Original Message:
Sent: Feb 02, 2023 06:17 AM
From: amanar
Subject: OSPF IN VSF MODE
I wanted to thank you for your previous response regarding the configuration of the Aruba switches. Thanks to your advice, I was able to successfully configure OSPF after several searches yesterday(I only tried with VLAN 40 and 41 ).
However, I still have a problem. All the VLANs I created on the VSF switch (2 Aruba 5400R zl2) cannot access the Internet, except for the Manager VLAN 40. I am not sure if the problem comes from the switch configuration or the Fortinet firewall.
I would be very grateful if you could take a look at the Aruba switch configuration to check if there is a problem. If everything is fine on the Aruba side, I will focus on the Fortinet firewall configuration.
Thank you in advance for your assistance.
Best regards,
Show Running-Config
vsf
enable domain 1
member 1
type "J9850A" mac-address f860f0-f8af00
priority 130
link 1 1/C1,1/D1
link 1 name "I-Link1_1"
exit
member 2
type "J9850A" mac-address f860f0-f86000
priority 128
link 1 2/C1,2/D1
link 1 name "I-Link2_1"
exit
port-speed 40g
exit
trunk 1/C2,2/C2 trk1 lacp
trunk 1/D2,2/D2 trk2 lacp
trunk 1/A1,2/A1 trk3 trunk (TO Fortinet Firewall)
ip router-id 1.1.1.1
ip routing
snmp-server community "public" unrestricted
oobm
ip address dhcp-bootp
vsf member 1
ip address dhcp-bootp
exit
vsf member 2
ip address dhcp-bootp
exit
exit
router ospf
area backbone
enable
exit
vlan 1
name "DEFAULT_VLAN"
no untagged Trk1-Trk2
untagged 1/A3-1/A8,2/A2-2/A8,Trk3
tagged 1/A2
ip address dhcp-bootp
ipv6 enable
ipv6 address dhcp full
exit
vlan 40
name "Admin"
tagged Trk1-Trk3
ip address 172.17.40.1 255.255.255.0
ip ospf 172.17.40.1 area backbone
exit
vlan 41
name "Teleaffichage"
tagged Trk1-Trk3
ip address 172.17.41.1 255.255.255.0
ip ospf 172.17.41.1 area backbone
exit
vlan 42
name "Teledistribution"
tagged Trk1-Trk3
ip address 172.17.42.1 255.255.255.0
exit
vlan 43
name "WIFI"
tagged Trk1-Trk3
ip address 172.17.43.1 255.255.255.0
exit
spanning-tree Trk1 priority 4
spanning-tree Trk2 priority 4
spanning-tree Trk3 priority 4
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
no allow-v2-modules
IP Route Entries
Destination Gateway VLAN Type Sub-Type Metric Dist.
------------------ --------------- ---- --------- ---------- ---------- -----
0.0.0.0/0 172.17.40.250 40 ospf External2 10 110
0.0.0.0/0 172.17.41.250 41 ospf External2 10 110
127.0.0.0/8 reject static 0 0
127.0.0.1/32 lo0 connected 1 0
172.17.40.0/24 Admin 40 connected 1 0
172.17.41.0/24 Teleaffichage 41 connected 1 0
Original Message:
Sent: Feb 01, 2023 01:19 PM
From: parnassus
Subject: OSPF IN VSF MODE
Yes, it's possible to configure OSPF on VSF (2 Aruba 5400R zl2)...are you following Aruba documentation to learn what commands to use on ArubaOS-Switch or what?
No, ArubaOS-Switch operating system (used on switch like Aruba 5400R zl2) doesn't support the concept of assigning an IP to a physical interface (or to a logical one like LAG) but you can configure a particular VLAN Id membership to an interface and the assign an IP to that particular VLAN (that way you overcome the above limitation: you can use that approach, as example, to create a P2P connectivity with a dedicated Transit VLAN between two Routing Switch or between a Routing Switch and a Firewall).
Original Message:
Sent: 2/1/2023 4:22:00 AM
From: amanar
Subject: OSPF IN VSF MODE
Hello, I apologize if I'm not in the right place to ask this question. I would be very grateful if you could assist me.
I am reaching out for assistance with configuring OSPF between (two firewall) and (two Aruba 5406R zl2 that are connected in VSF mode). When I try to activate OSPF by entering "router OSPF 1" or "router-id", I receive an error message "invalid input". Additionally, I am facing issues assigning an IP address to a port.
I would greatly appreciate if you could answer the following questions:
1)Is it possible to activate OSPF on a VSF?
2)Is it possible to assign an IP address to a port on a VSF?
Thank you in advance for your help.