VLAN Question: Best way to set this up?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

ript73

Thread Starter
Joined
Mar 14, 2011
Messages
3
Hello all. Been reading up on VLANs as I've never messed with them. I've attached our network diagram. The reason for 2 internet connections is they are in different buildings and it's a separate company, however they still need to communicate with each other over the LAN.

My question is, what is the best way to set this up?

Thanks for your time!
 

Attachments

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,482
What router/gateway do you plan to use to route traffic between the two subnets you have (192.168.1.0/24 and 192.168.32.0/22)? Do you already have VLANs set up on your network?
 

ript73

Thread Starter
Joined
Mar 14, 2011
Messages
3
Thanks for the reply. I currently plan to use the top 5406zl switch as the main router. I currently do not have any VLANs setup anywhere on the network.

Thanks!
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,482
So you'll need two VLANs. One for the 192.168.1.0 network and one for the 192.168.32.0 network. You can set the VLAN IDs as 1 and 32. But it can be anything you want to make it up to the limitation of the switch in how it supports 802.1Q. You also may want to set up the VLAN configuration on all the other switches to allow network expansion flexibility. But you'll need to set up trunks going back up to your "core"/"central routing 5406 switch.

On the routing 5406, you'll need to set up two VLAN interfaces and assign an IP to them on the subnet which corresponds to the VLAN you are configuring. For example, if you are setting up a VLAN interface on VLAN 1, you assign this interface a valid IP on 192.168.1.0/24. The final step would be to set up a static route on the Sonic Firewalls to point to the VLAN interfaces on the 5406 as the gateway to get to the other network.
 

ript73

Thread Starter
Joined
Mar 14, 2011
Messages
3
I've started to configure some things and have not got it working quite yet. Below are the configs for the 2 main switches. The first is our main routing switch. Thanks for your help!

Running configuration:

; J8697A Configuration Editor; Created on release #K.13.68

hostname "ProCurve Switch 5406zl"
module 1 type J8702A
module 2 type J8702A
module 3 type J8705A
module 4 type J8705A
module 5 type J8705A
interface B6
speed-duplex auto-10-100
exit
interface B10
speed-duplex auto-10-100
exit
ip default-gateway 192.168.35.50
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged A1-A24,B1-B24,C1-C20,C22-C24,D1-D24,E1-E24
ip address 192.168.32.1 255.255.252.0
no untagged C21
exit
vlan 100
name "VLAN100"
untagged C21
ip helper-address 192.168.1.2
ip address 192.168.1.252 255.255.255.0
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-HDx sensitivity high
fault-finder duplex-mismatch-FDx sensitivity high
no ip ssh
snmp-server community "public" Unrestricted
snmp-server host 192.168.35.23 "public"
snmp-server host 192.168.35.33 "public"
snmp-server host 192.168.35.34 "public"
snmp-server contact "IT Department" location "Server Room"

Running configuration:

; J8697A Configuration Editor; Created on release #K.14.41

hostname "ProCurve Switch 5406zl"
module 1 type J8702A
module 2 type J8702A
module 3 type J8705A
vlan 1
name "DEFAULT_VLAN"
untagged A1-A24,B1-B24,C1-C21,C23-C24
no untagged C22
no ip address
exit
vlan 100
name "VLAN100"
untagged C22
ip address 192.168.1.254 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 192.168.1.1
snmp-server community "public" unrestricted
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,482
I don't understand what you need now. Are you looking for configuration validation?
 
Joined
Mar 23, 2011
Messages
121
Nice diagram.

My training and experience is on Cisco gear but this looks similar enough I'll put my 2 cents in here.

I see from your config you have defined VLAN 1 to the 192.168.32.0/22 network and VLAN 100 to the 192.168.1.0/24 network. If I read this right, command line
untagged A1-A24,B1-B24,C1-C20,C22-C24,D1-D24,E1-E24
.. is saying interfaces, among others, A1 through A24 are in VLAN 1. From your diagram you should have interface A5 assigned to VLAN 1 and you should have ports A1, A2, A3 and A4 assigned to VLAN 100. All I see on VLAN 100 is interface C21.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top