hi all

i have hp layer 3 switch with those configuration:
ip routing
vlan 1
name "DEFAULT_VLAN"
no untagged 1-48
no ip address
exit
vlan 100
name "core"
untagged 3-13
ip address 192.168.138.1 255.255.255.0
tagged 16
exit
vlan 101
name "linux"
untagged 2,14-31
ip helper-address 192.168.138.101
ip address 192.168.112.1 255.255.252.0
exit
vlan 102
name "windows"
untagged 32-45
ip helper-address 192.168.138.101
ip address 192.168.116.1 255.255.252.0
exit
vlan 110
name "install"
untagged 46-48
ip helper-address 192.168.138.101
ip address 10.10.4.1 255.255.252.0
tagged 18
exit
power-over-ethernet pre-std-detect
ip route 0.0.0.0 0.0.0.0 10.158.160.42
ip route 10.230.8.35 255.255.255.255 192.168.112.252


i have perfect routes between all the vlans, ny problem is with 1 leg that connected to some firewall of some comapny and give as access to some server.
ip of the server is 10.230.8.35, one leg of the router are connected to our layer3 switch, and the leg that connected to the firewall have ip 192.168.112.252(ip from vlan101).
so i write thise static route: ip route 10.230.8.35 255.255.255.255 192.168.112.252

now vlan 101=192.168.112.1/22 and vlan 102=192.168.116.1/22
have route and ping to the server that behind the firewall but vlan100=192.168.138.1/24 have no route to the server 10.230.8.35.
whats wrong? inside the lan there is route between all vlans, but i can access to the remote server just from 2 vlans and not from 1 vlan?
i think its becouse the 2 vlan that working have subnet 22(255.255.252.0)
and the vlan that not working have differnet subnet 24(255.255.255.0),
thats the only reason that i could think.

what wrong with my routing, why one vlan are blocked?

thanks you very much, its very urgent for our company.

Your config looks fine, probably its "some firewall of some company" that doesnt have a route to your vlan 100 / 192.168.138.1/24 to handle the return traffic.

_________________
som om sinnet hade svartnat för evigt.

thanks on the replay

from the "some company" there is no ping to me and i dont have ping to them, the details help you with something?
in the "some comapny" firewall the put this ip 192.168.112.252 on the leg that goes to our layer3 switch.

how there is route to 2 different vlans and to thare other vlan there is no access?
you have any idea?


thanks

they are all connected so the HP switch will route between them, I still think the problem lies in the firewall.

_________________
som om sinnet hade svartnat för evigt.