Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

HP MANAGEABLE SWITCH QUESTION

Posted on 2011-09-21
8
Medium Priority
?
394 Views
Last Modified: 2012-05-12
Im having a big problem in our network, im almost sure, the problem is the switch.

I believe the problem is on the VLAN or somethingm could someone analize this for us?

The problem is that our firewall is not reaching or reach only sometimes the trust network, it is a problem that come and goes.. sometimes, from the firewall i can ping the address 192.168.12.30, and sometime i cant...  we tried everything, the last resort is the problem on the switch..



; J9279A Configuration Editor; Created on release #Y.11.12

hostname "secmonde-switch1"
mirror-port 13
web-management ssl
interface 1
   name "ssg140-0/0"
exit
interface 2
   name "R510-1-Gb1"
exit
interface 3
   name "R510-2-Gb1"
exit
interface 4
   name "ssg140-0/5"
exit
interface 5
   name "R510-1-Gb2"
exit
interface 6
   name "R510-2-Gb2"
exit
interface 7
   name "R510-1-vmnic2"
exit
interface 8
   name "R510-1-vmnic6"
exit
interface 9
   name "R510-2-vmnic2"
exit
interface 10
   name "R510-2-vmnic6"
exit
interface 11
   name "ssg140-0/8"
exit
interface 12
   name "ssg140-0/9"
exit
interface 13
   name "R510-1-vmnic3"
exit
interface 14
   name "R510-1-vmnic7"
exit
interface 15
   name "R510-2-vmnic3"
exit
interface 16
   name "R510-2-vmnic7"
exit
interface 17
   name "backup-monde"
exit
interface 23
   name "ssg140-0/1"
exit
trunk 1,23 Trk1 Trunk
ip default-gateway 192.168.43.1
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged 2-3,5-10,17-22,24,Trk1
   no ip address
   no untagged 4,11-16
   exit
vlan 43
   name "MANAGEMENT"
   untagged 4
   ip address 192.168.43.253 255.255.255.0
   exit
vlan 11
   name "DMZ-1"
   untagged 11
   no ip address
   tagged 13-16
   exit
vlan 12
   name "DMZ-2"
   untagged 12
   no ip address
   tagged 13-16
   exit
vlan 13
   name "VMotion"
   no ip address
   tagged 2-3,5-6
   exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
spanning-tree Trk1 priority 4
ip ssh
password manager

0
Comment
Question by:manolocruz
  • 6
8 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 36577471
There's not NEARLY enough information here.

Where's the firewall?

Where is 192.168.12.30?

Where is the routing being done at?

Why don't you think the problem is with the firewall?
0
 

Author Comment

by:manolocruz
ID: 36577495
firewall is SSG140 on interface 1 interface 23,

192.168.12.30 is the VMWARE MANAGEMENT

Routing.. good question, nowhere, on the ssg140, which is also the firewall maybe.
0
 

Author Comment

by:manolocruz
ID: 36577573
the SSG is a secure gateway which also does routing.
0
WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

 

Author Comment

by:manolocruz
ID: 36577991
but there is no route on the same network, while i am inside a 12.xxx machine, i need no route to reach another 12.xxx machine, am i right?
0
 
LVL 47

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 36579902
You have the ports on the switch where the firewall connects configured as a trunk.

I would disconnect one of the links from the firewall and see if the problem persists.  If it does, reconnect that link and remove the other one then check again.  If this solves the problem you should look at the configuration of the firewall to see if it does active/active load-balancing across the NICs or not.

I'm guessing this is a mismatch between the config on the firewall and the switch.
0
 

Author Comment

by:manolocruz
ID: 36583405
i on the road now, will test as soon as get in the office.
0
 

Author Comment

by:manolocruz
ID: 36585196
Craig, firewall pings switch and switch pings firewall, switch do not ping virtual machines...

I tried to disconnect ports 1 and then 23, problem persisted.

i am start considering hardware failure on the switch.

Any other ideas?
0
 

Author Closing Comment

by:manolocruz
ID: 36925665
Just disconnected one of ports and problem is gone, still need to found out WHY the problem is occuring, probably a fault cable or switch port.
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question