Problem HP Procurve/ESXi5/VLAN

Hi, I have a small network setup for my LABORATORY, where I have a firewall, a HP Procurve layer 3 switch (J4900B) and DL360G5,.

I created two VLANS, Default and VLAN 50

all my machines are in the vlan by default

Firewall ip 10.20.0.254

ProCurve IP 10.20.0.1 - port1-"UNTAG" - firewall

HP Server ESX IP 10.20.0.151 - nic0-"UNTAG" - one hp switch port8

My AD server is 10.20.0.4 (that has DHCP and DNS) and is located in my default VLAN

all my traffic works fine in the default network, I can go to the internet or download.

I created second vlan (50) and put a virtual machine in it (10.0.50.4/24 gw 10.50.0.1 - DNS 10.20.0.4 ip)

I can access the internet fine, but if I try to download a large file from the internet, it downloads that 5 to 6 megabytes at fast speed, then the speed slows down, and some time it stops.

I've search all over the internet, but couldn't find the solution. I don't know what I'm missing, but this thing is driving me crazy. I am also attaching my procurve config.

I have a static route created in my firewall

(Source) ANY

(Destination) 10.0.50.0

255.255.255.0

Any Service

(Next Hop) 10.20.0.1

Can someone point me to the right direction or if anyone has step by step work cofiguration.

kamver wrote:

I have setup a Portgroup with 50 VLAN in ESXi and no setup vlan on the rest of the port groups.

Yes, since you have a 8 port as not tagged in VLAN 1.

We even try to transfer a large file of the default network to 50 VLANS and do no problem.

This is a test important and being given that traffic will leave a host of virtual of VLAN 1 and routes to the Procurve device and then again, it means that the router works fine.

I put a vlan on the physical server.

With the physical server, you hear the machine running ESXi? If Yes, then no configuration of VLAN should be except in the vSwitch inside the host configuration.

Do I need to move away from the default v - lan and use some other vlan for my main as network VLAN 10 or something?

It shouldn't really make a difference in this case, but I prefer not to use the default VLAN (1) because it is easy to make configuration errors with the vlan untagged ports. If using something like id VLAN 10 instead and label it on the ports to the ESXi host, it will be clearer in the config. (Also put 10 VLANS on the vmkernel ports and virtual machine port groups).

Should my firewall know VLAN?

No, he should not know the VLAN id: s in this case. Port 1 on your switch is non-VLAN 1 tag Member, so it is not up-to-date, as well as and the other subnet is behind a router (from the point of view firewall.)

I think that the problem is actually in your firewall. Something that don't work well with the communication from router to router. Can you see if there is something in all the newspapers in the FW that gives any hint that?

Tags: VMware

Similar Questions

Remote VPN gateway to gateway problem RV016 to add VLANs

Hi all I have a little problem with RV016. I have a site to another LAN ipsec virtual and I would like to add a vlan remote for tunneling but RV has only three options

-IP

-Subnet

IP range-

Now the remote lan for vpn is 192.168.10.0/24 and I would add 10.1.1.0/24

Can someone help me?

Glad to hear it

Please note the post useful and mark it as answered to help other customers of Cisco

See you soon

Mehdi

Connection problems SSID with several VLANs

Hi all

I'm having a little problem getting a device to associate with an access point and enter an IP via DHCP on a particular SSID. This access point has two VLANs, with two different SSID configured. The configuration is locked. For some reason I can't connect to 2 SSID on my wireless device, but the SSID works very well. I see authentication through the newspaper, so I know that the pre-shared key is correct, but may not enter an IP address (which makes me think I have a problem in the bridge group). Any thoughts?

Also, I tried both a trunk port and an access port on the switch that is connected to the access point. With both, I can connect and enter an address IP of the VLAN 20 (SSID 1), but not to VLAN 10 (2 SSID).

SSID dot11 1

VLAN 20

open authentication

authentication wpa key management

WPA - psk ascii 'key '.

!

SSID dot11 2

VLAN 10

open authentication

authentication wpa key management

Comments-mode

WPA - psk ascii 'key '.

Bridge IRB

!

!

interface Dot11Radio0

no ip address

no ip route cache

!

algorithms for encryption tkip encryption mode

!

encryption vlan 20 tkip encryption mode

!

encryption vlan 10 tkip encryption mode

!

SSID 1

!

SSID 2

!

antenna transmit right

straight reception antenna

root of station-role

Bridge-Group 1

Bridge-Group 1 block-unknown-source

No source of bridge-Group 1-learning

unicast bridge-Group 1-floods

Bridge-Group 1 covering-disabled people

!

interface Dot11Radio0.10

encapsulation dot1Q 10

no ip route cache

Bridge-group 10

10 bridge-group subscriber-loop-control

Bridge-group 10 block-unknown-source

No source of bridge-group 10-learning

No bridge group 10 unicast-flooding

Bridge-group of 10 disabled spanning

!

interface Dot11Radio0.20

encapsulation dot1Q 20

no ip route cache

Bridge-group 20

Bridge-group subscriber-loop-control 20

Bridge-group 20 block-unknown-source

No source of bridge-group 20-learning

No bridge group 20 unicast-flooding

Bridge-group 20 covering people with reduced mobility

!

interface FastEthernet0

no ip address

no ip route cache

automatic duplex

automatic speed

!

interface FastEthernet0.10

encapsulation dot1Q 10 native

no ip route cache

Bridge-Group 1

No source of bridge-Group 1-learning

Bridge-Group 1 covering-disabled people

!

interface FastEthernet0.20

encapsulation dot1Q 20

no ip route cache

Bridge-group 20

No source of bridge-group 20-learning

Bridge-group 20 covering people with reduced mobility

!

interface BVI1

192.168.0.210 IP address 255.255.255.0

no ip route cache

Default IP gateway 192.168.0.1

1 channel ip bridge

Thanks for your help!

Your bridge-groups do not have the tail. You have 10 VLANS mapped to bridge-Group 1 on the FastEthernet interface but mapped to bridge-group 10 on the radio just remove the bridge Group 1 of the main radio interface and apply it to the subinterface dot0.10.

Problems of implementation of VLANS on Cisco SG 300-28 comments

Hello

I'm mainly curious if the configuration that I explained below is actually possible, and if so how do I implement. I know that this isn't the easiest configuration and I need to put in place without buying any equipment more if possible.

I have a SG Cisco 300-28 with three Setup VLAN

Vlan1 (company) - 192.168.10.0 - switch IP 192.168.10.254

VLAN2 (VOIP) - 192.168.20.0 - switch IP - 192.168.20.1

VLAN3 (guest) - 192.168.30.0 - switch IP - 192.168.30.1

Default gateway is 192.168.10.1 (Netgear router)

I have a wireless network setup (Netgear WMS and WAP 2) configured with TWO VIRTUAL (1 and 3) networks. They enter ports on the Cisco SG 300 - 28 which are marked on the two VIRTUAL networks. The wireless carriers has worked well, but the guest network is not reout on the Internet.

After some troubleshooting I realized that the reason wasn't the guest was because there was no path routing of the internet to the router.

The router I have is not really ideal, it is a Netgear DGN2200, but I managed to create a static route to 192.168.30.1 with a metric of 2, 192,168,10.254 being the jump.

Success, the connection worked, the only problem is that now my guest network can see my business network because the corporate network uses the static route on my router to router on the guest network (due to the limitations of this device I can't do anything about it)

So basically, what I have is

Network Guest can connect to Business VLAN switch. I guess that's because the router is on the VLAN of Business and the default gateway is the router. As they are on the same network the Guest inevetably network can see the network and the server of the company.

The network of the company can return to the network invited through the router using my static route, I created. The static route is really basic and I can't create a firewall on the router rule to prevent the business network addressing network comments because there is only one LAN - WAN firewall and this connection is LAN - LAN.

What I need, is...

somehow stop all traffic from the 192.168.30.0 network routing to what anyone on the 192.168.10.0 network, apart from the router to 192.168.10.1.

Is this possible? I have this setup at several different site, the only difference is that I have a router from CIsco security on the latter with the VLANS configured so that I don't have this problem. Because I have a Netgear DGN2200 rather limited, I cannot configure the VLAN correctly, and as such, I need to see if I can do this on the switch somehow.

Any help would be appreciated.

It is my first post says in the way, so if I missed something that anyone would help then please let me know.

Kind regards

David

Hi David,

Why not apply an access list to filter incoming traffic in the SG300 switch such as, via the command line or GUI.

Here is an example below, certainly not comprehensive, just an example

,

Remember, we use the reverse masking of the ACE;

config

restrictGuest extended IP access list

deny ip 192.168.30.0 0.0.0.255 192.168.20.0 0.0.0.255
deny tcp 192.168.30.0 0.0.0.255 any 192.168.30.1 0.0.0.0 www
deny tcp 192.168.30.0 0.0.0.255 any 192.168.30.1 0.0.0.0 telnet
deny ip 192.168.30.0 0.0.0.255 192.168.10.0 0.0.0.255

allow an ip

output

interface gigabitethernet1

Service-acl input restrictGuest

output

Don't forget to save the configuration with the following command and respond to the prompt.

To write

or do it via the GUI method

Step 1. Create an ACL name

step 2, add the ACE base port which is the list of filters.

step 3. Apply or binding the list to a port so that the port can watch and filter pattern matches to detect traffic in the switch. I gave you an example of an ACE list above, you can be more creative in what you refuse.

step 4. Now add or copy the entry in other ports on the switch.

Be sure to save your changes to the configuration.

I hope this helps.

Best regards, Dave

Problem with routing inter - VLAN... How to solve it?

Hi all.

I have a WRVS4400N in my office to have a VPN with our main customer and also to manage the entire network of small size.

In two weeks, more or less we will change our office somewhere else, merge two in one.

At its new location, we will have two different ADSL connections, and we will keep our separate LAN to the other LAN.

The goal is to interconnect the two local networks in order to 'see' the machines on one local network to another, but keep the two local networks with their current configuration, subnet, etc..

To achieve this, I created a new VLAN on the router and I have attached only port4 to this VLAN.

As you can see, VLAN main has its own/24 subnet (10.148.145.0/24) and dhcp enabled (for addresses on my LAN) while the new VIRTUAL local network has its own 24 subnet too (10.0.0.0/24) but with the disabled dhcp (is a different LAN with its own DHCP server).

VLAN 1 use ports 1-3 and VLAN 2 use the single port 4.

Of course, I enabled routing inter - VLAN:

To emulate the future scenario, I connected a router with an Internet port 4 with IP:10.0.0.2, and I therefore two different local networks.

Well, the reality is this:

-From my PC connected to the VLAN1 I have an IP address (assigned by my Cisco) and I see all my VLAN and I see 10.0.0.1 too (IP of the router on VLAN2), but I don't see any more (pings to 10.0.0.2 didn't answer). I can access Cisco router to 10.0.0.1 and 10.148.145.97.

-My PC connected to the VLAN2 I have an IP address (assigned by the other router on 10.0.0.2), I see only my VLAN (10.0.0.0/24 IPs). I can access only Cisco router to 10.0.0.1.

How can I do to enable these two VLANS to 'see' each other?

How can I control access to the WAN port? I don't want machines to VLAN2 accessing internet through our router.

Thank you and best regards!

Hello Francisco,.

In router mode gateway mode switch will turn off the NAT on the router. Which will allow to the vlan 2 does not to get out to the internet but also vlan 1 and which is not what you want. You may be able to create access rules and deny rules for not being able to get out of the internet... may create some default of the rules of the road as 0.0.0.0. Also, you may be able to create internet air to stop a certain subnet that it is able to get out of the internet as well.

Regarding the VLAN talk to each other, everything looks good, routing inter - vlan, it is allowing the two VLAN to talk to each other and which is activated. What your default gateways are installed on devices you are testing? As long as default gateways on your PC and devices are pointing to the routers ip/gateway address, you should be good to go at this point.

VLAN 1: default gateway should be 10.148.145.97

VLAN 2: default gateway must be 10.0.0.1

Other than that everything seems to be implemented correctly based on the images. The VLANs that you put in place on the ports are correct.

Let me know your devices are configured on the rise and will go from there.

Hope this helps,

Thank you

Clayton Sill

configuration of VLAN and routing problem 6224 switch

I, m having a problem accessing internet to vlan 10. I can ping everything of all the VLANS. My internet router/firewall is on ethernet 1/g11 and has an ip address of 192.168.5.254. I have no problem accessing internet to vlan 20. I add a static route to my router/firewall. What Miss me? This is my first configure a layer 3 switch.

Configure
database of VLAN
VLAN 10.20
output
battery
1 1 member
output
IP 10.10.10.1 255.255.255.0
default IP gateway - 10.10.10.254
IP routing
IP route 0.0.0.0 0.0.0.0 192.168.5.254
interface vlan 10
Routing
IP 192.168.100.1 address 255.255.255.0
output
interface vlan 20
Routing

192.168.5.1 IP address 255.255.255.0
output

!
interface ethernet 1/g1
switchport mode general
pvid switchport General 10
No switchport acceptable-framework-type general tag only
VLAN allowed switchport General add 10
output
!
interface ethernet 1/g2
switchport mode general
pvid switchport General 10
No switchport acceptable-framework-type general tag only
VLAN allowed switchport General add 10
output
!
interface ethernet 1/g11
switchport mode general
switchport General pvid 20

No switchport acceptable-framework-type general tag only
VLAN allowed switchport General add 20
output
!
interface ethernet 1/g12
switchport mode general
switchport General pvid 20
No switchport acceptable-framework-type general tag only
VLAN allowed switchport General add 20
output
!
interface ethernet 1/g13
switchport mode general
switchport General pvid 20
No switchport acceptable-framework-type general tag only
VLAN allowed switchport General add 20
output
output

Route ip console #show

The traffic code: R - RIP derived, O - OSPF derived, C - connected, S - static
B - BGP derived, IA - OSPF Inter zone
E1 - OSPF external Type 1, E2 - OSPF external Type 2
N1 - OSPF NSSA external Type 1, N2 - OSPF NSSA external Type 2

S 0.0.0.0/0 [1/0] via 192.168.5.254, vlan 20
C 192.168.5.0/24 [0/0], directly connected, vlan 20
192.168.100.0/24 C [0/0], directly connected, vlan 10

Console #.

Problem with DHCP broadcast between VLAN

Hello
I trying to solve the lab that I set up, I have a problem with broadcast between VLANS with my DHCP. I looked around the vmware community to find my answer, but I did not who is right why I post here!
So here's my situation :
- ESX with 2 race of VM:
  - An R2 of 2012 Windows running a DHCP server with a configured scope
    - This virtual machine is assigned to the vmnic4 with the port VLAN 100 group
  - A Windows 7, which I use as a customer
    - This virtual machine is assigned to the vmnic4 with the port VLAN 110 group
- Switch Cisco with a simple configuration:
interface FastEthernet0/1
Description LINK FOR ESX
switchport mode trunk
switchport nonegotiate
interface FastEthernet0/24
Description OF LINK ROUTER
switchport mode trunk
- Configuration of the Cisco "router on the stick:
interface FastEthernet0/0.100
encapsulation dot1q 100
10.1.1.254 IP address 255.255.255.0
interface FastEthernet0/0,110
encapsulation dot1q 110
IP 10.1.2.254 255.255.255.0
IP helper 10.1.1.0

The resolution of the problems that I did:
- Affecting the client static IP and that both virtual machine can ping each other
- Moving from the client to the same VLAN as DHCP server, and the DHCP server is to give the client an IP address.
- Sniffing the packet:
  - I can see the client DHCPDiscover
  - I can see the router with the command "debug ip dhcp server packet" package passed on the 10.1.1.0.
  - I am not able to see the packets from the router to DHCP perspective
That's why I guess miss me something ESX configuration.
Thanks in advance for reading this post!

PS: I've linked a vswitch configuration screenshot

I think that you have configured an incorrect address of IP support, take a look at the following line:

IP helper 10.1.1.0

Your DCHP server is really 10.1.1.0? I think not, since 10.1.1.0 corresponds to the ID of the network 10.1.1.0/24 network.

Problem of BladeCenter ESX Server Vlan trunking

VLAN for the ESX BladeCenter server problem
ESX, Bladecenter, VLAN
Hello
The bladecenter was initially setup by a company and only allows me
create a VM from Vlan 2. The problem is that I'm out of intellectual property that
VLAN and I wanted the ability to use another address space for the
VM I have already created a new vlan 20.
This is the current configuration of the switch. Everything I have added to these configurations to before was sw trunk allowed vlan add 20
Switch CISCO 4500
Interface Port - Channel 1
switchport
switchport trunk encapsulation dot1q
switchport vlan trunk native 3
switchport trunk allowed vlan 3: 1-20
!
!
interface GigabitEthernet5/39
Description Port Trunk BLADECENTER-sw2-p17
switchport trunk encapsulation dot1q
switchport vlan trunk native 3
switchport trunk allowed vlan 3: 1-20
channel-group mode 1 on
!
interface GigabitEthernet6/2
Truck BLADECENTER-sw2-p17 Port Description
switchport trunk encapsulation dot1q
switchport vlan trunk native 3
switchport trunk allowed vlan 3: 1-20
channel-group mode 1 on
!
Config - sw1 Bladecenter switch
VLAN 2
Server
VLAN 3
WAN
VLAN 20
Server2
Interface Port - Channel 1
switchport vlan trunk native 3
switchport trunk allowed vlan 3: 1-20
interface GigabitEthernet0/17
switchport vlan trunk native 3
switchport trunk allowed vlan 3: 1-20
Cisco-switch macro description
channel-group mode 1 on
!
interface GigabitEthernet0/18
switchport vlan trunk native 3
switchport trunk allowed vlan 3: 1-20
Cisco-switch macro description
channel-group mode 1 on
Blade switchport where the host is contained
interface GigabitEthernet0/9
Description blade9
switchport vlan trunk native 2
switchport trunk allowed vlan 2.20
switchport mode trunk.
The host ESX IP is in Vlan 2
End result is that I can't use any VLANS in this new range. There is no Vlan ID or installation marking.
Thanks in advance.

Grand...

Don't forget to assign points for correct or helpful answers

6248 VLAN do not receive the DHCP scope

I created two new DHCP scopes in my windows server 2003:

192.168.2.0 - public, and
192.168.3.0 - VOIP.

This DHCP server is connected to a Dell powerconnect 2708, which is connected to our new powerconnect 6248P via fiber point-to-point.

In the new computers on network on the default 1 VLAN are correctly attributed IPs as they connect.

I issued the following commands to the 6248 CLI:

Enable
Configure
database of VLAN
VLAN 20
VLAN 30
output

Configure
range of interface ethernet 1/1-g1/g2
switchport mode general
VLAN allowed switchport General add 20
switchport General pvid 20
l2relay DHCP
output

Configure
range of interface ethernet 1/1-g3/g6
switchport mode general
VLAN allowed switchport General add 30
switchport General pvid 30
l2relay DHCP
output

interface ethernet 1/g11
switchport mode general
VLAN allowed switchport General add 20
VLAN allowed switchport General add 30
l2relay DHCP
output

Configure
interface vlan 20
name 'PUBLIC '.
Routing
IP 192.168.2.1 255.255.255.0
IP helper 192.168.1.150
output

Configure
interface vlan 30
name "VOIP."
Routing
address 192.168.3.1 255.255.255
IP helper 192.168.1.150
output

IP routing

I also added all traffic on VLAN 20 and 30 of VLAN on ports 1/g11 (6248) and port 2 (2708). VLAN 1 access was removed from ports 1/1/g1-g6 (6248)

Everything seems to have been set correctly, but I can't get a response from the DHCP server on all ports attached to VLAN 20. The powerconnect 2708 switch is unable to pass the baton to the server? Is it possible that something falls in the point to point?

I would greatly appreciate any comments or suggestions, thanks!

The 6248 has no default gateway. It wont let me put 192.168.1.1 because he does not reside in the same subnet as the 6248 (192.168.99.1)

The 2708 has listed 192.168.1.1 as its default gateway.

At this point, the network has too many complexities for me to unravel. I am very happy that at least I solved for DHCP when we finally migrate our server to the new location.

Once the server is up, and the gateway/firewall are directly connected to the 6248; I will review the correct configuration of this network.

Some advice to those who might have a similar problem: check your management VLAN. It may not be the same VLAN 1 if you plan to routing to work from VLAN 1 to nowhere else because the VLAN management cannot be routed. Also check static routing of your access point, make sure the front door has a return of the ips of your VLAN, IE: 192.168.2.0 255.255.255.0 gateway_ip

That's all for now. Thank you to all who have contributed

Incompatibility of VLAN native of CDP

Hello, I have problems with incompatibility of VLAN native between two Cisco switches. I'm confused why other manufacturing going on works, but Cisco didn't. Can I blame CDP here and I hope that a solution for this? Thank you very much! Tomas

Hello

The vlan native must be the same for both switches. On the 3750 vlan native is 35 and on the 2960 vlan 1 native. Try to change 1 to 35 on the 2960 and test again.

HTH

VLAN-RV220W - help needed

Hello

I'm having a problem with a new vlan on this router. The router uses the default firmware 1.0.0.26 because I can't use 1.0.1.0 because we have a DSL connection that requires PPPoE.

Vlan1 is for our work and our SBS PC which acts also as the DHCP server. The router is configured with a static address and has disabled DHCP.

VLAN5 is a group of PC, who cannot have access to the Internet and nothing else on the network. I made a few screenshots of the parameters.

When I connect a PC port 4, a valid IP address is not received from the DHCP configured for VLAN5, instead the PC receives an address IP of SBS located on VLAN1, it also shows that I am connected to the local domain on VLAN1. Me missing something, is there something else that needs parameters. I can't understand why I don't get a 192.168.5.0 address.

My VLAN10 secure wireless works very well and receives the correct IP address.

Any help would be appreciated.

Michael.

Michael,

Well have gone through your messages and also set up a similar configuration in our laboratory. Note that I had trouble; no problem with the RV220W, but rather the switch was close one of the ports connected to RV220W. So I went to the SG - 302 switch and disabled STP on this port and everything started to work very well. So, it is probably similar in your case too. Also if the netgear is a fully managed switch, why don't you just truck two virtual networks on the same port. This will release two ports in your network. you mentioned that you receive an ip address of the vlan 1 when you were connected to the vlan 10, even with your configuration file, I haven't lived something like this. On the wireless side you can reconnect each SSID and the test. Tests you want to make sure that you do an ipconfig/release () and (ipconfig / renew) your IP stack could keep your permeable connected network settings.

Thank you

Jason Bryant

Support Cisco engineer

.:|:.:|:.

SG500 problem - 52p with a port.

Nice day

Please can someone help me with this. I have a watchguard wireless device which is plugged on my access SG500 stack switch - 52p.

The problem I have with my wireless device, it's that it maintains to drop a connection. Now, I have the idea that STP is the problem but I'm not sure.

I logged in my path and I see the following status message:

27 February 2014 16:21 % STP-W-PORTSTATUS: gi2/1/35: STP State Forwarding aggregated (1)
27 February 2014 16:22:24 % W-LINK-Down: gi2/1/35, aggregated (1)
27 February 2014 16:22:44 % w-LINK-Up: gi2/1/35, aggregate (2).
27 February 2014 16:22:48 % LINK-W-Down: IG4/1/23

I just need to be on one vlan 20 native and not the extra a Vlan 226.

It's the running configuration of the interface where it is connected:

interface gigabitethernet2/1/35
spanning tree enable bpduguard
switchport trunk allowed vlan add 226
switchport trunk vlan 20 native
No auto smartport macro

Can someone help me with what I can't understand about mine.

Hi Marcel,.

I'm not entirely sure why you have a problem with deleting a VLAN Trunk.

This action gives you an error?

Or these parameters automatically reappear?

It would be wise to consider in details, so I suggest you open the ticket with Cisco Small Business Support team:

http://www.Cisco.com/c/en/us/support/Web/TSD-Cisco-small-business-suppor...

Aleksandra

Adding ports to a vlan on interconnection of fabric (end-host Mode)

Hi all

I have a problem, I have created vlan 99 and added the ports and port channels to the vlan on the fabric of the ucs interconnections and saved the configs.

To my surprise, that nothing has changed, they are still on the vlan 1 (the default).

See my setup below.

UCS - A eth-link # rising scope
UCS - Has/eth-uplink # create vlan EMM_NET 99
UCS - Has/eth-storage / vlan * # create member-port has 15 1
UCS - Has/eth-storage / vlan * # create member-port a 16 1
UCS - Has/eth-storage / vlan * # create portchannel members a 61
UCS - Has/eth-uplink / vlan * # set no sharing
UCS - Has/eth-uplink / vlan * # commit buffer
UCS - Has / eth-uplink/vlan #.

Or should I just create vlan 99 on the switch to the North (Nexus5548UP) because the fabric of interconnection is in fine host mode?

Kind regards

OK, now you must give us more detailed information?

What is your OS? ESXi?

And maybe, depending on how your host is configured, you should make 99 Vlan as vlan native!

VLAN & UC520/CE520

Hi, I have a problem with routing between VLANs.

I have two VLAN data put on the boxes above: 192.168.6.0/24 & 192.168.3.0/24.

There's a UC520 box with its default ip address in the range 6.0 and all CE520s (three of them) also have an ip address in the range of 6.0. All the facilities are connected by trunk ports.

Route by default network 6.0 is the UC520 and all customers can route properly and more importantly, see CME/CUE web page at 10.1.10.1.

Route by default of the 3.0 network is an SBS server that is connected to one of the switches CE520. All customers can route between them and with the SBS server without problem. However, none of the customers including the SBS server can see 10.1.10.1.

What I did to solve this problem is put in place one of the ports in the UC520 as being assigned to the VLAN 3.0 and one of the two switches with 3.0 clients connected to this port. It did not work.

I can't really experience it's a direct network.

Any suggestions as to what is wrong?

Thank you

dphal

Hello

I understand what your Setup is, looks like you route 192.168.3.0/24 customer traffic on the SBS server that does not have a road to the network 10.1.10.0/24 on the UC500. As a general rule, customer traffic would be routed to the UC500 and incidentally is how to make the delivery as expected 192.168.6.0/24.

There are two ways to solve this problem.

(1) adds an interface VLAN3 on the UC500 with an IP address in the subnet 192.168.3.0/24.

1 a) set up a DHCP server on the UC500 for this subnet and have customers get an address with an address of default gateway address IP UC500 assigned to VLAN3.

1 (b), add a default route on the SBS server also point to the UC500 IP address assigned to VLAN3

This will allow the entire routing to all subnets that the UC500 has in its routing table including the internet.

(2) If you want only the 192.168.3.0/24 subnet in order to reach the SBS server and the 10.1.10.1 subnet and prefer to use the SBS as your DHCP server and the router on the subnet 192.168.3.0/24, then you need to add a static route on the SBS server to point to an interface UC500.

If you repeat step 1) from the top and then add the static route on the Server SBS pointing newly configured address IP UC500.

If you have trouble getting to the 10.1.10.1 address, make sure you have a trunk set up between the UC500 and CE520 and VLAN3 is permitted by the trunk.

Note: Using a tracert on Windows PC command can help you see every jump she goes through the network to the destination. If it stops at the IP address of the SBS server, then you know it is that the package is and indicates that the SBS does not know how to route the package to the front. In general, the last IP address is the device that needs the updated routing table to forward the packet to its destination.

Hope this helps,

Steve

VLAN PortGroup

Hi guys!
I am setting up my environment and I'm having a problem of bit with Vlan PortGroup.
When I place VLAN ID in Vmotion PortGroup I get 'ping' the other host to the same VLAN, but with VLAN disabled the 'ping' works perfectly.
My environment is:
SO: 2 guests with ESXi 4.1
Network switch: 1 PowerConnect 6224
his image as an attachment with precision.
Someone has an idea how solve it?
big names
Carlos

"Yes, I end of cisco, normally I would need a fine one VLAN in the switch and then assigned this VLAN to be allowed to passthru" physical switch port #.

It's either you configure your switch or the reverse would create a dedicated for vmotion only Teddy. and since it's only two hosts, you can go back to the back (while you find on your local network VIRTUAL switch configuration). the dirtiest way would be combining vmotion and local network as network even now (without vlan)

iDLE-jAM | SC 2, SC 3 & VCP 4

If you have found this device or any other answer useful please consider useful or correct buttons using attribute points

Problem HP Procurve/ESXi5/VLAN

Similar Questions

VLAN for the ESX BladeCenter server problem

Maybe you are looking for