Network Management

 View Only
last person joined: 2 days ago 

Keep an informative eye on your network with HPE Aruba Networking network management solutions
Expand all | Collapse all

CX6000 Internet Switch Configuration

This thread has been viewed 16 times
  • 1.  CX6000 Internet Switch Configuration

    Posted 30 days ago

    Hi hopefully I'm posting in the right place. We purchased a pair of CX6000 switches to connect our ISP connections to our firewalls. Currently we have Meraki Switches performing this task but are moving away from them. Anyway, we consoled into one of the Aruba switches and setup the switch essentially the same as the Meraki. The Internet port to the ISP and Firewall are on the same VLAN667 access port. We then tried to use VLAN502 as the management VLAN (this was how it was setup in Meraki) but have since moved the management back to VLAN1 as we aren't sure if the 6000 series supports Management Interface on other VLANs.

    From what I have seen what we are doing should be basic but we are unable to ping the internet, the firewall anything. We do see broadcasts from the interface associated with the Internet but it appears nothing is going back out that interface. Any type of ping from the switch goes no where "Network is unreachable". This is confirmed on the firewall as no packets are being recorded from the interface on the switch associated with VLAN1.

    So I'm wondering if what I'm attempting to do is possible and if so what could be we be missing. This may need to be a TAC case but I think what we are trying to do is so simple that something simple might just have been missed.

    Any help is appreciated.



  • 2.  RE: CX6000 Internet Switch Configuration

    Posted 30 days ago

    Hi,

    I've also made a few mistakes an my first CX6000 configuration. Maybe I can help.

    First, Management Interfaces on different VLANs is possible. This is our solution:

    interface vlan 123
        ip address 10.10.0.11/22

    Sometimes you have to add a default route to reach your device:

    ip route 0.0.0.0/0 10.10.0.1

    If you want a AccessPort with no additional VLANs transfered you can use this syntax:

    interface 1/1/2
        no shutdown
        vlan access 9

    If you want to transmit additional VLANs over one Interface use this syntax: (be aware that your native VLAN must be in the allowed list)

    interface 1/1/13
        no shutdown
        vlan trunk native 9
        vlan trunk allowed 9,200,123

    Hopefully I could help you,

    Regards




  • 3.  RE: CX6000 Internet Switch Configuration

    Posted 25 days ago

    Hi Stephan, 

    Thanks for you reply. We did do this so thanks for you confirmation. I found that the problem we were having was due to our redundancy. Traffic from our Aruba switch was being forwarded to our Meraki switch from our firewall since the Meraki still had the Mac address of our 2nd ISP that we were testing with. Once the Meraki was disconnected from the firewall traffic starting flowing through as designed. Now we just have to figure out what addresses the Aruba switches need to communicate with since the still aren't seen by Aruba Central.