Link to home
Start Free TrialLog in
Avatar of Glenn Manry
Glenn Manry

asked on

VLAN Issue

I am setting up a VLAN according to the attached diagram. I am not sure this will work, as the firewall will be at a remote location that receives its internet from my location, BUT I also want direct access to their network at my location. The issue is the ISP connection. I want those ports to be without an IP configuration (HP Procurve IP set to disabled). Do, I have that traffic be tagged. My understanding on Procurves is that I can have one port on a VLAN be untagged traffic.

Previously I had problems with the ISPs ARP tables and these switches if they were not set to IP disabled. So, I want the VLAN attached to the external ports and the ISP to basically be "dumb," but still have the VLAN to the internal network. Please see the attached diagram.
VLAN.pdf
ASKER CERTIFIED SOLUTION
Avatar of Andy Bartkiewicz
Andy Bartkiewicz

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Andy Bartkiewicz
Andy Bartkiewicz

Also Port 3 on the top switch will need to be a routed port and set as the gateway of last resort
Avatar of Glenn Manry

ASKER

I apologize, the dotted lines in my diagram are for implication of connection via the trunk. I made that diagram for lay people, and I left out some explanatory text in order to mask specifics.

So, I have the trunk and the VLAN 10 and 20 for the proper separation of functions. However, my FW is doing the routing. Should I change the layer 3 switch to a layer 2?

Thanks.
I believe the layer 3 switch is interfering with the setup. I am going to re-implement with two layer two switches.