Just to start off with I am a Cisco guy that got placed into an HP project.
Basic topology overview from outside in:
- ASA 5505 with two Ethernet connections to a 2610 switch.
- This switch is then trunking* to a 2626 switch passing vlan 1 (untagged) and 100 (tagged) between them. (* - the Cisco definition of trunking rather than the HP definition of trunking)
- I created SVIs on each of the switches for both VLANs for testing purposes.
I cannot get vlan 100 to pass across this link. I also have trunks configured to APs connected to the switch and cannot ping the vlan 100 BVI on the APs but can reach the vlan 1 BVI.
- Port 25 on Access layer 2626 physically connects to port A1 of the Distribution layer 2610.
- STP is not running at all on any switch (this is not my network I can't change this nor did I design this)
Distribution Sw 2610:
MP1-0# show run
ip default-gateway 10.100.100.100
vlan 1
name "DATA"
untagged 1-22,24-A1,B1
ip address 10.100.100.6 255.255.255.0
no untagged 23
exit
vlan 100
name "GUEST"
untagged 23
tagged 24-A1
ip address 10.100.102.6 255.255.255.0
exit
Access Sw 2626:
ip default-gateway 10.100.100.100
vlan 1
name "DEFAULT_VLAN"
untagged 1-26
ip address 10.100.100.5 255.255.255.0
exit
vlan 100
name "GUEST"
ip address 10.100.102.5 255.255.255.0
tagged 15,25
exitt
From the ASA I can ping the vlan 100 SVI of the 2610 but not the 2626, i.e. it does not seem to be passing the "trunk" traffic
If I plug into an access port vlan 100 of the 2626 I can ping the SVI for vlan 100 as intended. I cannot ping across the "trunk" over vlan 100 but I can across vlan 1.
There may be something obvious I'm missing but please review my configuration and thank you for the assistance.
HP use 802.1q not ISL
I presume that you are using two physical ports on the ASA. Please confirm what device connects with which port to what device for all devices, or create a simple diagram.
As a blind guess, I would presume that you have the tagged and untagged ports incorrectly assigned. On a HP switch, everything is on VLAN 1 unless changed.
If you are using Cisco Access Points, make sure they are set to 802.1q not ISL.
I would highly suggest looking at this through the CLI menu system as it gives a matrix-like view of what's being tagged and where. I also would suggest not using VLAN1 as a vlan, just a personal preference but this has made things smoother for me in the past as VLANs on these switches can be quirky.
This link may help: http://www.skullbox.net/hp_procurve_vlan.php