HP switch and vlan
-
Any managed switch should be able to do that. Even my crappo TP-Link can. I first did it with Adtran switches several years ago.
-
Good to know...
(I wouldn’t have thought of this, to from many SMB category mng. switches)
for a long time, I only have Cisco and Juniper in my life
TP-Link...hmmmm, though I wouldn't use it for letter weights either (hahaha) -
Some TP-Link switches have problems with tagged VLANs. Mine doesn't seem to have a problem with port based VLANs though, though it likely would with tagged VLANs. I have it configured to use as a data tap, so I can monitor Ethernet connections with Wireshark.
-
Is there a big price difference in your country between the Cisco SMB series (SG350, SG350X, etc.) and the TP-Link devices?
Pls don't think that, I hate TP-Link so much, but we haven't used it in a long time, so I only have experience up to the TL-SG series
BTW:
we deal with AoIP stuff a lot (DANTE protocol) TP-Link is totally dead on the IGMP and DSCP QoS themes
(https://www.audinate.com/) -
I paid about $100 for a Cisco SG 200-08 switch, but that TP-Link TL-SG105E was only around $35.
BTW, my early experience with managed switches was with Adtran, as my employer was their Canadian distributor. Adtran's AOS was pretty much a clone of Cisco's IOS.
-
I understand...
just a story:
for me, TP-Link customer service answered a simple question for three months...
the question is was the factory SFP modules know DOM / DDM?then I gave up and tried no further
(of course, there was no reference in the description)-there was an SFP diag menu in the GUI of the switches
didn't give any info about any DOM / DDM capable SFP, so we thought it only works with his own...the joke is that as it turned out they don't produce SFP modules with DDM / DOM capabilities
then what is that menu for in the GUI?
-
My experience with them was in regards to that VLAN problem, but with my access point rather than a switch. The problem is that multicasts would leak from the native LAN to the VLANs, which meant that devices on the VLAN/2nd SSID would get config info from the native LAN. When I called support, they insisted that that was how VLANs were supposed to work. Eventually, I talked to 2nd level support, who agreed it was a flaw. However, there was no fix forthcoming for my AP.
-
@DaddyGo said in HP switch and vlan:
@moosport said in HP switch and vlan:
looks like i have work to do tonight. :)
exactly yes
I usually use Wireshark on Cisco systems with the following method.
If your HP switch knows the SPAN protocol, your life may be easier.just an example:
https://www.ciscozine.com/how-to-analyze-traffic-with-span-feature/HP 1800 do support port mirroring. tried wireshark but monitor mode option is greyed out.
airmon-ng needs to be installed before trying to enable monitor mode.BTW, does ingress filtering needs to be enabled on the LACP port on the HP switch connecting to the Unifi switch? I left it disabled.
-
@moosport said in HP switch and vlan:
HP 1800 do support port mirroring. tried wireshark but monitor mode option is greyed out.
airmon-ng needs to be installed before trying to enable monitor mode.???
Airmon-ng is for WiFi monitoring. What does it have to do with port mirroring? -
Reason is I'm testing the vlan using wifi. The plan is all ports on the HP switch will be on vlan30.
iot and guest are on vlan50 and vlan60 off wifi (no lan).Unifi switch will handle vlan40 for cctv which does not go anywhere.
currently topology is
pass all pass all vlans vlans | |modem -> pfsense -> hp1800 ->unifi16
| |
vlan20 |
vlan40,50,60 -
-
yeah.. you're right.. I must lost my mind for a moment there.
-
Configure the port mirroring, Now wireshark capture the DHCP request the vlanid 50 for guest.
Vmware has LAN portgroup to allow all. FW rules are set to allow all but blocked to other vlans. Not sure where to look now. -
I'm no expert, but I just went through setting up Guest and IOT VLANs with Unifi and two HP switches.
If your switch is the J9028B, then here's the link to your switch manual. I can't really tell if your port configuration is correct from those partial screenshots you are linking.
I don't know if it matters, but why are you only allowing TCP through the FW?
Also, you might need to check your NAT rules? I had the port tagging and firewall rules correct, but my NAT was fouled up. In my case, I could get an IP on the VLAN and could see the laptop connected to the VLAN in my pfSense DHCP table, but I could not connect to the internet.
-
@newberger said in HP switch and vlan:
Also, you might need to check your NAT rules? I had the po
change FW to allow all and still not getting IP. Prior to using wireshark, HP switch is configured to LAGG with Unifi switch, I had remove the LAGG to enable port mirroring.
Capture trace on the port connecting esxi box and vmnic. DHCP traffic vlan50 is captured on the switch port but not on vmnic.
I have pfblocker running and the NAT rules are for DNSBL.
