Question : Procurve 2824 vlans and subnets problem

Hi all,

I'm new on vlan's but i tried to read and test everything i found to solve this issue.
maybe I'm not understanding how this work.

I have a HP Procurve 2824 and a 2524 I'm trying to set up 2 VLANs:
vlan-1 (moon-dmz) 192.168.10.0/24
vlan-2 (moon-int) 192.168.20.0/24

For now and since i don't have any space switch I'm working with only a few ports to test the setup
so i don't have really a big margin for error.

On the 2824:

- All servers on 192.168.10.0/24 subnet have a to exit on a Pix interface 192.168.10.254 that is connected on port 22
- All server have to communicate with the workstations on the 192.168.20.0/24 subnet
- Port 24 is here the uplink for the Procurve 2524 is connected
- Port 23 is here the Pix interface 192.168.20.1 is for internet access for subnet 192.168.20.0/24

this is the config on 2824:

Running configuration:

; J4903A Configuration Editor; Created on release #I.08.87

hostname "HP-ProCurve-Switch-2824"
snmp-server contact "bla"
snmp-server location "Ba"
ip routing
snmp-server community "public" Unrestricted
vlan 1
name "moon-dmz"
untagged 1-9,11-22
ip address 192.168.10.91 255.255.255.0
no untagged 10,23-24
exit
vlan 2
name "moon-int"
untagged 10,23
ip address 192.168.20.60 255.255.255.0
tagged 24
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high

only port 10 is on vlan-2 here my test laptop is with this ip configuration:
IP:192.168.20.2
NM: 255.255.255.192
GW: 192.168.20.60

On the 2524 is the configuration:
Running configuration:

; J4813A Configuration Editor; Created on release #F.05.52

hostname "HP-ProCurve-Switch-2524"
snmp-server contact "bla"
snmp-server location "Ba"
time daylight-time-rule None
cdp run
ip default-gateway 192.168.10.91
snmp-server community "public" Unrestricted
snmp-server host 192.168.10.157 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 1-17,19-22,24-26
ip address 192.168.10.90 255.255.255.0
no untagged 18,23
exit
vlan 2
name "moon-int"
untagged 23
ip address 192.168.20.61 255.255.255.192
tagged 18
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
ip route 192.168.20.0 255.255.255.0 192.168.10.91
no aaa port-access authenticator active
password manager
password operator

From my test laptop i can ping the 2 ip's of the 2824 switch i can ping vlan-2 but i cannot ping or comunicate with vlan-1
and i have to because there are all the servers that we need to work on.

What im i doing wrong here? Please help.

Thanks in advance
Ricardo

Answer : Procurve 2824 vlans and subnets problem

Connecting vlan sw.'
Agree with 1peterx: connect the 2 sw.'s with ONE link including both vlan 1 & vlan 2.
Same tagging in both ends, e.g. port 24:
Vlan1
tagged 24
vlan 2
tagged 24

Routing
As I see it, you can make routing in 2 different ways, the probem is the 2 PIX adr.'s (def.gatew.'s)

A) If you use gw. 192.168.10.254 on the 192.168.10.0 -network
and 192.168.20.1 as gw. on the 192.168.20.0 -network,
then all servers and pc's will need a route to the other internal network:

-on pc to find servers localy (instead of hitting def.gw):
ROUTE ADD 192.168.10.0 MASK 255.255.255.0 192.168.20.60
-on server to reach PC's:
ROUTE ADD 192.168.20.0 MASK 255.255.255.0 192.168.10.91

B) Make a default gw on the routing device (HP2824) like:
ip route 0.0.0.0 0.0.0.0 192.168.20.1

-and let the PC's hit HP 192.168.20.60 as the def.gw. (No route for 192.168.10.0 is needed as the L3-switch will provide routing)

-Servers should have PIX as def.gw. 192.168.10.254 , as you can only have one def.gw. on the hp2824, in this setup the servers would each need a route to 192.168.20.0 -network:
ROUTE ADD 192.168.20.0 MASK 255.255.255.0 192.168.10.91

on all devices netmask= 255.255.255.0

-hope this makes sense

Random Solutions

No wireless connectivity

SBS 2003 server displays "Duplicate Name Exists" at logon prompt even disconnected from switch

How to locate, upload and load the necessary files for a cisco 7906

Desktop CPU can access network access point but not the Internet

How do I Configure Multiple Gateways?

How do I connect a Linksys Router to a Broadxent 8120 configured as a Bridge?

Port forwarding with a DSL modem and a Linksys router that serves VPN

Local DNS query authoritative server

One way voice on Cisco IP Communicator over the VPN