Greetings all, I have a 620 and trying to get a cable modem attached to the uplink to get internet, but no dice for some reason.
I used the following as a reference:
but still a bit stuck. VLAN 20 isn't pulling an IP for some reason.
My observations and questions:
(Cocoa-620) #show ip interface briefInterface IP Address / IP Netmask Admin Protocolvlan 1 172.16.0.254 / 255.255.255.0 up up vlan 20 unassigned / unassigned up upvlan 100 10.1.100.254 / 255.255.255.0 up up vlan 200 10.1.200.254 / 255.255.255.0 up up loopback unassigned / unassigned up up mgmt unassigned / unassigned down downDHCP is enabled on VLAN(s) 20
// ----------------------------------------- //
(Cocoa-620) #show ip routeCodes: C - connected, O - OSPF, R - RIP, S - static M - mgmt, U - route usable, * - candidate defaultGateway of last resort is Imported from DHCP to network 0.0.0.0 at cost 10Gateway of last resort is Imported from CELL to network 0.0.0.0 at cost 10Gateway of last resort is Imported from PPPOE to network 0.0.0.0 at cost 10C 172.16.0.0 is directly connected, VLAN1C 10.1.100.0 is directly connected, VLAN100C 10.1.200.0 is directly connected, VLAN200
If the cable modem is plugged directly into port 8, then the port should be access vlan 20, not trunk.
Some cable modems remember only the last device that plugged into them and need to be rebooted to accept a new device. Try rebooting.
HUH! OK, so if you notice, in the 1/7 port config, "Firewall Policy" section, "uplink-firewall" was selected. Once I removed that, it picked up a public IP address from the cable modem!
(Cocoa-620) #show ip interface briefInterface IP Address / IP Netmask Admin Protocolvlan 100 10.1.100.254 / 255.255.255.0 up up vlan 1 172.16.0.254 / 255.255.255.0 up downvlan 20 22.214.171.124 / 255.255.240.0 up up vlan 200 10.1.200.254 / 255.255.255.0 up up loopback unassigned / unassigned up up mgmt unassigned / unassigned down downDHCP is enabled on VLAN(s) 20
A few more questions before (hopefully) success:
(Cocoa-620) (config) #ip default-gateway import% Incomplete command.
(Cocoa-620) (config) #dns-server import ^% Invalid input detected at '^' marker.
Another data point:
I am able to resolve DNS and ping out to 'clock.redhat.com' from the console, but cannot do either from any clients that were given DHCP addresses by the controller - wired, or wireless (should be the same, they are on the same VLAN with same DHCP rules).
@cjoseph wrote:What is the role of those clients? Do you have IP Nat inside on your client VLAN?
I did not have Source NAT enabled for any of the VLAN interfaces. Assuming this needs to be enabled for all private VLANs, including the uplink VLAN? Good call!
I owe you a beer if you are ever in Durham, NC. My employee WLAN works perfectly, now need to tackle the Guest with captive portal.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.