So, I was supposed to buy an Enterprise firewall, but my budget was cut significantly. My supplier offered me a HP 1920-48G switch (supposedly a full layer-3 switch). I now have to get my private LAN(s) to route the internet with this device (so far, without success).
INTERNET PRESENTATION:
ISP provided on a VLAN (442) with a /30 subnet: x.y.z.0 [ GW: x.y.z.1/30 Usable IP: x.y.z.2]
If I connect a PC directly to the ISP switch (IP: x.y.z.2 , GW: x.y.x.1), I connect to the internet and browse fine.
HP 1920:
I have created 3 VLANs ( 10= Internal_1, 20= Internal_2, 442= INTERNET)
VLAN 442: Interface IP: x.y.x.2 (tagged to PORT 48). ISP confirm they can ping this address.
VLAN 10: Port 1-12 (untagged), Port 48 (tagged), Interface IP – 10.10.10.254/24
VLAN 20: Port 13-24 (untagged), Port 48 (tagged), Interface IP – 10.10.20.254/24
- IPv4 Routing Table is default
- VLAN 10 devices can access devices on VLAN 20 (vice-versa)
- All devices on VLANs 10 & 20 can ping VLAN 442 interface (x.y.x.254)
- No devices (on all VLANs) cab ping the internet gateway [VLAN 442] (x.y.z.1)
- No devices on any VLAN can access the internet vis VLAN 442
Please help me get both internal networks to route to the internet via VLAN 442