Community Home > Discuss > Technology > Data Center > Re: inter-VLAN routing

Data Center

Reply
otroquecorre
New Contributor
otroquecorre

inter-VLAN routing

‎04-20-2018 07:04 AM

Hi folks,

 

I've recently adquired 2 aruba switches 3800 series model JL076A. I've stacked them and interconcted to HA FOrtinet 500D cluster. 

I've created some vlans in order to separate broadcast traffic between offices. 

I can ping all interfaces and hosts from the switch, but I've realized that the ping from 1 host on vlan SALES can't ping a host in vlan MARKETING.

 

172.50.1.5 - cluster Fortinet 500D (interfaces 1/47,1/48,2/47,2/48)


A pc connected to 1/9 with ip 172.50.0.2 is able to ping 172.50.0.1 but it can't ping a pc in port 1/15 with ip 172.50.1.2. both pcs have GW the ip of the switch (172.50.0.1 and 172.50.1.2 respectively)

 

Can anyone help me?

Here is the config.

 

 

 

Running configuration:

; hpStack_KB Configuration Editor; Created on release #KB.16.04.0008

stacking
   member 1 type "JL076A" mac-address ecebb8-xxxxxx
   member 1 flexible-module A type JL083A
   member 2 type "JL076A" mac-address ecebb8-xxxxxx
   member 2 flexible-module A type JL083A
   exit
hostname "Aruba-Stack"
trunk 1/37,1/39,2/37,2/39 trk2 lacp
trunk 1/38,1/40,2/38,2/40 trk3 lacp
ip default-gateway 172.50.1.5
ip routing
interface 1/47
   lacp active
   exit
interface 1/48
   lacp active
   exit
interface 2/47
   lacp active
   exit
interface 2/48
   lacp active
   exit
oobm
   ip address dhcp-bootp
   member 1
      ip address dhcp-bootp
      exit
   member 2
      ip address dhcp-bootp
      exit
   exit
vlan 1
   name "DEFAULT_VLAN"
   no untagged 1/1-1/36,1/41-1/48,1/A1-1/A4,2/1-2/36,2/41-2/48,2/A1-2/A4
   untagged Trk2-Trk3
   no ip address
   exit
vlan 100
   name "SALES"
   untagged 1/9,2/9
   ip address 172.50.0.1 255.255.255.0
   exit
vlan 101
   name "MARKETING"
   untagged 1/1-1/8,1/12-1/36,1/41-1/48,1/A1-1/A4,2/1-2/8,2/12-2/36,2/41-2/48,2/A1-2/A4
   ip address 172.50.1.1 255.255.255.0
   exit
vlan 111
   name "HHRR"
   untagged 1/10,2/10
   ip address 172.50.11.1 255.255.255.0
   exit
vlan 128
   name "MANAGERS"
   untagged 1/11,2/11
   ip address 172.50.28.1 255.255.255.0
   exit
primary-vlan 101
spanning-tree
spanning-tree Trk2 priority 4
spanning-tree Trk3 priority 4
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
password manager
password operator

 

Thanks

Alert a Moderator
Message 1 of 3
1,722 Views
Reply
0 Kudos
MVP
MVP
kevin_pm

Re: inter-VLAN routing

‎04-20-2018 07:24 AM - edited ‎04-20-2018 07:24 AM

I think you have to add routes between those two subnets in the Fortinet cluster since the routing is being handled by the FW.

I wonder if you could provide us with the routing table just to confirm this

 

HTH

Kevin

Alert a Moderator
Message 2 of 3
1,718 Views
Reply
0 Kudos
Highlighted
otroquecorre
New Contributor
otroquecorre

Re: inter-VLAN routing

‎04-20-2018 07:31 AM

The desired arquitecture design is to use the stack as a core Layer 3 switch with routing capacity.

So the traffic between departments is kept in the switch to avoid floadding the Fortis. Only especific traffic going to the internet will be sent to the gateway.

So the stack is in charge of interconnect the vlans.

But, why is not working??

Thanks
Alert a Moderator
Message 3 of 3
1,711 Views
Reply
0 Kudos
Search Airheads
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Related Solutions

  • No solutions within this category

© Copyright 2019 Hewlett Packard Enterprise Development LP
All Rights Reserved.
Powered by Lithium