On 20 December 2011 17:30, Steven Swann <[email protected]> wrote: > Notes below, thanks again for the response... HLUG is much better than the > HP support forum :) > > > On 12/20/2011 05:15 PM, James Courtier-Dutton wrote: >> >> On 20 December 2011 16:06, Steven Swann<[email protected]> >> wrote: >>> >>> The user manuals can be found here: >>> >>> >>> http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=64179&taskId=125&prodTypeId=12883&prodSeriesId=329892 >>> >>> There are actually about 5 different manuals for each switch, getting >>> started, advance config, etc.. >>> >>> >>> >>> On 12/20/2011 03:49 PM, James Courtier-Dutton wrote: >>>> >>>> I don't think they can do what you want. >>>> Give a link to an online manual for your particular switch and I could >>>> answer with 100% functionallity. >>>> >>>> The feature you need is a "firewall" feature, or access control lists. >>>> Routing and Switching will not help you. >>>> >>>> So, you start by having everyone able to ping each other, and then you >>>> add packet filters. >>>> >> I scanned the manuals. No packet filtering features there. >> 1) VLANs keep traffic separate from another VLAN. >> 2) IP Routing is used to pass traffic from one VLAN to another. >> 3) IP Packet filtering/firewall is used to prevent certain types of >> traffic from passing between a source and destination. >> >> Your device has 1 and 2, but not 3. So I don't think you can do what >> you need with just that switch. >> You can do 1 and 2, with 3 being a permit all. >> You could do it if you had a firewall that understands VLAN tags. You >> could plug the firewall into one of the trunk ports of the switch and >> use the firewall to provide 2 and 3, leaving the switch to just do 1. >> > We do need to do 3, but that can always come later. All we need at this > stage is 1&2 but I just can't seem to get it to work. Would a strict routing > table provide some of 3 since all VLANs are on independent subnets? >>
Oh, if all you need is 1&2 right now, just search the manual for "default route". Point the default route at the internet router and you should be good to go. I think that is all that is missing from the config you posted. -- Please post to: [email protected] Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --------------------------------------------------------------
