• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2140
  • Last Modified:

HOW TO CONFIGURE VLANS TO ACCESS THE INTERNET

Dear All,  I am setting up one hp procurve switch in the network. This switch is 2610 and I have created two valn on it.
                Vlan 1: 10.1.1.250
                Vlan 2: 192.168.1.250
                Gateway: 10.1.1.253 (firewall)
                Dns server : 10.1.1.101

                Now, I am able to ping and access each other vlan but I am not able to browse the internet.

Please check the below configuration and suggest the best way of doing that , and if this is not the right configuration then guide me the best way of doing that.
---------------------------------------------------------
Running configuration:

; J9086A Configuration Editor; Created on release #R.11.04

hostname "ProCurve Switch 2610-24/12PWR"
ip default-gateway 10.1.1.253
ip routing
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged 1-12,25-28
   ip address 10.1.1.250 255.0.0.0
   no untagged 13-24
   exit
vlan 2
   name "VLAN2"
   untagged 13-24
   ip address 192.168.1.250 255.255.255.0
   exit
---------------------------------------------------------------

0
prologixme
Asked:
prologixme
  • 3
1 Solution
 
ionut_mirCommented:
Did you configured the firewall to permit the 192.168.1.x IP's too? And, of course, to "NAT" them?
0
 
ionut_mirCommented:
Also, you will have to configure one port as a trunk:

vlan 2
untagged....
ip add....
tagged 25 - or the number of the port that is connected to the firewall.

The same in vlan 1 (tag the same port).
0
 
prologixmeAuthor Commented:
SUPPOSE IF I TAG PORT 25 FOR VLAN 1 AND VLAN2 THEN THAT PORT SHOULD I NEED TO CONNECT TO FIREWALL (10.1.1.253) ?

IF YES, THEN DO I NEED TO CREATE VLAN 1 AND VLAN 2 ON FIREWALL INTERFACE ALSO?
0
 
ionut_mirCommented:
I assumed that you use the firewall to connect to the internet and also for intervlan routing. I have to admit that I don't really know how you can do this. But, if it works like a router, you should create subinterfaces: one in 10.1.1.x and one in 192.168.1.x

Hope this will work!
0
 
ciscoml320Commented:
Assuming the firewall is connected to an access port which is on vlan 1, you do not need to do trunking with the firewall (Subinterfaces).  I am also assuming this switch is a L3 switch, so it will do the routing itself (proven by you being able to ping accross the vlans ).  Can you confirm that you can ping or trace to external host from vlan1 and NOT from VLAN2? if that is the case, you will only need to add a static route on the firewall to route to 192.168.1.0/24 through 10.1.1.250.

To take this one step further, depending on your firewall, you can implement RIP between the FW and the Switch (assuming they both support it)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now