Tuesday, October 9, 2018

Pala Alto and HP... Use to Cisco question =-)

Hey all.

I have a quick networking questions regarding a Pala Alto and HP stack setup. We just took on a new office and would like to change the network a tad. Here is out current setup

The pala alto was setup to be the FW and Router using a Router on a stick config. Which is ok but I would like to change it a bit.

Right now, they are using port 4 on the FW that connects to the HP stack. They are using 3 sub interfaces on the FW.

Port 4- 10.2.1.3/24, Port 4.11 10.2.3.1/24 Port 4.20 192.168.20.1/24.

The 10.2.1.0 subnet seems to be there native vlan 1 on the switch 10.2.1.1 and the port on the HP switch is not trucked. All the ports in the switch stack are untagged for vlan 1 besides two ports which are tagged for vlan 11 which is the offices wifi. These two ports or the uplinks for their APs. All devices in the office are just using the 10.2.1.0 subnet (laptops and phones). However, if something is one wireless there using the 10.2.3.0 subnet. They do have a local DHCP server that has scopes for the 10.2.1.0 and 10.2.3.0 subnets. The Palo Alto is also relaying dhcp for those sub interfaces.

The plan is to separate the phones and data. In testing I created a new sub interface 4.3 10.2.3.1/24 and gave it the same access rules as the rest of the sub interfaces. I also create a new scope on the dchp server. I can ping the new interface on the wifi and on 10.2.1.0 subnet so I know routing is good. I also tagged the port connecting to the dhcp sever for vlan 3 that I created on the switch. If I plug a computer into a test port I get the correct IP but if I plug a polycome phone in I get a weird IP and the phone doesn’t work. The phone system they are using is 8x8 which is cloud hosted. When I used the test laptop with the 10.2.3.X IP I can ping the public IPS for the phone system. 8x8 said I should needed to do anything else. My next step is to try to tag vlan 3 on the phone to see if it then picks up the right IP.

However… Should I trunck the ports connecting to the phones or just tag them? Should I trunk the port connecting to the DHCP server? Do I trunk the port connecting to the firewall? Most my networking experience is with cisco so I`m not sure of the difference with HP.

Thanks for any advice….

GA



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)