11-17-2004 04:04 PM - edited 03-09-2019 09:29 AM
Hello. I would like to configure a private vlan (PVLAN) to use an internal FWSM (6509) as a router. I understand that the FWSM uses 6 "ports" with which it speaks to the sup720, question is What is the port that I could set to promiscous mode?
As an example, if I were using an MSFC to route, I would set 16/1 to promiscous.
12-04-2004 09:49 PM
Could you elaborate. What do you mean by setting a port in promiscous mode? I dont think these ports are configurable.
thanks
Nadeem
02-15-2005 04:07 AM
Hi,
I have a similar query regarding Private Vlans and FWSM.
My understanding is that when creating PVlans you assign a Primary Vlan eg. 100 and associate secondary Pvlans to it, either community or isolated.
In order to enable out of Vlan access you need to define either physical Layer 2 ports as promiscous (as these should connect to Routers), or Layer 3 Vlan Ports.
This works fine for a switch with MSFC or in my instance a Sup720.
But can you do it with an onboard FWSM?
These have 6 virtual ports based on slot inserted, mine for example is in slot 3 and it shows as 3/1, 3/2, 3/3, 3/4, 3/5, 3/6 (I found this while implementing qos and a "show mls qos").
But in running config these interfaces do not appear.
Can you assign FWSM virtual ports as promiscous, or is FWSM incompatible with Private Vlans?
Many thanks!
02-18-2005 03:43 PM
Hi,
Sorry - one of the limitations of FWSM virtual interfaces is that you cannot use it with PVLANs
You can use MSFC or a external firewall or layer 3 device.
02-21-2005 09:10 AM
The usage of private vlans is not yet supported
with FWSM but is planned for release with version 3.1 of the FWSM software - information from Cisco TAC.
02-22-2005 01:31 AM
Cheers Guys!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide