We have a flat all out layer two network which consisted of only one vlan in the range of 192.168.x.x /24. We have installed some IAP's and three new S2500 switches. All clients and pc's connect to this range and has a default gateway which is a sonic wall that lets them go to the internet.
I have two new SSID's that i need to create for guests and for students. For these two SSID's i am assigning different addresses via DHCP from my new S2500 switches. Each SSID has its own subnet which differs from the origional one. I would like to have these subnets be able to reach the default gateway in the 192.168.x.x range. (The other two ranges are 172.168.4.x and 172.168.8.x)
Will i be able to add static routes on the vlan's that will piont to the default gateway in the 192.168.x.x range or do i have to setup routing on my switches?
As with Cisco is there a special command that i need to run to enable layer 3 on the switch?
You will need to configure routing. There is no command to enable it like on a Cisco. I assume the gateway of the clients is the S2500? If so, do a show ip route. Do all the routes show up on the switch?
On the SonicWall, you would need to set static routes and possibly alter the NAT configuration for the internet. The static routes for the 172 networks should point to the 192.168.x.x interface ON THE S2500 as the next hop!!! This is important because the S2500 will know about all three networks as well as the default gateway. So...if a client is trying to get to 18.104.22.168 on the internet, they will point to their gateway (assuming it's the S2500). The S2500 will see the destination and say "I don't have that in my routing table so I'll use my default route" which is the SonicWall.
Once at the SonicWall, it will then forward it (and NAT) the traffic to the internet! Now...on the return path, the Sonicwall will see the destination pointing to the 172.168 network. IF it doesn't see a static route, it will then send it back out on the Internet and it will die. So...on the Sonicwall, you need to define a static route for 172.168.x.x pointing to the S2500 with a next hop of 192.168.x.x replacing x.x with the actual IP interface on the S2500. Once at the S2500, it already knows about the 172.168 network so it will send it to the client.
Hope this helps!
Thanks for the detailed response.
Just one more quick question, is there anyway that i can make this work without introducing routing into my network?
Yes...you do. No way around it. It isn't a big deal to enable it and once you play around with it, there are SO many benefits.
I would add that if your Sonicwall can support a dot1q trunk and multiple IP interfaces, you could just enable routing there and just trunking on the switch side.
Can someone tell me how to configue the default route on the s2500?
On my Cisco it would be:
ip route 0.0.0.0 0.0.0.0 10.255.254.1 <- Next hop IP
On Aruba, I thought it would be
(Router1) (ip-profile) # route 0.0.0.0 0.0.0.0 10.255.254.1
However, I get the following error:
ERROR: Mask Cannot be zero
How do I set the quad zero route?
I believe you need to use the default-gateway command instead.
(EDGE-S1500) (ip-profile) #default-gateway 10.255.254.1
My default gateway is different than the next hop IP address. I'm not sure how it would learn the route to an external network if all it has is the internal IP of my default gateway which happens to be (10.99.0.1) the IP on interface VLAN 1.
Can you explain how that would work?
Do I need to change the default-gateway to be the same as the IP on the VLAN I assigned to my routing interface?
Thanks for your help,
Does the switch have a routed interface in the 10.255.254.0 space?
Yes. That is the routed VLAN.
I use vlan 20 with 10.255.254.99 /24 as the routed vlan.
My content filter is at 10.255.254.1 /24
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.