• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1705
  • Last Modified:

ProCurve 5406zl Inter-VLAN routing issue

I have a ProCruve 5406zl as my core switch of my production network.  I only have two modules installed.  The whole switch is one VLAN.  I'm trying to test out inter-vlan routing on a few ports before i go wide spread.

My general setup is as follows:
Router's Internal IP: 10.10.45.119

ProCruve Info:
VLAN1 IP 10.10.45.34
VLAN15 IP 10.10.15.34

I've typed in IP Routing already.

VLAN one (which has other switches connected to VLAN 1 by default) can all get to the internet.

I would like to allow VLAN15 to access vlan 1 and get to the internet.

Currently my test computer is plugged directly into the one port (19) that is on VLAN 15 (untagged). and i have my ip set up as 10.10.15.15.  The default gateway is 10.10.15.34.

I can ping 15.34, but i can not ping 45.34 or any other ip on the other network execpt 10.10.45.35 (which i can not figure out why).

Can you please assist with this?

Please let me know if you have any questions.

Robert
0
rwiltzius
Asked:
rwiltzius
1 Solution
 
TimotiStCommented:
Your devices on vlan1 are set up with a default gateway of 10.10.45.119.
If anyone tries to communicate with them from another subnet (in your case 10.10.15.x), they'll send packets to the gateway, instead of the switch, which provides inter-vlan routing.
Another highly possible problem is that your firewall/router (10.10.45.119) does not know about your 10.10.15.x subnet, so it won't route there, and won't NAT your connection towards the internet.

You have a lot of possible solutions:
- Make a static route to 10.10.15.x on all your devices, including your router, and set up NAT properly.
or
- Set up a separate subnet between the core switch and router, set up the router with static routes to the existing subnets, and use your switch as the default gw for your client devices. Also set up proper NAT on the router
or possibly a lot of more elegant solutions.

Tamas
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now