14 Replies Latest reply on Jun 1, 2012 1:12 PM by bcrinehart

    Can't get network access when native vlan is 1

    dlbdlb New Member

      I have a NetVanta 1224ST configured with 3 vlans. 1 for servers 101 for users 102 for phones. Our servers are directly connected to an HP ProCurve and untagged on vlan 1. The 1224ST is connect via port 24 to port A1 on the HP. All ports on the 1224ST are set to switchport mode trunk. All are native to 101 except port 24, it doesn't have a native. I'm trying to set port 1 to native vlan 1 but when I do so, I have no access to the LAN. VLAN 1 and 102 are currently set to 'no ip address' and 'shutdown'. When I give them an ip address and do no shutdown, vlan 101 shuts down. Can I only have one vlan with an ip address? And what am I doing wrong to set port 1 to default to the server vlan?

       

      dlb

        • Re: Can't get network access when native vlan is 1
          mkreikemeier New Member

          The 1224ST is a Layer 2 switch so there will only be 1 VLAN interface with an IP address active. This is the IP address used to manage the switch.

           

          If your 3 VLANs are on different subnets you will need a layer 3 switch or a router to route traffic between the VLANs/subnets. VLAN 101 is 10.10.1.0/24. What are the subnets for VLAN 1 and VLAN 102?

           

          The native VLAN on port eth 0/24 is 1, it does not show up in the config since it is the default.

           

          Reference Configuring InterVLAN Routing in AOS - Quick Configuration Guide for a good explanation of VLANs & how to route between them.

           

          https://supportforums.adtran.com/servlet/JiveServlet/downloadBody/2281-102-1-2410/Configuring%20InterVLAN%20Routing%20in%20AOS%20-%20Quick%20Configuration%20Guide.pdf

          1 of 1 people found this helpful
            • Re: Can't get network access when native vlan is 1
              dlbdlb New Member

              VLAN 1 is 10.1.10.0/24

              VLAN 102 is 10.10.2.0/24

               

              I do have a router connected to the HP Switch. It's actually a SonicWALL NSA 2400. When I'm native to vlan 101, I can access hosts on all three vlans. But for some reason, when I'm native to vlan 1, I can't see the router. If I plug into a port on the HP switch, I can attach to vlan 1, can see the router and get an IP address from the DHCP server.

               

              dlb

            • Re: Can't get network access when native vlan is 1
              bcrinehart Past_Featured_Member

              Adtran treats VLAN 1 as the native VLAN on its switches. Even if you assign another VLAN (ie 101, 102) to a switchport, you should leave VLAN 1 as the native VLAN unless you have a very specific reason for changing it.

               

              When you configure an interface as a trunk, it allows traffic from all VLANs (if you configure it). It will not tag traffic. You wrote that the servers on the HP are not tagged. When the traffic from the servers traverses the trunk, on what VLAN do you want that traffic to appear?

               

              New Member is correct, you need an L3 switch or a network router to route traffic between VLANs.

              1 of 1 people found this helpful
                • Re: Can't get network access when native vlan is 1
                  dlbdlb New Member

                  Sorry for the late response. Got stuck in some meetings yesterday.

                   

                  If I attach a server to the switch, I'd like it to traverse vlan 1. If I have a user attached to the switch I want them to traverse vlan 101.

                   

                  HP switches are a little different than most. You can't set them to trunk mode like you do on Adtran's. With HP you have three options for each vlan: No, Tagged or Untagged. Since my servers are vlan unaware, I have them in ports assigned as untagged for vlan 1. Same thing for any user pc attached, they are untagged for vlan 101.

                   

                  When I try setting port 1 as an access port for vlan 1, I still can't get it to see the lan. I'm at a loss.

                    • Re: Can't get network access when native vlan is 1
                      bcrinehart Past_Featured_Member

                      Tagged ports are VLAN ports. VLANs work by adding tag info to the data packet.

                      I've not configured an HP switch for several years. I have configured quite a few N-TRON industrial switches to work with Adtran VLANs. N-TRON provides similary options.

                       

                      If HP is allowing you to specify tagged or untagged, then they probably allow you to specify a default or private ID for each port. If you tag the data coming in on a port with ID #1, then it will reside on VLAN 1. If you tag the data coming in on a port with ID #101 then it will reside on VLAN 101.

                       

                      Any ports that are on the same VLAN can communicate across one or more switches.

                       

                      Untagged ports on the HP switch are probably the same as Adtran trunks. A trunk port allows all traffic to pass through the port. Untagged ports typically behave the same way UNLESS they remove the tags from the data packets. You may have to investigate your HP documentation further.

                       

                      You can conduct a simple test. Set up VLAN 101 on a port on the HP switch and on a port on the Adtran switch. Configure a trunk port on the Adtran switch and connect it via a patch cable to an untagged port on the HP switch. See if data traverses the two switches and devices connected to VLAN 101 on each switch can communicate. If data crosses the connection then you've successfull set up a trunk.

                       

                      To test further, set up VLAN 1 on a port on the HP switch and on a port on the Adtran switch. Leave VLAN 101 configured. Connected devices to these two ports and see if they can communicate. If they can then you can be assured that you have a trunk connection between the HP and the Adtran.

                       

                      In order to allow traffic to pass from VLAN to VLAN, you will need a level 3 (L3) switch or a router. I can't help you with the Sonic Wall.

                      1 of 1 people found this helpful
                  • Re: Can't get network access when native vlan is 1
                    bcrinehart Past_Featured_Member

                    One thing that I just noticed is that you have all of your ports on the 1224ST set to mode trunk. If you are connected devices, PCs, servers, printers, etc. to those ports then they should be set to mode access. Further, the access should be assigned to the VLAN that you want them to use.

                     

                    When data leaves a PC or server, it is not tagged. The switch tags the data with the VLAN ID assigned to the port. If the port is set to mode trunk, the data will not be tagged and it will probably die somewhere in route.

                    1 of 1 people found this helpful