Wired Intelligent Edge

last person joined: 19 hours ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

No ping gateway Aruba 2930M-24G

This thread has been viewed 8 times
  • 1.  No ping gateway Aruba 2930M-24G

    Posted Sep 27, 2021 09:00 AM
    Hello,

    I have a very big problem, the gateway of all vlan is off (no ping, not un arp...), when I connect a client directly in firewall : ping ok, arp ok, internet ok.
    When I plug ma switch on this, no ping, no arp...

    My config : (test on port 1/4 in supervision vlan, no ping and arp on my gateway 172.16.40.2).
    Thx for your help :)
    Running configuration:
    
    ; hpStack_WC Configuration Editor; Created on release #WC.16.08.0001
    ; Ver #14:07.6f.f8.1d.9b.3f.bf.bb.ef.7c.59.fc.6b.fb.9f.fc.ff.ff.37.ef:24
    
    stacking
       member 1 type "JL319A" mac-address 94f128-028940
       member 1 priority 250
       member 2 type "JL319A" mac-address 94f128-02a980
       exit
    hostname "JBE-LT-0"
    trunk 1/24,2/24 trk1 lacp
    trunk 1/21,2/21 trk2 lacp
    timesync ntp
    ntp unicast
    ntp server 134.214.100.6
    ntp server 172.16.60.1
    ntp enable
    no telnet-server
    ip default-gateway 172.16.40.2
    interface 1/9
       name "vers ESX2"
       exit
    interface 1/10
       name "vers ESX2"
       exit
    interface 1/11
       name "vers iDRAC ESX2"
       exit
    interface 1/13
       name "vers ESX1"
       exit
    interface 1/14
       name "vers ESX1"
       exit
    interface 1/15
       name "vers ESX1"
       exit
    interface 1/16
       name "vers iDRAC ESX1"
       exit
    interface 1/17
       name "vers LTP1-1 port 1/26"
       exit
    interface 1/18
       name "vers LTP2-1 port 1/26"
       exit
    interface 1/21
       name "vers LTP-1-POE port 1/25"
       exit
    interface 1/22
       name "vers LT2-1-POE port 1/26"
       exit
    interface 1/23
       name "vers LT3-1-POE port 1/26"
       exit
    interface 1/24
       name "vers LT1-1-POE port 1/26"
       exit
    interface 2/9
       name "vers ESX2"
       exit
    interface 2/10
       name "vers ESX2"
       exit
    interface 2/13
       name "vers ESX1"
       exit
    interface 2/14
       name "vers ESX1"
       exit
    interface 2/15
       name "vers ESX1"
       exit
    interface 2/17
       name "vers LTP3-1 port 1/26"
       exit
    interface 2/21
       name "vers LTP-1-POE port 2/25"
       exit
    interface 2/24
       name "vers LT1-1-POE port 2/26"
       exit
    snmp-server community "public" unrestricted
    snmp-server host 172.16.40.100 community "JBER01"
    oobm
       ip address dhcp-bootp
       member 1
          ip address dhcp-bootp
          exit
       member 2
          ip address dhcp-bootp
          exit
       exit
    vlan 1
       name "DEFAULT_VLAN"
       untagged 1/1-1/20,1/22-1/23,2/1-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 2
       name "ADMINISTRATIF"
       tagged 1/9-1/20,1/22-1/23,2/9-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 3
       name "PEDAGOGIQUE"
       tagged 1/9-1/20,1/22-1/23,2/9-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 4
       name "WIFI-TAB"
       tagged 1/9-1/20,1/22-1/23,2/9-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 5
       name "WIFI-JBEPUBLIC"
       tagged 1/3,1/9-1/20,1/22-1/23,2/3,2/9-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 6
       name "MAITRE"
       tagged 1/2,1/9-1/20,1/22-1/23,2/2,2/9-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 7
       name "DNS"
       tagged 1/9-1/20,1/22-1/23,2/9-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 10
       name "LIBBELLULE"
       tagged 1/1,1/9-1/20,1/22-1/23,2/9-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 80
       name "VOIX"
       tagged 1/9-1/20,1/22-1/23,2/9-2/20,2/22-2/23,Trk1-Trk2
       no ip address
       exit
    vlan 99
       name "SUPERVISION"
       tagged 1/9-1/20,1/22-1/23,2/9-2/20,2/22-2/23,Trk1-Trk2
       ip address 172.16.40.10 255.255.255.0
       exit
    spanning-tree
    spanning-tree Trk1 priority 4
    spanning-tree Trk2 priority 4
    spanning-tree root primary priority 0 force-version rstp-operation
    no tftp server
    no autorun
    no dhcp config-file-update
    no dhcp image-file-update
    no dhcp tr69-acs-url
    password manager
    
    


    ------------------------------
    Gaël Robert
    ------------------------------


  • 2.  RE: No ping gateway Aruba 2930M-24G

    Posted Sep 27, 2021 09:15 AM
    Your test client is plugged in to port 1/4 which is on VLAN1, not the SUPERVISION vlan.  You mentioned a firewall, is that connected to this switch?  Which switch port is it connected to and what vlans are configured on the firewall?  When you're pinging from your test client are you attempting to ping the switch or the firewall?

    ------------------------------
    David King
    ------------------------------



  • 3.  RE: No ping gateway Aruba 2930M-24G

    Posted Sep 27, 2021 10:54 AM
    Hi, from the configuration you posted your Aruba 2930M backplane stack has only the (default) VLAN 1 - with no IP address configured - configured and IP Routing is not enabled, it means that you stack is/must be connected to some "other device" acting as the IP Router for your network and this "interconnection" is performing at Layer 2 level (so there should be an uplink interface to that "other device" carrying necessary/required VLAN).

    Given that, the Routing and the VLAN membership are managed by this "other device"...the only thing we can understand is that the Next Hop Gateway for this switch is 172.16.40.2 ("ip default-gateway 172.16.40.2" <- Your Firewall?) but the Switch itself HAS NO (compatible) IP address configured on that VLAN 1.

    I'm under the impression that few bits were lost in setting this up or that the whole picture (picture we can't guess) is a little bit more complex and require details you didn't gave us...at the point that you can't simply just connect a Switch to an existing network/firewall and to hope it works "as-is".

    ------------------------------
    Davide Poletto
    ------------------------------