> Смотрите ту жедезку, которая эти влан-ы роутит.Роутящие эти вланы железки hp procurve 8206zl (конфиг одной из них ниже), никаких ограничений на vlan 2 опять же не стоит, аксесс лист "wifii-list" ограничивает только vlan 30, из него никуда, кроме как до днс и и в интернет, но вот почему из остальных подсетей я не могу никак достучаться именно до адресов других коммутаторов hp procurve для меня остается загадкой...
8206zl-main# sh run
Running configuration:
; J9477A Configuration Editor; Created on release #K.14.65
hostname "8206zl-main"
ip access-list extended "wifii-list"
20 permit udp 10.84.252.0 0.0.0.255 10.84.250.3 0.0.0.0 eq 53
30 permit tcp 10.84.252.0 0.0.0.255 10.84.250.3 0.0.0.0 eq 53
40 permit tcp 10.84.252.0 0.0.0.255 10.84.250.2 0.0.0.0 eq 53
50 permit udp 10.84.252.0 0.0.0.255 10.84.250.2 0.0.0.0 eq 53
70 deny ip 10.84.252.0 0.0.0.255 10.84.250.0 0.0.0.255
80 deny ip 10.84.252.0 0.0.0.255 10.84.254.0 0.0.0.255
90 deny ip 10.84.252.0 0.0.0.255 192.168.1.0 0.0.0.255
100 deny ip 10.84.252.0 0.0.0.255 192.168.10.0 0.0.0.15
110 permit ip 10.84.252.0 0.0.0.255 0.0.0.0 255.255.255.255
exit
module 1 type J9154A
module 2 type J8706A
module 4 type J9309A
module 5 type J8702A
module 6 type J8702A
trunk E21-E24 Trk2 Trunk
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged A1,B2,B4,B6,B8-B24,D1-D3,E1-E9,E11-E20,F9-F18,F20
ip address 192.168.0.125 255.255.255.0
no untagged A2,B1,B3,B5,B7,D4,E10,F1-F8,F19,F21-F24,Trk2
exit
vlan 10
name "Servers"
ip address 10.84.250.1 255.255.255.0
tagged B1,B3,B5,B7,D4,F1,Trk2
exit
vlan 20
name "Staff"
ip helper-address 10.84.250.2
ip address 10.84.254.1 255.255.255.0
tagged B1,B3,B5,B7,D4,F1
exit
vlan 30
name "Guest_WIFI"
ip helper-address 192.168.1.254
ip address 10.84.252.1 255.255.255.0
tagged B1,B3,B5,B7,D4,E10,F1
ip access-group "wifii-list" in
exit
vlan 2
name "Management"
untagged A2,B1,B3,B5,B7,D4,E10,F1-F8,F19,F21,Trk2
ip address 192.168.1.1 255.255.255.0
exit
vlan 40
name "Internet"
untagged F23-F24
ip address 192.168.10.1 255.255.255.240
tagged D4
exit
include-credentials
password manager ..............
ip route 0.0.0.0 0.0.0.0 192.168.10.3
router vrrp
snmp-server community "public" unrestricted
snmp-server host 192.168.1.254 community "public"
snmpv3 engineid "00:00:00:0b:00:00:c0:91:34:4a:c7:00"
spanning-tree
spanning-tree Trk2 priority 4
spanning-tree priority 1 force-version rstp-operation
vlan 2
vrrp vrid 1
owner
virtual-ip-address 192.168.1.1 255.255.255.0
priority 255
enable
exit
exit
vlan 10
vrrp vrid 1
owner
virtual-ip-address 10.84.250.1 255.255.255.0
priority 255
enable
exit
exit
vlan 20
vrrp vrid 1
owner
virtual-ip-address 10.84.254.1 255.255.255.0
priority 255
enable
exit
exit
vlan 30
vrrp vrid 1
owner
virtual-ip-address 10.84.252.1 255.255.255.0
priority 255
enable
exit
exit
vlan 40
vrrp vrid 1
owner
virtual-ip-address 192.168.10.1 255.255.255.240
priority 255
enable
exit
exit
no autorun