I'm currently configuring a network switch (an HP procurve-8212) from scratch. To start off, I'm trying to configure a simple LAN and WAN connection. I have an Internet provider that provides me with a Gateway I can use for WAN access.
So I'm a bit confused about some basic concepts here concerning the IP address of the switch itself. So, obviously, the switch itself requires an IP address if it is to be accessed by other devices on the network (apart from direct serial connection). Now, it's easy to set an IP address for the switch, but it's not clear to me whether the IP address of the switch is supposed to be an internal LAN address, like 10.0.0.1 or something, or an external WAN IP address that is within the range of static IPs that was assigned to me by my Internet provider. Or thirdly, if I need to configure multiple VLANs, one for LAN and one for WAN – or perhaps all of the above are possible but there are different tradeoffs/security implications.
So to simply experiment with a basic configuration, I assigned the switch a LAN address of 10.0.0.1 and gave a subnet mask of 255.0.0.0 for a /8 network covering 10.0.0.0 to 10.255.255.255. (I'll change this all later, but I'm just trying to experiment with a basic configuration.) And I give the switch a Gateway address provided by my ISP. All of this is part of a single default VLAN.
This works on the LAN side. I configure all devices attached to the switch with a static IP, and now all devices can ping the switch, and also ping each other.
However, I'm unable to get WAN access working. My understanding is that the switch should be configured to use the Gateway provided by my ISP, and then any device attached to the switch should use the address of the switch itself as the Gateway. (Again, later I'll add an intermediate firewall, but for now I'm just experimenting with a basic configuration.)
So my understanding is that, given an arbitrary computer attached to the switch, if I statically assign a LAN IP to that computer, and then configure that computer to use the LAN IP address of the switch as its Gateway, then the computer should be able to access the Internet (since the switch is its Gateway, and the switch's Gateway is the Gateway provided by the ISP.)
However, I'm not able to ping any actual Internet addresses from a computer attached to the switch. (I don't have DNS working yet, but I obtain the IP address of google.com from my smartphone and then try to ping that, and it doesn't work.)
Again, I'm able to ping the IP address of the switch (which is a LAN IP), and I can also ping any IP address over the LAN, but I cannot access the Internet from any device connecting to the switch.
So, there are multiple points of confusion here, so it's difficult for me to distill this into a single coherent question, but my best attempt at doing so would be:
-
Should the IP address of the switch be a LAN or WAN address (or
what are the implications of doing either), and how should the
switch be configured so that any device connected to the switch can
access the Internet? -
Does my question itself indicate I am missing some key concept
here? I suspect I am probably missing a key concept here,
(perhaps I need to specify routing rules or a default route?) but
since I don't know what that concept is, it's hard to formulate a
specific question about it.
Best Answer
Yes. You are dealing with a switch: it's not a router. You can use a L2 which for
A L3 switch like HP Procurve 8212 is additionally capable to
But you can't use it as a gateway here, as it wouldn't do network address translation (NAT) between public and private networks. Your router is supposed to do that.