Solved: VLAN HP Switch with FMC 6.4

Gerald74 · ‎11-03-2020

Hi,

We want to replace old firewall with one new FTD 1140 device managed by FMC 6.4.0.

Our network has Switch HP Aruba 2530 with two VLANs (ex. VLAN110 and VLAN150).

We created a sub-interface ex. (interface 1/2.150) on FMC, but didn’t work, it doesn't communicate Switch with the FMC. How can we make work the actual VLANs with the FMC?

How can we create VLANs on FMC to work with HP Switch? I didn’t find anything related about this.....

big thank you

paul driver · ‎11-04-2020

Hello
On the aruba interface interconneting the FW this needs t be a trunk and then assign the that trunk to the vlans on the aruba

Example: Port 1/7 conect to FW.
trunk 1/7 trk 1

vlan110
untagged trk1

vlan150
tagged trk1

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Georg Pauwen · ‎11-04-2020

Hello,

how did you configure the subinterfaces ?

https://www.cisco.com/c/en/us/td/docs/security/firepower/650/configuration/guide/fpmc-config-guide-v65/regular_firewall_interfaces_for_firepower_threat_defense.html#id_86348

Gerald74 · ‎11-04-2020

thank you for your answer.

hier ist what I did.

Transparent mode should be.

balaji.bandi · ‎11-04-2020

On what port it was connected ? Do you have VLAN 110 and 150 on HP switch side ?

make sure port should be (Tagger port) - cisco world as Trunk ( that means allow all the VLAN)

https://higherlogicdownload.s3.amazonaws.com/HPE/MigratedAssets/VLAN%20and%20Link-Aggregation%20Interoperability%20ArubaOS-switch%20and%20Cisco%20IOS.pdf

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Gerald74 · ‎11-04-2020

yes, I have so:

FMC int 1/2 192.168.1.253 (inside) Default VLAN

subint 1/2.150 172.30.150.254 GW

VLAN150 Printers

Port 7 Switch HP and trunk1, I tied both. (cable directly connected)

paul driver · ‎11-04-2020

Hello

@Gerald74 wrote:

yes, I have so:

FMC int 1/2 192.168.1.253 (inside) Default VLAN

subint 1/2.150 172.30.150.254 GW

VLAN150 Printers

Port 7 Switch HP and trunk1, I tied both. (cable directly connected)

Okay based on the above, The FW has two ip subnets (physical interface and subinterface) of port 1/2 And that physical port of the FW is connected to the aruba switch on port 7 which is a trunk?

If so look at my previous post about creating a trunk on the aruba

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

paul driver · ‎11-04-2020

Hello
On the aruba interface interconneting the FW this needs t be a trunk and then assign the that trunk to the vlans on the aruba

Example: Port 1/7 conect to FW.
trunk 1/7 trk 1

vlan110
untagged trk1

vlan150
tagged trk1

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Gerald74 · ‎11-04-2020

Him Paul,

Thank you for your answer

PORT 8 on Switch is as Tunk1 (Default VLAN Untagged and VLAN150 Tagged)

Gerald74 · ‎11-04-2020

it was my mistake. The cable was in Port1. Now the cable is on Trunk1(Port8)

now it is all ok. Thank you very much BB and Paul.