Solved

HP Procurve Vlan routing

Posted on 2014-01-03
18
1,277 Views
Last Modified: 2014-07-02
I have been tasked with
1.setting up multiple scopes on our DHCP server.
2. Adding 1 scope to each switch as its own VLAN
3. allowing network traffic ie file sharing, printing, ect across all VLANS and switches
4. connecting all "client" switches to a core stack
5. connecting the core stack to the DHCP server so that it will hand out the appropriate DHCP address to computers attached to the "Client" switches.
All switches are HP Products New core switch is a HP E3800 and the old switch is a Procurve 2510

We are using
1.  Server 2008 for DHCP
     a. the DHCP server sits in the 10.10.40.xxx subnet
     b. The IP address of the DHCP server is 10.10.40.5
     c. our gateway firewall is at 10.10.41.1

The switching equipment is use is
1.  "Client" switches " HP Pro Curve 2510-48
2.  "Core" Switch HP E3800 24-g


relevant Scope options for newly created scope are
1.  router 10.10.40.1
2.  DNS servers 10.10.40.6
3. address range 10.10.21.xxx

Relevant scope options for old scope still in use are
1.  router 10.10.40.1
2. DNS servers 10.10.40.6
3. address range 10.10.40.xxx

at the moment I have gotten this far
1.  If i assign a static ip[ address to a workstation attached to the "Client" switch (2510) it can ping the 2510 and the E3800 but it will go no further than that.  I am unable to ping into the original scope og 10.10.40.xxx  

We will be adding several VLANS once we get the first on up and running.  I have attached the configs of both of the switches and would very deeply appreciate any help that could be provided.

Respectfully
Pat
E3800.txt
2510.txt
0
Comment
Question by:PatWrigley
  • 12
  • 5
18 Comments
 

Author Comment

by:PatWrigley
ID: 39754617
to further clarify, DHCP is not working from the 10.10.21.xxx scope across the E3800 down to the 2510 and out to workstations attached to the 2510 nor are statically assigned ip addresses able to get to the 10.10.40.xxx scope or the internet.
0
 
LVL 6

Expert Comment

by:Jordan Medlen
ID: 39754628
Looking over your configs, you stated above that your DHCP server is on 10.10.40.5 and your gateway firewall is on 10.10.41.1. However your configs show no connectivity to either one of those subnets. and on your 3800, your default gateway is 10.10.14.1. If indeed the subnets 10.10.40.x and 10.10.41.x do exist and are not typos, you'll need to create a vlan and l3 interface to extend connectivity to those segments.
0
 
LVL 6

Expert Comment

by:Jordan Medlen
ID: 39754635
I am also assuming that e1 on the 2510 is connected to e1/14 on the 3800, is this correct?
0
 

Author Comment

by:PatWrigley
ID: 39754639
The 3800 was misconfigured I have since corrected it to a gateway of 10.10.40.1 which is in fact the address of our gateway firewall.
0
 

Author Comment

by:PatWrigley
ID: 39754641
I am also assuming that e1 on the 2510 is connected to e1/14 on the 3800, is this correct? yes that is correct
0
 

Author Comment

by:PatWrigley
ID: 39754645
there is no 10.10.41.xxx subnet
0
 
LVL 6

Expert Comment

by:Jordan Medlen
ID: 39754762
Ok, now that's cleared up, however where does the 10.10.40.x network live? Is this beyond the 10.10.14.1 gateway address?
0
 

Author Comment

by:PatWrigley
ID: 39754943
the 10.10.14.1 gateway address was misconfigured on the E3800.  the correct gateway address is 10.10.40.1 which is the gateway firewall on the original 10.10.40.xxx subnet.
0
 
LVL 6

Expert Comment

by:Jordan Medlen
ID: 39755491
Ok, so the 10.10.40.1 address is the gateway. Your 3800 may have that as the default gateway, however there's no configured subnet on your 3800 to put an interface on the same network. You need to configure an interface to be in the same subnet in order for the rest of the subnets to be able to reach the DHCP server.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:PatWrigley
ID: 39755535
I currently have the DCHP server plugged into a untagged port with the default DHCP out of the box configuration on the 3800, it is currently assigned a static ip address in the 10.10.40.xxx range.  should I tag this port even though it goes directly from the 3800 to the NIC on the DHCP server?
0
 
LVL 6

Expert Comment

by:Jordan Medlen
ID: 39756100
No, you should leave it untagged in the VLAN that has the DHCP server. Make sure that the switch can ping the DHCP server as well. If it can, and ip routing is enabled, things should be working. If you could post an updated configuration for review, that would be helpful.
0
 

Author Comment

by:PatWrigley
ID: 39756982
I will post an updated config ASAP the switch can ping the server and ip routing is enabled.  Thank you for being willing to look at this for me.  It is very much appreciated.
0
 

Author Comment

by:PatWrigley
ID: 39761270
I should be back at work to test 1/8/2014 we have a snowmagedon here in central Illinois and I have been snowed in.
0
 

Author Comment

by:PatWrigley
ID: 39765613
OK here is where I am at this point.
From a client machine on the 10.10.21.xxx subnet with a statically assigned address

I can access the client switch at 10.10.21.3

I can access the the core switch (E3800) at 10.10.21.2

I can access the the statically assigned address for the E3800 at 10.10.40.93




That being said, from a DHCP machine on the original 10.10.40.xxx subnet

I can not access anything on the 10.10.21 subnet ping or otherwise





From the management interface on the E3800 at 10.10.40.93

I can ping into the 10.10.21.xxx subnet

Ip routing is enabled, do I need to add a static route and if so what do you think it should be?

Respectfully
Pat
DHCP-Scope.jpg
E3800--2-.txt
client-switch.txt
0
 

Accepted Solution

by:
PatWrigley earned 0 total points
ID: 39772464
This issue has been resolved.  It was na issue with ip routing on the core switch pointing to our gateway firewall.  One I entered the route statements into the gateway, everything began working perfectly.  Thank you for your help :)
0
 

Author Comment

by:PatWrigley
ID: 39772469
Solution
0
 

Author Closing Comment

by:PatWrigley
ID: 39781839
Gateway router needed route statements.
0
 

Expert Comment

by:vnhshelpdesk
ID: 40172028
Would you mine posting the route statements?
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now