a look at it, and then i will ask some questions.

IPConfig/all from my machine.

Windows IP Configuration
Host Name . . . . . . . . . . . . : BNE01-053ws
Primary Dns Suffix . . . . . . . : Company.LOCAL
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Company.LOCAL
Company.LOCAL
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.11.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.11.254
Primary WINS Server . . . . . . . : 192.168.11.2
Lease Obtained. . . . . . . . . . : Thursday, 17 July 2008 10:24:28
Lease Expires . . . . . . . . . . : Thursday, 17 July 2008 10:54:28
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for
VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.204.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.204.254
Lease Obtained. . . . . . . . . . : Thursday, 17 July 2008 10:24:28
Lease Expires . . . . . . . . . . : Thursday, 17 July 2008 10:54:28
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Company.LOCAL
Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network C
onnection
Physical Address. . . . . . . . . : 00-1A-6B-5B-00-68
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 10.50.10.53
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.50.10.254
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Primary WINS Server . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Tuesday, 15 July 2008 16:37:34
Lease Expires . . . . . . . . . . : Wednesday, 23 July 2008 16:37:34
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : TAP-Win32 Adapter V8
Physical Address. . . . . . . . . : 00-FF-4C-89-E8-10

 
IpConfig/all from the DHCP Server.

Windows IP Configuration
Host Name . . . . . . . . . . . . : bne01-001sv
Primary Dns Suffix . . . . . . . : Company.LOCAL
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : Company.LOCAL
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-11-09-AF-45-B8
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.254
DNS Servers . . . . . . . . . . . : 192.168.0.1
Primary WINS Server . . . . . . . : 192.168.0.1
 
1) Now do i have to give an IP address/Default GW to the switch, if yes then what IP addresses should i define for these.
2)If i have to use the IP helper command how i will use it, means how will i define the IP addresses for this command, should i use these IP's for VLAN2;
ip address: 10.50.10.1 255.255.255.0
ip helper-address: 10.50.10.1
and for VLAN3;
Ip address: 10.50.11.1 255.255.255.0
ip helper-address: 10.50.11.1
3)I have already posted the scope for the DHCP server yesterday at 04:26PM,  now do i have to define any new subnets under the DHCP scope.
4)Do i have to add these subnets under Astaro firewall.
 
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22022033
I have received a call from HP Tech, and he told me that the ip helper will not work on this switch, and the reason why i need the ip-helper command is because we have two different subnets, and we need ip helper so that two subnets will be able to talk across each other, is he right?
 
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22022048
and its a Layer 2 Switch.....
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22022552
hm, take a look here:
ftp://ftp.hp.com/pub/networking/software/AdvTraff-Oct2005-59908853-Chap07-IProuting.pdf

it is possible, that you will need dhcp server at each vlan :(
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22022594
Do you guys agree with what HP tech has said....that its a layer two switch and similar results cannot be obtained on this, it can only be done if i link two switches.........
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22022596
its an HP PRO CURVE 2810 switch.
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22022736
Its getting no where....
what if i wont migrate, means i keep both the switches, but i want to link the two switches, how can link both of them, the HP Pro switch provides gigbyte connection so can i link the Cisco switch and pass the VLAN information and connect my desktops to HP switch.
What configuration i need to do on the switches.......
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22022741
The two switches that i am referring to are Cisco 2950 switch and HP Pro Curve 2810 switch.
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22022853
you can configure both to use gigabits.
so on cisco config will look like:
conf t
int gi0/1
switchport
switchport mode trunk
switchport allowed vlans 1-3
end

on hp config should look very similar
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22023000
Do i have to set up VLAN's on HP switch?
Also if you have looked at my cisco runinng configuration these two interfaces exist on the switch.
interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
switchport mode trunk
 
So if i am not wrong i have to go into config mode on cisco switch and run,
switchport allowed vlans 1-3.
Right.
and on the cisco switch port; 1-2 connects to Auth. Server (VLAN3), and from port 3-24 it connects to desktops (VLAN2), and there are two gigabyte ports which connects to the firewall.
So which port i have to use to connect the cisco switch to the HP switch?
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22023271
if you don't have spare gig, then you should use 100M port :( do you need both FW ports to be 1G?
and yes, you have to setup vlans on hp.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 22023580
did you read my post Date:07.16.2008 at 03:47PM PDT?
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22026234
i dont need both the ports to be 1 gig, so you reccom, i should use one of these ports and connect it to the HP switch?, also do i have set any IP addresses or default GW on the HP yes....if yes then which IP's should i give?
Jburgaard; are you refferring to your post that you posted on 7:17.2008 at 8:47, because i cant find the post that you are mentioning....
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 22026923
cut&paste gives:
ID:22020882Author:jburgaardDate:07.16.2008 at 03:47PM PDT
-so things looks different where you are :-)

some point are:
1) run the switch as a layer 2 device, because Cisco is config'ed that way
2) to make vlans work: get rid of trunks, in a HP-config the term used is 'tagging'

HTH
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22028971
hi.
in case when you are going to use your switch as simple L2 connected to cisco, it needs ip and default gw only for management, so you configure only vlan 1 (if it is management vlan) with ip.
if you don't want to connect to switch remotely you don't need to create ip addresses on hp at all
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22031490
I am going tp connect to the switch through the serial port, but as you guys said i have to create VLANs on the HP switch, so if i only create VLAN1 as from_exp, suggested how its going to pass the information from both the VLANs on cisco to HP, do i need extra  VLAN's setted up on the HP? i am bit confused on which port should i use to connect both the switches, because i will assign the ports on the HP switch for the VLAN,so which port on HP switch should i dedicate for Cisco connection,on which VLAN it should be, or should i leave it without assigning it any VLAN?
Also which port can i use on the Cisco switch to connect it to HP switch,both the firewalls ports are connected to two Unix firewall boxes, so should i use one of them, if i use one of them where i will connect the other firewall port.?or can i use any other port, if i can use any other port then from which VLAN port i can use,
1-2 connects to Auth. Server (VLAN3), and from port 3-24 it connects to desktops (VLAN2), and there are two gigabyte ports which connects to the firewall.
 I am planning to test it out today, so please if you can guys help me out before that i would be highly grateful...
Thanks.
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22033127
hi!
let me explain my vision of your network:
you are going to add additional 48 ports to your network, so I suppose, you can move one of the FW gig ports in cisco to HP gig port.
We need that gig cisco port to interconnect switches. on HP we can use port 48
so cisco port should look like:
conf t
int gi0/1
switchport
switchport mode trunk
switchport allowed vlans 1-3
end
procurve port 48 should be configured accordingly (not a hp expert, sorry ) - tagged with all 3 vlans allowed.
and sure thing procurve should have all 3 vlans created.
I would suggest using port 47 for firewall, so this port should also be tagged with all 3 vlans allowed.


0
 
LVL 1

Author Comment

by:usmansultan
ID: 22033216
I had a chat with the HP tech, he reccommends that if i take out the gigabyte (FW) port it will take out the network, so he is saying use any other port, but trunk (tag) it,
there are two VLAN's and both the vlans have different subnet's, VLAN2 has 10.50.10.254/24 and VLAN3 has 192.168.0.254/24, now if i use the switchport allowed vlans 1-3 command would it restrict the vlans?And can i use any other port, lets say port 6 which comes under VLAN2, and if i use port 6 on VLAN 2 do i have to do anything on VLAN3 because its a different subnet.
i just thought i will let you know, i will do whatever you say.
if anything goes wrong and i want to take out the "switchport mode trunk" from that port how i will do it, would it be like this
"no switchport mode trunk" (and it will stop broadcasting the information for vlan and it will come back to its original settings.)
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22033267
hi
to change ports from trunk and back to access:
switchport mode trunk/switchport mode access
switchportr trun allowed vlans 1-3 - if you have more vlans, you have name them also, because when you don't issue this command all vlans are allowed on particular port, however I think that it is not a very good idea to allow all, instead of exactly what you need

you can save cisco's port 6 config and change it to trunk, and then you can paste back saved config to undo changes.
as for gig ports, I don't think that this is a good idea trunking 48 gigs via single 100M port. just imagine oversubscription ratio!
and it is not clear to me, why you can't place one of the FW ports (as I understand both gigs on cisco are used by FWs) to HP...
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22033335
Thanks.
The tech from HP told me that my network will be disturbed if i take out one of the FW ports from there, he said that after looking at the diagram that i have posted over here as well.
The two firewall ports are already configured as trunk ports, if you look at my cisco config.
interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
switchport mode trunk

Now the only thing i need to add is this (correct me if i am wrong)
conf t
int gigabitethernet0/2
switchport allowed vlans 1-3
end
and if anything goes wrong and i want to go back to old settings i have to do this;
switchport mode trunk/switchport mode access

right.
and on HP switch i have created two VLAN's, and assign it a default GW of 192.168.0.254/24 (for managebility) if the Default GW is not required let me know.
Also i am going to tag the port 48 on hp switch which comes under all VLAN.
Please let me know if whatever i have written is right.  

 
 
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22033416
if i take out one of the firewall ports, and connect it back again it sends out this message;  

HA node is now Slave

--
HA Status : HA SLAVE (node id: 2)
System Uptime : 95 days 6 hours 24 minutes
System Load : 0.45
System Version : Astaro Security Gateway 7.104

Please refer to the manual for detailed instructions.
0
 
LVL 21

Assisted Solution

by:from_exp
from_exp earned 250 total points
ID: 22033506
hm...
wrong
so gi0/1 and gi0/2 are interfaces of FW, which works in failover mode.
you don't need to add this
conf t
int gigabitethernet0/2
switchport allowed vlans 1-3
end
if the port is occupied by firewall
however, I would recommend you to make a try to unplug FW (do not make and changes to port), plug your HP port 48(configured as tagged for all needed vlans), and then plug FW to port 47 (also configured tagged for all needed vlans).
after that FWs should be able to sense each other again and you can try to unplug second FW port from cisco to chech if you can reach internet via FW plugged to HP
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22038097
ok if i got you right you asked me to take out the firewall port from cisco switch, plug in the uplink cable from cisco to the HP port (i.e 48), and the firewall cable that i took out from cisco switch, plug it to hp port #47.
If that doesnt work then i should use the switchport allowed vlans 1-3, command, and if that doesnt work, what shoud i do.
and how i will take out this command that i have run on the cisco switch.

0
 
LVL 21

Expert Comment

by:from_exp
ID: 22038634
if you don't save config, than simple reboot returns switch to orinal state.
tagging between cisco and hp should be configured!
(cisco port is in trunked mode and allows all vlans, so just configure port 48 and 47 on procurve)
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22042174
I dont need to add this;
conf t
int gigabitethernet0/2
switchport allowed vlans 1-3
end
 
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22045342
at this time - no, but later, I would do that, because you don't need all vlans to be there, but only needed
0
 
LVL 1

Author Closing Comment

by:usmansultan
ID: 31469621
Thanks a ton, for helping me, i appreciate your help and time that you have spent to answer my questions.
0
 
LVL 1

Author Comment

by:usmansultan
ID: 22107821
Its done, thanks a lot for both of you...
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Large and small networks have one same need, Service monitoring. Service monitoring consists of watch services of the several servers in the network. To monitor means that the administrator will receive an alert when a service is down or it's state …
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now