Simple vlan help
-
So if anyone knows anything about the Procurve 1700 switch, I could use some help with it. It is web managed, but the instruction for their vlans are not very clear. I would just prefer to use it over the baystack because of the small form factor and fan less operation.
Thanks again for all of your help.
CaTI can only try because I don't have HP PC 1700 and interface is (as I can see from manual) totaly diferent from "biger" models.
So your VLAN is UP and operational now?
Sasa
-
Sasa,
Yes the vlan is up with the Nortel switch. Actually I have 13 of them running. I would like to get it going with the Hp, but not entirely necessary.
When I orginally tried the nortel switch I had a problem in my settings on the interfaces on the pfsense box.
I thought the switch was bad, had this new HP procurve and couldn't get it to work either. Fixed the interface problem with everyones help, got the Nortel working but cannot get the procurve to do vlans.
I know it is something simple.
Thanks again
for your help.
CaT -
I have a procurve 1800-24g and a procurve 1800-8g. Maybe the webgui is similiar. I have vlans running on them with pfSense and could post some screenshots if needed.
-
Hoba,
first how many vlans can you configure 1700/1800 to output to one port. After reading the book a little closer I think you can only configure 8 vlans to one trunk. Since I am outputting 14 vlans to one port I am not sure that I can use the Procurve anyway. Unless you can see how to do it. In fact I wasn't able to get it working at all with the vlans
Ill give you a run down of a typical vlan that I tried to set up. This was after I was sure that pfsense was setup right.
first I set up the vlans 10,20–-
then I added the ports to the vlan
selected the correct vlan number in the drop down box.
I then added the ports to trunk 1.
I never could see which port was the trunk port (the one to connect to the opt1 side of pfsense)
I am sure that the mistake was a simple one.
The steps above are from memory so could be a little off.
Thanks for the help.
CaT -
I hope the webguis are similiar between the 1700 and the 1800.
You don't work with the trunks-menu at all, at least I didn't in my scenario. I only use 2 vlans on this switch (it's just for our conferenceroom) but as you can see on img1 you could add up to 64 vlans.
- Start at vlans>vlansetup and add the needed vlans there (img1)
- on adding it will ask you which ports should belong to that vlan (img2), just tick all the ports that should be member of this vlan. Note that port1 which is my uplinkport, is member of vlan1 AND vlan30, so to become your "trunkport" make it member of all the vlans that you create.
- next go to vlan>vlan portconfig and configure the ports as needed (img3)
On my switch the first port is the port that has the uplink to the pfSense, so I only allow tagged vlan traffic on that one. All other ports use non tagged traffic so depending on which port you hook up a client it will be part of the one or the other vlan.
I hope this helps to get you started.
EDIT: Added img4 from the overview screen as it sums up the complete configuration quite nicely.
-
hoba,
I check it out tonight. I believe that the error I made was to leave the vlan aware checked for all of the ports.I assume that the uplink port can be any port as long as it is in all of the vlans and is tagged.
CaT -
Correct, you could make any port an uplink port. I just picked the first one for my config.
-
Well I got the vlans working on the procurve. I am still not quite sure what I had done wrong. Doesnt matter now. I only have one problem left. I changed the management vlan to my vlan 150 and changed the ip address to an address within that subnet outside of the dhcp. When I saved it I lost all connections of my vlans and couldn't access the web gui. i am going to try an recreate the problem tomorrow.
Any ideas.
Thanks
CaT -
Not really, maybe typo or whatever when applying the ip adress or the port that you try to access it is not member of that vlan. I hope you at least have a port being member of the management vlan ;)
-
I've tried that too. To avoid it i try not to use the default / fall back -port. The management vlan i set to a vlan that has no port assign to it. ;)
-
That's called out-of-band management. With in-band management/signalling stuff like blueboxing was possible…
-
The management vlan that I assigned the management to has 5 ports in it and I set the ip address to the same subnet. I am going to try it again tonight. I may have just made a typo. At least I have the configuration backup this time so I don't have to re input everything again.
At the moment I am running 15 vlans with pfsense on a Alix wrap box with everyone in their own subnet.
It is a cheap alternative for a small assisted living center that has thirteen apartments.
I believe I got this done for total of $350 US dollars. Not counting labor.
Second thought Does the management vlan need to be the same as the one the upload port is in.
Again thanks for everyones help. The next time I do this it will be a lot easier.
CaT
