On 12/20/2011 06:08 PM, James Courtier-Dutton wrote:
> On 20 December 2011 17:30, Steven Swann<swannonline@???> wrote:
>> Notes below, thanks again for the response... HLUG is much better than the
>> HP support forum :)
>>
>>
>> On 12/20/2011 05:15 PM, James Courtier-Dutton wrote:
>>> On 20 December 2011 16:06, Steven Swann<swannonline@???>
>>> wrote:
>>>> The user manuals can be found here:
>>>>
>>>>
>>>> http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=64179&taskId=125&prodTypeId=12883&prodSeriesId=329892
>>>>
>>>> There are actually about 5 different manuals for each switch, getting
>>>> started, advance config, etc..
>>>>
>>>>
>>>>
>>>> On 12/20/2011 03:49 PM, James Courtier-Dutton wrote:
>>>>> I don't think they can do what you want.
>>>>> Give a link to an online manual for your particular switch and I could
>>>>> answer with 100% functionallity.
>>>>>
>>>>> The feature you need is a "firewall" feature, or access control lists.
>>>>> Routing and Switching will not help you.
>>>>>
>>>>> So, you start by having everyone able to ping each other, and then you
>>>>> add packet filters.
>>>>>
>>> I scanned the manuals. No packet filtering features there.
>>> 1) VLANs keep traffic separate from another VLAN.
>>> 2) IP Routing is used to pass traffic from one VLAN to another.
>>> 3) IP Packet filtering/firewall is used to prevent certain types of
>>> traffic from passing between a source and destination.
>>>
>>> Your device has 1 and 2, but not 3. So I don't think you can do what
>>> you need with just that switch.
>>> You can do 1 and 2, with 3 being a permit all.
>>> You could do it if you had a firewall that understands VLAN tags. You
>>> could plug the firewall into one of the trunk ports of the switch and
>>> use the firewall to provide 2 and 3, leaving the switch to just do 1.
>>>
>> We do need to do 3, but that can always come later. All we need at this
>> stage is 1&2 but I just can't seem to get it to work. Would a strict routing
>> table provide some of 3 since all VLANs are on independent subnets?
> Oh, if all you need is 1&2 right now, just search the manual for
> "default route".
> Point the default route at the internet router and you should be good to go.
> I think that is all that is missing from the config you posted.
>
I tried that to no avail... I will have a play with it again at work
tomorrow and see how it goes. I'll let you know how successful I am.
Cheers for all your help guys :)
Steven
> --
> Please post to: Hampshire@???
> Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
> LUG URL: http://www.hantslug.org.uk
> --------------------------------------------------------------
--
Please post to: Hampshire@???
Web Interface:
https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL:
http://www.hantslug.org.uk
--------------------------------------------------------------
