04-11-2023 12:10 PM
I have two stacked 9200 and i want to configure a private vlan trunk in promiscuous mode but i can not find how.
Is this feature available on this model at all?
Solved! Go to Solution.
05-13-2024 01:49 PM
So the answer is that the 9200 do not support pvlan trunks (in promiscuous or isolated mode).
This is supported on 9300 series.
04-11-2023 12:26 PM
Hello,
There's promiscuos mode on this switch and you can setup with this command:
switchport mode private-vlan promiscuous
But, I recommend you read this document in order to make sure this is what you are looking for
04-11-2023 01:04 PM
Solved: Private VLAN trunking question - Cisco Community
check this link
04-11-2023 06:17 PM
Cat 9200 should support - adding other posters
using 17.3 code with the below document already referred by @Flavio Miranda (16.X code)
use sdm prefer default and config as per the guideline, still not working, post your config and tell us what is not working.
04-12-2023 04:19 AM - edited 04-12-2023 04:22 AM
Thank you for your responces.
My goal is to create a port (specificaly a port-channel) where i will connect a firewall/router. This device will handle all inter-vlan routing, some of those vlans are regular vlans and some are private vlans. So a configuration is needed where regular vlans pass to the routing device as is and private vlans pass as regular vlans, this is becasue router / firewall device does not understand private vlans. I have previously performed this kind of configuration on Cat 6500, 4500 and Nexus 9000 series switches using interface cmd "switchport mode private-vlan trunk promiscuous". This command seem to be available for 9300 switches though ( https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-3/configuration_guide/vlan/b_173_vlan_9300_cg/configuring_private_vlans.html ).
The documents you pointed do not mention this feature and cmd "switchport mode private-vlan promiscuous" configures a host port, not a trunk port. The only hint that "private vlan promiscuous trunk ports" are supported is on the "Restriction" section for ver. 17.3 that states: Port Aggregation Protocol (PAgP) and Link Aggregation Control Protocol (LACP) are supported only for Private VLAN promiscuous trunk ports and Private VLAN isolated trunk ports. so this needs more investigation.
My production swithes are on 16.12.2 so i can not test this. I will have to setup a testing enviroment.
Regards
04-12-2023 05:11 AM - edited 04-12-2023 05:13 AM
If you are using Private VLAN then the concept of promiscuos applies.
05-13-2024 01:33 PM
Did you find a solution ? i have the same problem. Need to use private vlan and trunk normal vlan on the same int.
05-13-2024 01:49 PM
So the answer is that the 9200 do not support pvlan trunks (in promiscuous or isolated mode).
This is supported on 9300 series.
05-13-2024 01:54 PM
Thanks for you answer
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide