Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1114
Views
0
Helpful
2
Replies

correct way to create 'outside' VLAN??

tommls
Level 1
Level 1

‎01-25-2011 02:07 PM - edited ‎03-04-2019 11:12 AM

On our HP switches we have an 'Outside' VLAN where any device connected to these VLAN ports can use the ISP's 'outside' IP addressing for direct Internet access to bypass our firewall. We use this for videoconferencing devices.

What is the correct way to do this on a Cisco

Presently I have ports 1-4 in vlan 50 Outside as 'untagged,' and the same ports as 'forbidden' in vlan 1 Default.

Is this the correct configuration?? In HP switches these ports in vlan 1 Default would be configured 'No' and 'tagged' in vlan 50 Outside...

Tried talking to Cisco but their phone support is not working...

Thank you, Tom

Labels:
0 Helpful
2 Replies 2

Dale Miller
Cisco Employee
Cisco Employee

‎02-01-2011 10:56 AM

Thomas,

I assume you want to configure a trunk on the Cisco device to support both the forbidden and outside VLAN to the same server. This can be easily accomplished configuring a dot1q trunk and pruning it to allow only VLAN 1 and 50. You have the ability to configure the native vlan (untagged) to match your current implementation.

If you can tell me what Cisco device(s) in question I can provide documenation to assist.

Thanks,
Dale

0 Helpful

tommls
Level 1
Level 1
In response to Dale Miller

‎02-01-2011 11:07 AM

Hmmm...I know HP and Cisco have different definitions of 'trunk.'

I need 4 ports on an SFP-300-48 switch to have devices connected to them which use ISP-assigned IP, gateway, etc. to directly go out to the Internet.

No internal traffic whatsoever to these ports, only inbound and outbound traffic to the videoconferencing hardware on these ports.

On these 4 ports no vlan 1 traffic is needed or wanted, we want vlan 50 completely separate and we want no vlan50 traffic mingling with vlan1 traffic.

Why is this so difficult to explain??

vlan50 ports are already untagged, they are 'forbidden' for vlan1, I finally got cisco support and they said configure them to 'access' not 'trunk,' initial testing seemed not to work but the SFP-300-48 is presently not in the patch panel room...

each port goes to a different videoconferencing hardware with its own IP from the ISP, uses the ISP-supplied gateway, the ISP's DNS

In our HP switches these ports in vlan 1 Default are configured 'No' and 'untagged' in vlan 50 Outside.

Thank you, Tom

0 Helpful
Customers Also Viewed These Support Documents