Solved

VLAN HP Switch procurve

Posted on 2010-11-08
4
866 Views
Last Modified: 2012-05-10
in this case I have HP Switch 2610-24 (J9085A)

Engineer Dept. using (172.16.0.0 /16) port 1,2
Accountant Dept. using (172.17.0.0 /16) port 3,4
IT Dept. using (172.20.0.0 /16 ) port 7,8
Network Printer IP (172.21.1.1/16) port 6

1. All the Dept. Can Print.
2. IT Dept. Can Access to all PCs. in all Dept.
3. Account Dept. can NOT access to Engineer Dept.

I need switch Configuration.  
 
 
Drawing12.png
0
Comment
Question by:AymanDasa
  • 2
4 Comments
 
LVL 17

Accepted Solution

by:
jburgaard earned 500 total points
Comment Utility
config
vlan 16
 name "eng"
 ip address 172.16.0.1 255.255.0.0
 untag 1,2
 exit
vlan 17
 name "account"
 ip address 172.17.0.1 255.255.0.0
 untag 3,4
 exit
vlan 20
 name "it"
 ip address 172.20.0.1 255.255.0.0
 untag 7,8
exit
vlan 21
 name "print"
 ip address 172.21.0.1 255.255.0.0
 untag 6
exit
ip routing
access-list extended "101" deny ip 172.17.0.0/16 172.16.0.0/16
access-list extended "101" permit ip any any
interface 3-4 access-group "101" in
exit
write mem

Clients should have IP settings matching their vlan
with default-gateway=IP-address of switch in respective vlan.

for ACL refer to
http://cdn.procurve.com/training/Manuals/2610-Security-Oct2008-59918642.pdf
(please be aware, netmasks in ACL's are 'reversed')

Hope this is helpfull
0
 
LVL 5

Expert Comment

by:evil_hitman
Comment Utility
What configuration have you got so far?
where is your print server located?
Is this real world or a school assignment?
0
 

Author Closing Comment

by:AymanDasa
Comment Utility
YES !!!! THANKS jburgaard
0
 

Author Comment

by:AymanDasa
Comment Utility
Dear evil_hitman

in real world I have 9 departments
Eng. (15 users) , constructor(21 users), IT(3 users), Finance(2 users), Auditor(3 users), Accountant(10 users), sales(13 users), HR (3 users) and purchasing(9 users) .
and I have 6 Network Printer HP 1500n
all in one building.

so I minimize the network to make it easy to understandable for other.

I need to know the concept of access-list ,then I well do it in my way


thanks for your interest.

0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now