How to configure Promiscuous Port on SG250-08?

p6steve · ‎08-19-2020

Hi

I am new to VLANs. My objective is to configure a single SG250-08 to serve multiple tenants (4) in a shared building, to setup each with a private VLAN and provide all a connection to a shared Internet access router (DSL).

Physically I plan to dedicate port GE1 to the Router connection and then (e.g.) port GE2 on VLAN 200 to tenant '2', GE3 on VLAN 300 to tenant '3' and so on.

My problem and desire to solve all at the Level2 is similar to this previous post (https://community.cisco.com/t5/small-business-switches/linking-two-sg300-in-a-pvlan-context/m-p/2600986#M14065).

But when I try to find where to configure GE1 as a "promiscuous" port, I et something like switchport mode private-vlan promiscuous bad parameter value (I have tried finding this setting in the web interface - advanced mode).

All of the attempts I have made seem to fail on getting inbound packets routed to the originating VLAN to enable Internet connections (or successful DHCP). Please note that my basic Vodafone DSL router does not support VLAN tagging.

I am happy to be advised on the simplest way to setup Cisco Small Business routers to do this kind of thing - perhaps I need a SG350?

p6steve · ‎08-19-2020

Also - I would like to have each tenant connect their own router/firewall device "below" the VLAN switch so that they can parcel out private IP addresses as they wish. Ideally the "up" port on their router (ie the one that connects to my SG250) would be given an IP address from the DHCP server on my access router (but this would be a single address pool as the router does not support multiple pools). I had hoped that DHCP Relay would do this job.