Wireless Access

last person joined: 21 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Static routes

This thread has been viewed 15 times

  • 1.  Static routes

    Posted Dec 11, 2013 10:05 AM

    Good day,

     

    We have a flat all out layer two network which consisted of only one vlan in the range of 192.168.x.x /24. We have installed some IAP's and three new S2500 switches. All clients and pc's connect to this range and has a default gateway which is a sonic wall that lets them go to the internet.

     

    I have two new SSID's that i need to create for guests and for students. For these two SSID's i am assigning different addresses via DHCP from my new S2500 switches. Each SSID has its own subnet which differs from the origional one. I would like to have these subnets be able to reach the default gateway in the 192.168.x.x range. (The other two ranges are 172.168.4.x and 172.168.8.x)

     

    Will i be able to add static routes on the vlan's that will piont to the default gateway in the 192.168.x.x range or do i have to setup routing on my switches? 

    As with Cisco is there a special command that i need to run to enable layer 3 on the switch?

     

    Thanks



  • 2.  RE: Static routes

    EMPLOYEE
    Posted Dec 11, 2013 10:13 AM

    You will need to configure routing. There is no command to enable it like on a Cisco. I assume the gateway of the clients is the S2500?  If so, do a show ip route.  Do all the routes show up on the switch?  

     

    On the SonicWall, you would need to set static routes and possibly alter the NAT configuration for the internet.  The static routes for the 172 networks should point to the 192.168.x.x interface ON THE S2500 as the next hop!!!  This is important because the S2500 will know about all three networks as well as the default gateway.  So...if a client is trying to get to 4.2.2.2 on the internet, they will point to their gateway (assuming it's the S2500).  The S2500 will see the destination and say "I don't have that in my routing table so I'll use my default route" which is the SonicWall.  

     

    Once at the SonicWall, it will then forward it (and NAT) the traffic to the internet!  Now...on the return path, the Sonicwall will see the destination pointing to the 172.168 network.  IF it doesn't see a static route, it will then send it back out on the Internet and it will die.  So...on the Sonicwall, you need to define a static route for 172.168.x.x pointing to the S2500 with a next hop of 192.168.x.x replacing x.x with the actual IP interface on the S2500.  Once at the S2500, it already knows about the 172.168 network so it will send it to the client.

     

    Hope this helps!



  • 3.  RE: Static routes

    Posted Dec 11, 2013 10:20 AM

    Hi Seth,

     

    Thanks for the detailed response.

    Just one more quick question, is there anyway that i can make this work without introducing routing into my network?



  • 4.  RE: Static routes

    EMPLOYEE
    Posted Dec 11, 2013 10:28 AM

    Yes...you do.  No way around it.  It isn't a big deal to enable it and once you play around with it, there are SO many benefits.



  • 5.  RE: Static routes

    EMPLOYEE
    Posted Dec 11, 2013 10:34 AM

    I would add that if your Sonicwall can support a dot1q trunk and multiple IP interfaces, you could just enable routing there and just trunking on the switch side.

     

    Best regards,

     

    Madani



  • 6.  RE: Static routes

    Posted Dec 11, 2013 12:44 PM
    Just a quick word of warning on the Cisco. depending on how you have deployed the Cisco, the model and so on (for example if you have the "ip default-gateway x.x.x."' command in your configuration) you may have to enter these two commands:

    ip routing
    ip route 0.0.0.0 0.0.0.0 {whatever you default gateway probably was}

    This can catch some people out sometimes. But you probably won't need to, just thought I'd mention.


  • 7.  RE: Static routes

    Posted Apr 02, 2014 04:42 PM

    Can someone tell me how to configue the default route on the s2500?

     

    On my Cisco it would be:

    ip route 0.0.0.0 0.0.0.0 10.255.254.1 <- Next hop IP

     

    On Aruba, I thought it would be

    (Router1) (ip-profile) # route 0.0.0.0 0.0.0.0 10.255.254.1

     

    However, I get the following error:

    ERROR: Mask Cannot be zero

     

    How do I set the quad zero route?



  • 8.  RE: Static routes

    EMPLOYEE
    Posted Apr 02, 2014 05:04 PM

    I believe you need to use the default-gateway command instead.

     

    (EDGE-S1500) (ip-profile) #default-gateway 10.255.254.1

     



  • 9.  RE: Static routes

    Posted Apr 02, 2014 05:22 PM

    My default gateway is different than the next hop IP address. I'm not sure how it would learn the route to an external network if all it has is the internal IP of my default gateway which happens to be (10.99.0.1) the IP on interface VLAN 1.

     

    Can you explain how that would work?

     

    Do I need to change the default-gateway to be the same as the IP on the VLAN I assigned to my routing interface?

     

    Thanks for your help,



  • 10.  RE: Static routes

    EMPLOYEE
    Posted Apr 02, 2014 05:28 PM

    Does the switch have a routed interface in the 10.255.254.0 space?



  • 11.  RE: Static routes

    Posted Apr 02, 2014 07:27 PM

    Yes. That is the routed VLAN.

     

    I use vlan 20 with 10.255.254.99 /24 as the routed vlan.

    My content filter is at 10.255.254.1 /24