Question : Procurve 2824 vlans and subnets problem

Hi all,

I'm new on vlan's but i tried to read and test everything i found to solve this issue.
maybe I'm not understanding how this work.

I have a HP Procurve 2824 and a 2524 I'm trying to set up 2 VLANs:
vlan-1 (moon-dmz) 192.168.10.0/24
vlan-2 (moon-int) 192.168.20.0/24

For now and since i don't have any space switch I'm working with only a few ports to test the setup
so i don't have really a big margin for error.

On the 2824:

- All servers on 192.168.10.0/24 subnet have a to exit on a Pix interface 192.168.10.254 that is connected on port 22
- All server have to communicate with the workstations on the 192.168.20.0/24 subnet
- Port 24 is here the uplink for the Procurve 2524 is connected
- Port 23 is here the Pix interface 192.168.20.1 is for internet access for subnet 192.168.20.0/24

 this is the config on 2824:

Running configuration:

; J4903A Configuration Editor; Created on release #I.08.87

hostname "HP-ProCurve-Switch-2824"
snmp-server contact "bla"
snmp-server location "Ba"
ip routing
snmp-server community "public" Unrestricted
vlan 1
   name "moon-dmz"
   untagged 1-9,11-22
   ip address 192.168.10.91 255.255.255.0
   no untagged 10,23-24
   exit
vlan 2
   name "moon-int"
   untagged 10,23
   ip address 192.168.20.60 255.255.255.0
   tagged 24
   exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high

only port 10 is on vlan-2 here my test laptop is with this ip configuration:
IP:192.168.20.2
NM: 255.255.255.192
GW: 192.168.20.60


On the 2524 is the configuration:
Running configuration:

; J4813A Configuration Editor; Created on release #F.05.52

hostname "HP-ProCurve-Switch-2524"
snmp-server contact "bla"
snmp-server location "Ba"
time daylight-time-rule None
cdp run
ip default-gateway 192.168.10.91
snmp-server community "public" Unrestricted
snmp-server host 192.168.10.157 "public"
vlan 1
   name "DEFAULT_VLAN"
   untagged 1-17,19-22,24-26
   ip address 192.168.10.90 255.255.255.0
   no untagged 18,23
   exit
vlan 2
   name "moon-int"
   untagged 23
   ip address 192.168.20.61 255.255.255.192
   tagged 18
   exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
ip route 192.168.20.0 255.255.255.0 192.168.10.91
no aaa port-access authenticator active
password manager
password operator

From my test laptop i can ping the 2 ip's of the 2824 switch i can ping vlan-2 but i cannot ping or comunicate with vlan-1
and i have to because there are all the servers that we need to work on.

What im i doing wrong here? Please help.

Thanks in advance
Ricardo

Answer : Procurve 2824 vlans and subnets problem

Connecting vlan sw.'
Agree with 1peterx: connect the 2 sw.'s with ONE link including both vlan 1 & vlan 2.
Same tagging in both ends, e.g. port 24:
 Vlan1
tagged 24
 vlan 2
tagged 24

Routing
As I see it, you can make routing in 2 different ways, the probem is the 2 PIX adr.'s (def.gatew.'s)

A) If you use gw. 192.168.10.254 on the 192.168.10.0 -network
and 192.168.20.1 as gw.  on the 192.168.20.0 -network,
then all servers and pc's will need a route to  the other internal network:

-on pc to find servers localy (instead of hitting def.gw):
 ROUTE ADD 192.168.10.0  MASK  255.255.255.0  192.168.20.60
-on server to reach PC's:
 ROUTE ADD 192.168.20.0  MASK  255.255.255.0  192.168.10.91

B) Make a default gw on the routing device (HP2824) like:
ip route  0.0.0.0  0.0.0.0  192.168.20.1

-and let the PC's hit HP 192.168.20.60 as the def.gw. (No route for 192.168.10.0 is needed as the L3-switch will provide routing)

-Servers should have PIX as def.gw. 192.168.10.254 , as you can only have one def.gw. on the hp2824, in this setup the servers would each need a route to  192.168.20.0 -network:
ROUTE ADD 192.168.20.0  MASK  255.255.255.0  192.168.10.91

on all devices netmask= 255.255.255.0

-hope this makes sense