2 VLAN's sharing 1 Gateway

mcobbs1234 · ‎08-08-2012

I have read through these forums, and have yet to find an answer to my scenario.

I have 2 VLAN's set up, but my Cisco WLC cannot reach the internet.

VLAN 10 Tagged is Cisco WLC 4402-50 Series assigning DHCP of 172.16.0.x / 255.255.252.0 (Public Wifi)

VLAN 1 Untagged is Windows Server assigning out DHCP of 10.1.1.x / 255.255.255.0 (Private LAN)

All of my switches are Layer 2 (Dell PowerConnect 5224) with the exception of 1 HP ProCurve 4104GL Layer 3.

My firewall/gateway is set to 10.1.1.8, and cannot be trunked, tagged, and cannot accept the 252 subnet.

I need to somehow get my 172.16.0.x range to access the internet via 10.1.1.8

I have enabled and disabled IP Routing on the ProCurve, but it is not forwarding my traffic to the gateway.

Is this possible? My Cisco Wireless network can ping the HP ProCurve on 172.16.0.2, but can't get past there.

I need 2 VLAN's to share one Internet Gateway that cannot be VLAN'd. Is this possible on the WLC 4400 or HP Switch?

Or must I buy a new gateway.

Thanks

Aaron Ratcliffe · ‎08-09-2012

Hi Mark,

It’s impossible to share the 10.1.1.8 gateway on the 172.16 subnet directly,

If im understanding your topology correctly,

You need a gateway on the 172.16 subnet that can route between vlans, is it possible (is not already) on your current topology to make a 172.16 interface (Vlan int or loopback of some sort) on the layer 3 switch then a default route from there to the 10.1.1.18 gateway?

So basically the 172.16.0.2 becomes the default gateway for that subnet then a default route to

10.1.1.8 witch is configured on the layer 3 switch.

Hope this helps

mcobbs1234 · ‎08-09-2012

Thanks Aaron,

I have attempted this, but so far unsuccessful. Currently I have 172.16.0.2 as the gateway configured on my WLC, and my wireless can successfully see the switch. I then have 10.1.1.8 configured as the default gateway on the HP Switch. I have tried IP Routing, and an IP Helper Address, but so far, I can't get that to work. If someone knows the HP Switches, I would appreciate some tips, most of the commands seem the same as Cisco, so even if you tell me how to do it on a Cisco switch, I might be able to get it working on the HP.

Aaron Ratcliffe · ‎08-09-2012

why don't you set up the layer 3 switch for inter vlan routing ? this is best practice . then a default route to your firewall .

the reason it's failing now is you are missing a route, the firewall has no route back to the 172 network .

Sent from Cisco Technical Support Android App

mcobbs1234 · ‎08-09-2012

OK, I'll have to give this a try. so I need =

ip route 0.0.0.0 0.0.0.0 10.1.1.8

but then I also need =

ip route 10.1.1.8 0.0.0.0 172.16.0.2 ????

Or does that just open up my 10. to access my 172.

Aaron Ratcliffe · ‎08-09-2012

If it were me i would enable the layer 3 switch for inter vlan routing ,

config on l3 switch :

ip routing

interface Vlan1

description WIFI-VLAN

ip address 10.1.1.1 255.255.255.0

ip helper-address *DHCP SERVER*

!

interface Vlan10

description PrivVLAN

ip address 172.16.0.2 255.255.252.0

ip helper-address *DHCP SERVER*

ip route 0.0.0.0 0.0.0.0 10.1.1.8

then the default gateways on all devices as there vlan interface address (Above), this will result in the layer 3 switch routing between the vlans , the default route for the rest of the traffic is to the internet gateway.