Re: [Hampshire] HP ProCurve switch, VLAN configuration.

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MSteven Swann at <-
MJames Courtier-Dutton at ->

Reply to this message
Author: Steven Swann
Date:  
To: Hampshire LUG Discussion List
Subject: Re: [Hampshire] HP ProCurve switch, VLAN configuration.
Notes below, thanks again for the response... HLUG is much better than
the HP support forum :)

On 12/20/2011 05:15 PM, James Courtier-Dutton wrote:
> On 20 December 2011 16:06, Steven Swann<swannonline@???> wrote:
>> The user manuals can be found here:
>>
>> http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=64179&taskId=125&prodTypeId=12883&prodSeriesId=329892
>>
>> There are actually about 5 different manuals for each switch, getting
>> started, advance config, etc..
>>
>>
>>
>> On 12/20/2011 03:49 PM, James Courtier-Dutton wrote:
>>> I don't think they can do what you want.
>>> Give a link to an online manual for your particular switch and I could
>>> answer with 100% functionallity.
>>>
>>> The feature you need is a "firewall" feature, or access control lists.
>>> Routing and Switching will not help you.
>>>
>>> So, you start by having everyone able to ping each other, and then you
>>> add packet filters.
>>>
> I scanned the manuals. No packet filtering features there.
> 1) VLANs keep traffic separate from another VLAN.
> 2) IP Routing is used to pass traffic from one VLAN to another.
> 3) IP Packet filtering/firewall is used to prevent certain types of
> traffic from passing between a source and destination.
>
> Your device has 1 and 2, but not 3. So I don't think you can do what
> you need with just that switch.
> You can do 1 and 2, with 3 being a permit all.
> You could do it if you had a firewall that understands VLAN tags. You
> could plug the firewall into one of the trunk ports of the switch and
> use the firewall to provide 2 and 3, leaving the switch to just do 1.
>
We do need to do 3, but that can always come later. All we need at this
stage is 1&2 but I just can't seem to get it to work. Would a strict
routing table provide some of 3 since all VLANs are on independent subnets?
>
> Kind Regards
>
> James
>
> --
> Please post to: Hampshire@???
> Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
> LUG URL: http://www.hantslug.org.uk
> --------------------------------------------------------------


--
Please post to: Hampshire@???
Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL: http://www.hantslug.org.uk
--------------------------------------------------------------

This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-Re: [Hampshire] HP ProCurve switch, VLAN configuration.Re: [Hampshire] HP ProCurve switch, VLAN configuration.->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)