Data Center

Reply
New Contributor

inter-VLAN routing

Hi folks,

 

I've recently adquired 2 aruba switches 3800 series model JL076A. I've stacked them and interconcted to HA FOrtinet 500D cluster. 

I've created some vlans in order to separate broadcast traffic between offices. 

I can ping all interfaces and hosts from the switch, but I've realized that the ping from 1 host on vlan SALES can't ping a host in vlan MARKETING.

 

172.50.1.5 - cluster Fortinet 500D (interfaces 1/47,1/48,2/47,2/48)


A pc connected to 1/9 with ip 172.50.0.2 is able to ping 172.50.0.1 but it can't ping a pc in port 1/15 with ip 172.50.1.2. both pcs have GW the ip of the switch (172.50.0.1 and 172.50.1.2 respectively)

 

Can anyone help me?

Here is the config.

 

 

 

Running configuration:

; hpStack_KB Configuration Editor; Created on release #KB.16.04.0008

stacking
   member 1 type "JL076A" mac-address ecebb8-xxxxxx
   member 1 flexible-module A type JL083A
   member 2 type "JL076A" mac-address ecebb8-xxxxxx
   member 2 flexible-module A type JL083A
   exit
hostname "Aruba-Stack"
trunk 1/37,1/39,2/37,2/39 trk2 lacp
trunk 1/38,1/40,2/38,2/40 trk3 lacp
ip default-gateway 172.50.1.5
ip routing
interface 1/47
   lacp active
   exit
interface 1/48
   lacp active
   exit
interface 2/47
   lacp active
   exit
interface 2/48
   lacp active
   exit
oobm
   ip address dhcp-bootp
   member 1
      ip address dhcp-bootp
      exit
   member 2
      ip address dhcp-bootp
      exit
   exit
vlan 1
   name "DEFAULT_VLAN"
   no untagged 1/1-1/36,1/41-1/48,1/A1-1/A4,2/1-2/36,2/41-2/48,2/A1-2/A4
   untagged Trk2-Trk3
   no ip address
   exit
vlan 100
   name "SALES"
   untagged 1/9,2/9
   ip address 172.50.0.1 255.255.255.0
   exit
vlan 101
   name "MARKETING"
   untagged 1/1-1/8,1/12-1/36,1/41-1/48,1/A1-1/A4,2/1-2/8,2/12-2/36,2/41-2/48,2/A1-2/A4
   ip address 172.50.1.1 255.255.255.0
   exit
vlan 111
   name "HHRR"
   untagged 1/10,2/10
   ip address 172.50.11.1 255.255.255.0
   exit
vlan 128
   name "MANAGERS"
   untagged 1/11,2/11
   ip address 172.50.28.1 255.255.255.0
   exit
primary-vlan 101
spanning-tree
spanning-tree Trk2 priority 4
spanning-tree Trk3 priority 4
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator

 

Thanks

Frequent Contributor I

Re: inter-VLAN routing

I think you have to add routes between those two subnets in the Fortinet cluster since the routing is being handled by the FW.

I wonder if you could provide us with the routing table just to confirm this

 

HTH

Kevin

New Contributor

Re: inter-VLAN routing

The desired arquitecture design is to use the stack as a core Layer 3 switch with routing capacity.

So the traffic between departments is kept in the switch to avoid floadding the Fortis. Only especific traffic going to the internet will be sent to the gateway.

So the stack is in charge of interconnect the vlans.

But, why is not working??

Thanks
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: