Re: [Hampshire] HP ProCurve switch, VLAN configuration.

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MSteven Swann at <-
M\Steven Swann at ->

Reply to this message
Author: James Courtier-Dutton
Date:  
To: Hampshire LUG Discussion List
Subject: Re: [Hampshire] HP ProCurve switch, VLAN configuration.
On 20 December 2011 17:30, Steven Swann <swannonline@???> wrote:
> Notes below, thanks again for the response... HLUG is much better than the
> HP support forum :)
>
>
> On 12/20/2011 05:15 PM, James Courtier-Dutton wrote:
>>
>> On 20 December 2011 16:06, Steven Swann<swannonline@???>
>>  wrote:
>>>
>>> The user manuals can be found here:
>>>
>>>
>>> http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=64179&taskId=125&prodTypeId=12883&prodSeriesId=329892
>>>
>>> There are actually about 5 different manuals for each switch, getting
>>> started, advance config, etc..
>>>
>>>
>>>
>>> On 12/20/2011 03:49 PM, James Courtier-Dutton wrote:
>>>>
>>>> I don't think they can do what you want.
>>>> Give a link to an online manual for your particular switch and I could
>>>> answer with 100% functionallity.
>>>>
>>>> The feature you need is a "firewall" feature, or access control lists.
>>>> Routing and Switching will not help you.
>>>>
>>>> So, you start by having everyone able to ping each other, and then you
>>>> add packet filters.
>>>>
>> I scanned the manuals. No packet filtering features there.
>> 1) VLANs keep traffic separate from another VLAN.
>> 2) IP Routing is used to pass traffic from one VLAN to another.
>> 3) IP Packet filtering/firewall is used to prevent certain types of
>> traffic from passing between a source and destination.
>>
>> Your device has 1 and 2, but not 3. So I don't think you can do what
>> you need with just that switch.
>> You can do 1 and 2, with 3 being a permit all.
>> You could do it if you had a firewall that understands VLAN tags. You
>> could plug the firewall into one of the trunk ports of the switch and
>> use the firewall to provide 2 and 3, leaving the switch to just do 1.
>>
> We do need to do 3, but that can always come later. All we need at this
> stage is 1&2 but I just can't seem to get it to work. Would a strict routing
> table provide some of 3 since all VLANs are on independent subnets?
>>

Oh, if all you need is 1&2 right now, just search the manual for
"default route".
Point the default route at the internet router and you should be good to go.
I think that is all that is missing from the config you posted.

--
Please post to: Hampshire@???
Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL: http://www.hantslug.org.uk
--------------------------------------------------------------
This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-Re: [Hampshire] HP ProCurve switch, VLAN configuration.Re: [Hampshire] HP ProCurve switch, VLAN configuration.->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)