On 12/20/2011 06:08 PM, James Courtier-Dutton wrote:
On 20 December 2011 17:30, Steven Swann<swannonl...@googlemail.com> wrote:
Notes below, thanks again for the response... HLUG is much better than the
HP support forum :)
On 12/20/2011 05:15 PM, James Courtier-Dutton wrote:
On 20 December 2011 16:06, Steven Swann<swannonl...@googlemail.com>
wrote:
The user manuals can be found here:
http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=64179&taskId=125&prodTypeId=12883&prodSeriesId=329892
There are actually about 5 different manuals for each switch, getting
started, advance config, etc..
On 12/20/2011 03:49 PM, James Courtier-Dutton wrote:
I don't think they can do what you want.
Give a link to an online manual for your particular switch and I could
answer with 100% functionallity.
The feature you need is a "firewall" feature, or access control lists.
Routing and Switching will not help you.
So, you start by having everyone able to ping each other, and then you
add packet filters.
I scanned the manuals. No packet filtering features there.
1) VLANs keep traffic separate from another VLAN.
2) IP Routing is used to pass traffic from one VLAN to another.
3) IP Packet filtering/firewall is used to prevent certain types of
traffic from passing between a source and destination.
Your device has 1 and 2, but not 3. So I don't think you can do what
you need with just that switch.
You can do 1 and 2, with 3 being a permit all.
You could do it if you had a firewall that understands VLAN tags. You
could plug the firewall into one of the trunk ports of the switch and
use the firewall to provide 2 and 3, leaving the switch to just do 1.
We do need to do 3, but that can always come later. All we need at this
stage is 1&2 but I just can't seem to get it to work. Would a strict routing
table provide some of 3 since all VLANs are on independent subnets?
Oh, if all you need is 1&2 right now, just search the manual for
"default route".
Point the default route at the internet router and you should be good to go.
I think that is all that is missing from the config you posted.
I tried that to no avail... I will have a play with it again at work
tomorrow and see how it goes. I'll let you know how successful I am.
Cheers for all your help guys :)
Steven
--
Please post to: Hampshire@mailman.lug.org.uk
Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL: http://www.hantslug.org.uk
--------------------------------------------------------------
--
Please post to: Hampshire@mailman.lug.org.uk
Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL: http://www.hantslug.org.uk
--------------------------------------------------------------
