08-25-2008 12:48 PM - edited 03-06-2019 12:59 AM
Hello,
I'm trying to setup Private VLANS. Currently, I have a server that is connected to 2 vlans say VLAN 15 and VLAN 16. This server has an outside connection VLAN 15 and inside connection VLAN 16. I want to setup a private vlan so that this server cannot talk to anyone on VLANS 15 and 16. When I tried to set this up I was getting the following error:
config# vlan 15
(config-vlan# private-vlan association add 815,816
invalid private vlan association between vlan15 and vlan816. Isolated VLAN 815 is already assocated with VLAN 15.
Is there a way to assoicated two private vlans with with one vlan? Or something I just thought of... Do I need to assoicate each private vlan with the primary vlan. For example I could assoicated PVLAN 815 with Primary VLAN 15 and PVLAN 816 with Primary VLAN 16.
Will that work?
Thanks
Mike.
08-25-2008 01:44 PM
Hello Mike,
>> For example I could assoicated PVLAN 815 with Primary VLAN 15 and PVLAN 816 with Primary VLAN 16.
this should be the way to do it
the primary vlan and all the associated isolated and community vlans share a single IP subnet so if you have two NICs in two different IP subnets the two ports have to associated to two isolated private vlans that in their turn are associated to two different primary vlans
Hope to help
Giuseppe
08-25-2008 02:19 PM
Giuseppe,
Thanks for the quick response. One more question. When I setup the isolated vlans I need to setup the main links as promiscuous. correct. Also is primary vlan already in promiscuous mode. If the latter is true then I don't need to do anything correct?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide