cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
15811
Views
10
Helpful
3
Replies

Port Isolation Catalyst 2950

skitrees.geo
Beginner
Beginner

I am looking to isolate ports 1-23 from seeing one another, yet I would like to share port 24 (uplink to Internet connection) with each port.

(so that each computer could see the Internet, but could not see each other)

I've found a million documents which look promising, but never quite address the goal I am trying to reach. If anyone could either share the proper commands with me, or point me to a definitive document, it would help me tremendously.

Thank you!

1 Accepted Solution

Accepted Solutions

Fuzzy,

Have you ever read this feature?

Configuring Protected Ports

Some applications require that no traffic be forwarded between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.

Protected ports have these features:

•A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.

•Forwarding behavior between a protected port and a nonprotected port proceeds as usual.

•Protected ports are supported on IEEE 802.1Q trunks.

Please check out this link . C2950 Right?

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea11x/configuration/guide/swtrafc.html#wp1158863

F.e.

Switch# configure terminal

Switch(config)# interface range fastethernet0/1 - 23

Switch(config-if)# switchport protected

Switch(config-if)# end

HTH,

Toshi

View solution in original post

3 Replies 3

Fuzzy,

Have you ever read this feature?

Configuring Protected Ports

Some applications require that no traffic be forwarded between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.

Protected ports have these features:

•A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.

•Forwarding behavior between a protected port and a nonprotected port proceeds as usual.

•Protected ports are supported on IEEE 802.1Q trunks.

Please check out this link . C2950 Right?

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea11x/configuration/guide/swtrafc.html#wp1158863

F.e.

Switch# configure terminal

Switch(config)# interface range fastethernet0/1 - 23

Switch(config-if)# switchport protected

Switch(config-if)# end

HTH,

Toshi

Toshi;

THANK YOU! I missed the following line when I read through the document the first time, "•Forwarding behavior between a protected port and a nonprotected port proceeds as usual." - having missed that line, I didn't think the first 23 ports would talk to the unprotected port. This resolved the issue for me. Thank you very much for the prompt nature of your response - you nailed it!!

tawfeqjif
Beginner
Beginner

hello

Is there a way to make a vlan group in one step, for example?
interface range fastthernet0/1 - 23
interface range vlan 0/1 - 23

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: