Configure VLANs (133 Views)
Reply
Occasional Visitor
Martens.Dimi
Posts: 1
Registered: ‎05-06-2010
Message 1 of 2 (133 Views)

Configure VLANs

Hello,

I have a problem to configure my VLANs in the following senario:

Management VLAN: 6
Untrusted VLAN: 4
Trusted VLAN: 11
Trusted VLAN: 12
Trusted VLAN: 13
...

SW01 port 01 ------------ DNS Server port 1 (VLAN 6 Management LAN)
SW01 port 03 ------------ WEB-X Server port 1 (Untrusted VLAN 4 to Internet)
SW01 port 04 ------------ WEB-X Server port 2 (Trusted VLAN 11 to customer 1)
SW01 port 05 ------------ WEB-Y Server port 1 (Untrusted VLAN 4 to Internet)
SW01 port 06 ------------ WEB-Y Server port 2 (Trusted VLAN 12 to customer 2)
...
SW01 port 23 ------------ FW01 port 1 (UnTrusted)
SW01 port 24 ------------ FW01 port 2 (Trusted)

WEB-X on VLAN11 and WEB-Y on VLAN12 need to be able to contact the DNS Server on port 1 which is on VLAN 6. The DNS Server is allowed to talk to all Trusted VLAN (6, 11, 12, 13, ...). The WEB-X and WEB-Y are not allowed to contact eachother over the network at any time.

How can I implement this with VLAN tagging on a 1810-24G? The firewall on port 23 and 24 is VLAN aware but not configure for VLANs.

Thank you for your help!
Honored Contributor
Pieter 't Hart
Posts: 1,984
Registered: ‎09-04-2002
Message 2 of 2 (133 Views)

Re: Configure VLANs

- VLAN's are used to separate traffic.
- Normal practice is to map each VLAN to a separate IP-subnet.
- You need a router to forward traffic between subnets.
- (afaik) the 1810 does not function as a router.

=> so you'll need an external device, make this aware of all vlan's and set this up to route between the vlan's.

Best option seems to configure your fiewall to forward traffic between vlan's.

Another option is to make the NIC's on your servers vlan aware (depending on your network driver), bassically hereby adding an interface for each VLAN.
But then again you must do something extra to NOT make WEB-X and WEB-Y talk to eachother directly.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.