Network Management

Hi

My name is Rob and this is my first time posting here. I'd like to say hi to everyone, and if this is not the place I should be posting this type of questions, please feel free to move it somewhere else. 

I have an Aruba 2530 24 port switch I need to configure. So far I managed to get around the syntax and I configured VLANs etc, although I came across some issues I hope somebody can help me resolve. 

Currently, I have 3 VLANs configured on my switch as shown on the screenshot below:



------------------------------
Rob McKay
------------------------------

As you only configured an IP address on VLAN3, Management network, you can only reach devices in VLAN3 from the switch. Both switches will need to have a different IP address in the same subnet, like 192.168.100.2 and 192.168.100.3 and you should be able to ping them if port 21 or 22 or the Trk is connected. As you don't have any routing outside that subnet, that is the only range you can reach.

If you want to reach other IPs, you will need to have a router/firewall or other 'layer-3' device, and you can use the ip default-gateway 192.168.100.1 command if that IP is the default gateway from your management network.

I tend to avoid the use of VLAN 1, as that is the default VLAN and unconfigured ports end up there. But it should work like this.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC.
------------------------------

Original Message:
Sent: Nov 23, 2020 10:43 AM
From: Rob McKay
Subject: N

Hi

My name is Rob and this is my first time posting here. I'd like to say hi to everyone, and if this is not the place I should be posting this type of questions, please feel free to move it somewhere else. 

I have an Aruba 2530 24 port switch I need to configure. So far I managed to get around the syntax and I configured VLANs etc, although I came across some issues I hope somebody can help me resolve. 

Currently, I have 3 VLANs configured on my switch as shown on the screenshot below:

Tagged port 21 is connected to another switch in the same room, tagged port 22 is not going to be used. Trk1 group has 2 ports (23, 24) which are supposed to be connected to another switch in another building.

I'm mainly concerned about the two switches in the same room at the moment. Those have the same exact configuration in terms of VLANs and ports- one should only be an extension of the other because devices connected to the VLANs I showed are going to be in different cabinets (each will have one of the Aruba switches fitted).

The problem starts pretty much as soon as I power one of them up. I'm trying to ping a device that is on the same vlan as the device I'm sending the ping from, and I get a 'request timed out' message every time I try to do so. Not sure what is causing it. I'm suspecting it might have something to do with the route entries:

I did not directly edit the above route entries, therefore they must've been there from the get go, or got updated as I was creating new VLANs. 

No VLANs are supposed to talk to each other (only devices on the same VLAN), and none of them should have access to the internet. The network itself is fairly small so far (around 8 devices connected across different VLANs). Those are pretty much the requirements I can't meet because I can't even ping devices on the same VLAN...

Please note I'm very new to this networking world. If there is any more information you require to help me with this problem, please ask!

Thanks a lot!

Regards
Rob

------------------------------
Rob McKay
------------------------------

Where are the clients connected.  For example for a device in whatever IP range will be in vlan 1, I assume you have them plugged into port 1-6 or 25-28 on both switches, correct?

You have 192.168.100.2 on this switch in vlan 3, so you can use that to test the connectivity between the switches.  What IP address do you have on the other switch......192.168.100.3 maybe?  Can you ping 192.168.100.3 from the 192.168.100.2 switch?

------------------------------
Adam Forsyth
------------------------------

Original Message:
Sent: Nov 23, 2020 10:43 AM
From: Rob McKay
Subject: N

Hi

My name is Rob and this is my first time posting here. I'd like to say hi to everyone, and if this is not the place I should be posting this type of questions, please feel free to move it somewhere else. 

I have an Aruba 2530 24 port switch I need to configure. So far I managed to get around the syntax and I configured VLANs etc, although I came across some issues I hope somebody can help me resolve. 

Currently, I have 3 VLANs configured on my switch as shown on the screenshot below:

Tagged port 21 is connected to another switch in the same room, tagged port 22 is not going to be used. Trk1 group has 2 ports (23, 24) which are supposed to be connected to another switch in another building.

I'm mainly concerned about the two switches in the same room at the moment. Those have the same exact configuration in terms of VLANs and ports- one should only be an extension of the other because devices connected to the VLANs I showed are going to be in different cabinets (each will have one of the Aruba switches fitted).

The problem starts pretty much as soon as I power one of them up. I'm trying to ping a device that is on the same vlan as the device I'm sending the ping from, and I get a 'request timed out' message every time I try to do so. Not sure what is causing it. I'm suspecting it might have something to do with the route entries:

I did not directly edit the above route entries, therefore they must've been there from the get go, or got updated as I was creating new VLANs. 

No VLANs are supposed to talk to each other (only devices on the same VLAN), and none of them should have access to the internet. The network itself is fairly small so far (around 8 devices connected across different VLANs). Those are pretty much the requirements I can't meet because I can't even ping devices on the same VLAN...

Please note I'm very new to this networking world. If there is any more information you require to help me with this problem, please ask!

Thanks a lot!

Regards
Rob

------------------------------
Rob McKay
------------------------------

Oops, I should have looked at the whole thread rather than just what was in the digest that came to my email.  I now see that I said some of the same things that Herman had already said.

------------------------------
Adam Forsyth
------------------------------

Original Message:
Sent: Nov 24, 2020 10:09 AM
From: Adam Forsyth
Subject: N

Where are the clients connected.  For example for a device in whatever IP range will be in vlan 1, I assume you have them plugged into port 1-6 or 25-28 on both switches, correct?

You have 192.168.100.2 on this switch in vlan 3, so you can use that to test the connectivity between the switches.  What IP address do you have on the other switch......192.168.100.3 maybe?  Can you ping 192.168.100.3 from the 192.168.100.2 switch?

------------------------------
Adam Forsyth

Original Message:
Sent: Nov 23, 2020 10:43 AM
From: Rob McKay
Subject: N

Hi

My name is Rob and this is my first time posting here. I'd like to say hi to everyone, and if this is not the place I should be posting this type of questions, please feel free to move it somewhere else. 

I have an Aruba 2530 24 port switch I need to configure. So far I managed to get around the syntax and I configured VLANs etc, although I came across some issues I hope somebody can help me resolve. 

Currently, I have 3 VLANs configured on my switch as shown on the screenshot below:

Tagged port 21 is connected to another switch in the same room, tagged port 22 is not going to be used. Trk1 group has 2 ports (23, 24) which are supposed to be connected to another switch in another building.

I'm mainly concerned about the two switches in the same room at the moment. Those have the same exact configuration in terms of VLANs and ports- one should only be an extension of the other because devices connected to the VLANs I showed are going to be in different cabinets (each will have one of the Aruba switches fitted).

The problem starts pretty much as soon as I power one of them up. I'm trying to ping a device that is on the same vlan as the device I'm sending the ping from, and I get a 'request timed out' message every time I try to do so. Not sure what is causing it. I'm suspecting it might have something to do with the route entries:

I did not directly edit the above route entries, therefore they must've been there from the get go, or got updated as I was creating new VLANs. 

No VLANs are supposed to talk to each other (only devices on the same VLAN), and none of them should have access to the internet. The network itself is fairly small so far (around 8 devices connected across different VLANs). Those are pretty much the requirements I can't meet because I can't even ping devices on the same VLAN...

Please note I'm very new to this networking world. If there is any more information you require to help me with this problem, please ask!

Thanks a lot!

Regards
Rob

------------------------------
Rob McKay
------------------------------

Hi! as Herman Robers wrote it's a matter of understanding who/where is the device which has the routing duties for your connected VLANs (If all three VLANs - VLAN 1, 2 and 3 - need to be segregated each others then, without going too deep with ACL on a Layer 3 switch, here we presume that you have some sort of Firewall/Router acting as Gateway for each VLAN).

Technically speaking - that's the primarily reason a VLAN exists - in the simple scenario of two (or more) switches interconnected together you have (and VLANs transported over the inter-link) then you can have, as example, two VLANs (say VLAN 100 and VLAN 200) without no associated IP address and clients that, within each one, are perfe ctly capable of reaching each others: say you have a VLAN unaware Host "1" (IP Address of Subnet/Mask "A") connected to a port which is untagged member of VLAN "A" (no IP Address) of the Switch "1" ...that host should be able to ping successfully another VLAN unaware Host "2" (IP Address of Subnet/Mask "A") connected to a port which is untagged member of VLAN "A" (no IP Address) of the Switch "2"...this is Switch "1" and "2" are interconnected with a link which, at both ends, has ports tagged (or eventually untagged, for the sake of this example) with VLAN "A".

VLAN "A" is transported from Switch "1" to "2" and vice-versa...hosts are connected to untagged ports members of VLAN "A"...the only necessary thing to have a ping working is that both hosts are properly IP addressed (say host "1" has IP 10.0.0.1/24 and host "2" has IP 10.0.0.2/24). They don't need to have a gateway configured to ping each others (nor they need the switches to have a gateway configured)...because both are "directly" connected on the very same VLAN id "A" and so involved switches know where host "1" and host "2" are connected (MAC <-> port binding). The same could be said of more complex scenarios.

------------------------------
Davide Poletto
------------------------------

Original Message:
Sent: Nov 23, 2020 10:43 AM
From: Rob McKay
Subject: N

Hi

My name is Rob and this is my first time posting here. I'd like to say hi to everyone, and if this is not the place I should be posting this type of questions, please feel free to move it somewhere else. 

I have an Aruba 2530 24 port switch I need to configure. So far I managed to get around the syntax and I configured VLANs etc, although I came across some issues I hope somebody can help me resolve. 

Currently, I have 3 VLANs configured on my switch as shown on the screenshot below:

Tagged port 21 is connected to another switch in the same room, tagged port 22 is not going to be used. Trk1 group has 2 ports (23, 24) which are supposed to be connected to another switch in another building.

I'm mainly concerned about the two switches in the same room at the moment. Those have the same exact configuration in terms of VLANs and ports- one should only be an extension of the other because devices connected to the VLANs I showed are going to be in different cabinets (each will have one of the Aruba switches fitted).

The problem starts pretty much as soon as I power one of them up. I'm trying to ping a device that is on the same vlan as the device I'm sending the ping from, and I get a 'request timed out' message every time I try to do so. Not sure what is causing it. I'm suspecting it might have something to do with the route entries:

I did not directly edit the above route entries, therefore they must've been there from the get go, or got updated as I was creating new VLANs. 

No VLANs are supposed to talk to each other (only devices on the same VLAN), and none of them should have access to the internet. The network itself is fairly small so far (around 8 devices connected across different VLANs). Those are pretty much the requirements I can't meet because I can't even ping devices on the same VLAN...

Please note I'm very new to this networking world. If there is any more information you require to help me with this problem, please ask!

Thanks a lot!

Regards
Rob

------------------------------
Rob McKay
------------------------------