Wireless Access

Reply
Highlighted
Frequent Contributor II

RAP wired port Trunking issue

So I am working on a RAP155 and I have my port configuration profile all set up. I am trunking six VLANs across it for testing and it works. The trunked port on the RAP155 is connected to a trunked port on an old Cisco 3750 and and I can break out the VLANs onto different access ports and can ping back to the controller and even have Internet access through the tunnel. Happy happy joy joy!

 

The problem is that there is cross VLAN communication and I don't want that. So I go into each VLAN IP INTERFACE configuration on the controller and DISABLE Inter-VLAN Routing (you know, UN-check the little box) and yet I can still ping across VLANs. Not cool.

 

Side note, all of the VLANs in question "live" on the controller

 

Anyone have any insight?

 

Thanks!

 

.

Scott McNeil - Sr. Network & Security Engineer, Global Process Automation
Network+ | CWNA | CWTS | ACSP | ACMP | ACMA | BREC
Guru Elite

Re: RAP wired port Trunking issue

No Inter VLAN Routing, means that that client cannot use the ip interface of the controller to route traffic to other subnets.  If the client's default gateway is not the controller, that enforcement will not take place.

 

This was designed to protect against clients changing their default gateway to a controller ip interface in order to circumvent traditional routing.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Frequent Contributor II

Re: RAP wired port Trunking issue

Hey CJ, to clarify, I am using the controller IPs of these vlans for the gateways for the test clients. There is no DHCP, everything has to be set statically.

 

That's why I thought disabling inter vlan routing would stop the cross vlan communication. Yet, it is still happening. See my confusion?

Scott McNeil - Sr. Network & Security Engineer, Global Process Automation
Network+ | CWNA | CWTS | ACSP | ACMP | ACMA | BREC
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: