cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
980
Views
1
Helpful
8
Replies

Can`t make SVI or port promiscuous in NX-OS

BertiniB
Level 1
Level 1

Hello,

I am trying to do a lab in CML for my studies in Private VLANs, and I can`t seem to make the SVI or the interface eth5/1 act as a promiscuous port. I am using a 9000v NX-OS. The community and isolated ports work fine, but they can`t reach the SVI or the eth5/1 configured as promiscuous.

Topology

BertiniB_0-1691549782382.png

Running-Config

!Command: show running-config
!Running configuration last done at: Wed Aug 9 02:32:53 2023
!Time: Wed Aug 9 02:46:47 2023

version 10.3(1) Bios:version
hostname N9K
vdc N9K id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

feature private-vlan
feature interface-vlan

no password strength-check
username admin password xxx
role network-admin
username cisco password xxx
role network-admin
username cisco passphrase lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
copp profile strict
snmp-server user admin network-admin auth md5 xxx
F7 priv aes-128 xxx localizedV2key
snmp-server user cisco network-admin auth md5 xxx
F9 priv aes-xxx localizedV2key
rmon event 1 log trap public description FATAL(1) owner xxx
rmon event 2 log trap public description CRITICAL(2) owner xxx
rmon event 3 log trap public description ERROR(3) owner xxx
rmon event 4 log trap public description WARNING(4) owner xxx
rmon event 5 log trap public description INFORMATION(5) owner xxx

vlan 1,50,60,70,80
vlan 50
private-vlan primary
private-vlan association 60,70,80
vlan 60
private-vlan isolated
vlan 70,80
private-vlan community

vrf context management

interface Vlan1

interface Vlan50
no shutdown
private-vlan mapping 60,70,80
ip address 192.168.0.1/24

interface Ethernet1/1
switchport mode trunk

interface Ethernet1/2
switchport mode private-vlan host
switchport private-vlan host-association 50 70
switchport access vlan 70

interface Ethernet1/3
switchport mode private-vlan host
switchport private-vlan host-association 50 70
switchport access vlan 70

interface Ethernet1/4
switchport mode private-vlan host
switchport private-vlan host-association 50 60

interface Ethernet1/5
switchport mode private-vlan promiscuous
switchport private-vlan mapping 50 60,70,80
switchport access vlan 50

interface Ethernet1/6

interface Ethernet1/7

interface Ethernet1/8

interface Ethernet1/9

interface Ethernet1/10

interface Ethernet1/11

interface Ethernet1/12

interface Ethernet1/13

interface Ethernet1/14

interface Ethernet1/15

interface Ethernet1/16

interface Ethernet1/17

interface Ethernet1/18

interface Ethernet1/19

interface Ethernet1/20

interface Ethernet1/21

interface Ethernet1/22

interface Ethernet1/23

interface Ethernet1/24

interface Ethernet1/25

interface Ethernet1/26

interface Ethernet1/27

interface Ethernet1/28

interface Ethernet1/29

interface Ethernet1/30

interface Ethernet1/31

interface Ethernet1/32

interface Ethernet1/33

interface Ethernet1/34

interface Ethernet1/35

interface Ethernet1/36

interface Ethernet1/37

interface Ethernet1/38

interface Ethernet1/39

interface Ethernet1/40

interface Ethernet1/41

interface Ethernet1/42

interface Ethernet1/43

interface Ethernet1/44

interface Ethernet1/45

interface Ethernet1/46

interface Ethernet1/47

interface Ethernet1/48

interface Ethernet1/49

interface Ethernet1/50

interface Ethernet1/51

interface Ethernet1/52

interface Ethernet1/53

interface Ethernet1/54

interface Ethernet1/55

interface Ethernet1/56

interface Ethernet1/57

interface Ethernet1/58

interface Ethernet1/59

interface Ethernet1/60

interface Ethernet1/61

interface Ethernet1/62

interface Ethernet1/63

interface Ethernet1/64

interface mgmt0
vrf member management
icam monitor scale

line console
line vty
boot nxos bootflash:/nxos64-cs.10.3.1.F.bin

EDIT: This is the output of show interface private-vlan mapping

BertiniB_0-1691550334554.png

 

8 Replies 8

M02@rt37
VIP
VIP

Hello @BertiniB,

You have correctly configured the interface Ethernet 5 as a promiscuous port and associated it with the primary VLAN 50 and secondary VLANs 60, 70, and 80. However, you have also assigned it to access VLAN 50 (switchport access vlan 50). This is not necessary and could be causing issues.

--To fix this, remove the line switchport access vlan 50 from Ethernet 1/5.

In the output of your show interface private-vlan mapping, it appears that interface Ethernet 1/5 (promiscuous port) is not properly mapped to the secondary VLANs 60, 70, and 80. Instead, it is only associated with VLAN 50:

--To fix this, you need to correctly map the promiscuous port Eth1/5 to the secondary VLANs.

interface Ethernet1/5
no switchport access vlan 50
switchport private-vlan mapping 50 60,70,80

After making these changes, please verify the mapping using [show interface private-vlan mapping].

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Hello M02@rt37, thanks for the reply!

I did all the commands and the port still doesn't show in the PVLAN mapping and the Community and Isolated ports still can't reach the SVI.

BertiniB_0-1691639516439.png

As you can see from the picture below, the server connected to a community port still can't ping the SVI:

BertiniB_1-1691639579443.png

BertiniB_2-1691639672657.png

Could this be a bug of the NX-OS 9000v? Because it seems I did everything correctly according to the official Cisco documents.

Current Running-Config:

!Command: show running-config
!Running configuration last done at: Thu Aug 10 03:50:08 2023
!Time: Thu Aug 10 03:56:04 2023

version 10.3(1) Bios:version
hostname N9K
vdc N9K id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

feature private-vlan
feature interface-vlan

no password strength-check
username admin password 5 xxxx
role network-admin
username cisco password 5 xxxx
role network-admin
username cisco passphrase lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
copp profile strict
snmp-server user admin network-admin auth md5 xxxx
F7 priv aes-128 xxxx localizedV2key
snmp-server user cisco network-admin auth md5 xxxx
F9 priv aes-128 xxxx localizedV2key
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO

vlan 1,50,60,70,80
vlan 50
private-vlan primary
private-vlan association 60,70,80
vlan 60
private-vlan isolated
vlan 70,80
private-vlan community

vrf context management

interface Vlan1

interface Vlan50
no shutdown
private-vlan mapping 60,70,80
ip address 192.168.0.1/24

interface Ethernet1/1
switchport mode trunk

interface Ethernet1/2
switchport mode private-vlan host
switchport private-vlan host-association 50 70

interface Ethernet1/3
switchport mode private-vlan host
switchport private-vlan host-association 50 70

interface Ethernet1/4
switchport mode private-vlan host
switchport private-vlan host-association 50 60
switchport access vlan 60

interface Ethernet1/5
switchport mode private-vlan promiscuous
switchport private-vlan mapping 50 60,70,80

interface Ethernet1/6

interface Ethernet1/7

interface Ethernet1/8

interface Ethernet1/9

interface Ethernet1/10

interface Ethernet1/11

interface Ethernet1/12

interface Ethernet1/13

interface Ethernet1/14

interface Ethernet1/15

interface Ethernet1/16

interface Ethernet1/17

interface Ethernet1/18

interface Ethernet1/19

interface Ethernet1/20

interface Ethernet1/21

interface Ethernet1/22

interface Ethernet1/23

interface Ethernet1/24

interface Ethernet1/25

interface Ethernet1/26

interface Ethernet1/27

interface Ethernet1/28

interface Ethernet1/29

interface Ethernet1/30

interface Ethernet1/31

interface Ethernet1/32

interface Ethernet1/33

interface Ethernet1/34

interface Ethernet1/35

interface Ethernet1/36

interface Ethernet1/37

interface Ethernet1/38

interface Ethernet1/39

interface Ethernet1/40

interface Ethernet1/41

interface Ethernet1/42

interface Ethernet1/43

interface Ethernet1/44

interface Ethernet1/45

interface Ethernet1/46

interface Ethernet1/47

interface Ethernet1/48

interface Ethernet1/49

interface Ethernet1/50

interface Ethernet1/51

interface Ethernet1/52

interface Ethernet1/53

interface Ethernet1/54

interface Ethernet1/55

interface Ethernet1/56

interface Ethernet1/57

interface Ethernet1/58

interface Ethernet1/59

interface Ethernet1/60

interface Ethernet1/61

interface Ethernet1/62

interface Ethernet1/63

interface Ethernet1/64

interface mgmt0
vrf member management
icam monitor scale

line console
line vty
boot nxos bootflash:/nxos64-cs.10.3.1.F.bin

EDIT: The Community ports can communicate with each other. And the Promiscuous port can ping the SVI.

Hello @BertiniB,

Your configuration seems to be good.

Do you have ARP entries after icmp attempt?

Do you check about any  security software on the devices is not interfering with the network communication ?

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

In the Server connected to the interface Eth1/3 (Community Port) the following ARP entries are:

BertiniB_0-1691650810496.png

Interestingly, it seems that the 9000v was able to learn the MAC address of the server-1(192.168.0.3):

BertiniB_1-1691651020812.png

It doesn`t seem to be a security software, since I can ping from the SVI to the other server running the same OS (Tiny Core Linux).  Also, I can ping the servers in the same community (server-1 and server-2):

BertiniB_2-1691651158833.png

They are all running Tiny Core Linux in CML.

 

OK @BertiniB 

Thanks for the output.

Since is Linux, is it possible to tcpdump from you Linux in order to see the icmp echo request from N9k ?

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Sorry for the late response.

There is no tcpdump in the TinyCore Linux. I however captured the frames between the SVI and Community Server:

No. Time Source Destination Protocol Length Info
1 0.000000 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 1: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
2 2.002214 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 2: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
3 4.001420 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 3: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
4 6.002116 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 4: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
5 8.006668 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 5: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
6 10.001326 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 6: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
7 10.227355 0.0.0.0 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0x9ab1cd56

Frame 7: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits)
Ethernet II, Src: RealtekU_19:33:6a (52:54:00:19:33:6a), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Dynamic Host Configuration Protocol (Discover)

No. Time Source Destination Protocol Length Info
8 11.998270 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 8: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
9 13.231448 0.0.0.0 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0x9ab1cd56

Frame 9: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits)
Ethernet II, Src: RealtekU_19:33:6a (52:54:00:19:33:6a), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Dynamic Host Configuration Protocol (Discover)

No. Time Source Destination Protocol Length Info
10 14.002872 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 10: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
11 16.001472 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 11: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
12 16.236112 0.0.0.0 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0x9ab1cd56

Frame 12: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits)
Ethernet II, Src: RealtekU_19:33:6a (52:54:00:19:33:6a), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Dynamic Host Configuration Protocol (Discover)

No. Time Source Destination Protocol Length Info
13 16.643812 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 13: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
14 16.651690 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 14: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
15 17.662690 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 15: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
16 17.667621 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 16: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
17 18.010958 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 17: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
18 18.228456 0.0.0.0 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xb1c59a5e

Frame 18: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Dynamic Host Configuration Protocol (Discover)

No. Time Source Destination Protocol Length Info
19 18.675610 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 19: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
20 18.682907 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 20: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
21 19.999425 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 21: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
22 20.645897 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 22: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
23 20.651699 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 23: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
24 21.232409 0.0.0.0 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xb1c59a5e

Frame 24: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Dynamic Host Configuration Protocol (Discover)

No. Time Source Destination Protocol Length Info
25 21.662870 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 25: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
26 21.668096 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 26: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
27 22.000596 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 27: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
28 22.675852 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 28: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
29 22.681463 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 29: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
30 24.000399 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 30: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
31 24.235915 0.0.0.0 255.255.255.255 DHCP 342 DHCP Discover - Transaction ID 0xb1c59a5e

Frame 31: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Dynamic Host Configuration Protocol (Discover)

No. Time Source Destination Protocol Length Info
32 24.647811 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 32: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
33 24.653172 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 33: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
34 25.662884 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 34: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
35 25.668474 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 35: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
36 26.000964 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 36: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
37 26.675648 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 37: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
38 26.681659 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 38: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
39 28.009223 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 39: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
40 28.649885 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 40: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
41 28.654852 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 41: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
42 29.662855 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 42: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
43 29.670135 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 43: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
44 29.998051 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 44: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
45 30.675825 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 45: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
46 30.681930 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 46: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
47 32.000971 52:04:e8:47:01:03 Spanning-tree-(for-bridges)_00 STP 60 RST. Root = 32768/50/52:04:e8:47:1b:08 Cost = 0 Port = 0x8003

Frame 47: 60 bytes on wire (480 bits), 60 bytes captured (480 bits)
IEEE 802.3 Ethernet
Logical-Link Control
Spanning Tree Protocol

No. Time Source Destination Protocol Length Info
48 32.651458 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 48: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

No. Time Source Destination Protocol Length Info
49 32.655809 52:04:e8:47:1b:08 RealtekU_1d:34:25 ARP 64 192.168.0.1 is at 52:04:e8:47:1b:08

Frame 49: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Ethernet II, Src: 52:04:e8:47:1b:08 (52:04:e8:47:1b:08), Dst: RealtekU_1d:34:25 (52:54:00:1d:34:25)
802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 50
Address Resolution Protocol (reply)

No. Time Source Destination Protocol Length Info
50 33.662943 RealtekU_1d:34:25 Broadcast ARP 42 Who has 192.168.0.1? Tell 192.168.0.3

Frame 50: 42 bytes on wire (336 bits), 42 bytes captured (336 bits)
Ethernet II, Src: RealtekU_1d:34:25 (52:54:00:1d:34:25), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Address Resolution Protocol (request)

Hello
Try the following:
conf t
default eth1/5
int eth1/5
switchport mode private-vlan promiscuous
switchport private-vlan mapping 50 60,70,80
no shut

end

sh vlan private-vlan


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Thanks for the reply, 

However, it didn`t work. I still can`t ping the promiscuous server or the SVI.

Review Cisco Networking for a $25 gift card