Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
17546
Views
10
Helpful
3
Replies

Port Isolation Catalyst 2950

Go to solution
skitrees.geo
Level 1
Level 1

‎04-16-2009 09:36 AM - edited ‎03-06-2019 05:13 AM

I am looking to isolate ports 1-23 from seeing one another, yet I would like to share port 24 (uplink to Internet connection) with each port.

(so that each computer could see the Internet, but could not see each other)

I've found a million documents which look promising, but never quite address the goal I am trying to reach. If anyone could either share the proper commands with me, or point me to a definitive document, it would help me tremendously.

Thank you!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Thotsaphon Lueangwattanaphong
Level 7
Level 7

‎04-16-2009 09:48 AM

Fuzzy,

Have you ever read this feature?

Configuring Protected Ports

Some applications require that no traffic be forwarded between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.

Protected ports have these features:

•A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.

•Forwarding behavior between a protected port and a nonprotected port proceeds as usual.

•Protected ports are supported on IEEE 802.1Q trunks.

Please check out this link . C2950 Right?

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea11x/configuration/guide/swtrafc.html#wp1158863

F.e.

Switch# configure terminal

Switch(config)# interface range fastethernet0/1 - 23

Switch(config-if)# switchport protected

Switch(config-if)# end

HTH,

Toshi

View solution in original post

3 Replies 3

Go to solution
Thotsaphon Lueangwattanaphong
Level 7
Level 7

‎04-16-2009 09:48 AM

Fuzzy,

Have you ever read this feature?

Configuring Protected Ports

Some applications require that no traffic be forwarded between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.

Protected ports have these features:

•A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.

•Forwarding behavior between a protected port and a nonprotected port proceeds as usual.

•Protected ports are supported on IEEE 802.1Q trunks.

Please check out this link . C2950 Right?

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea11x/configuration/guide/swtrafc.html#wp1158863

F.e.

Switch# configure terminal

Switch(config)# interface range fastethernet0/1 - 23

Switch(config-if)# switchport protected

Switch(config-if)# end

HTH,

Toshi

Go to solution
skitrees.geo
Level 1
Level 1
In response to Thotsaphon Lueangwattanaphong

‎04-16-2009 10:02 AM

Toshi;

THANK YOU! I missed the following line when I read through the document the first time, "•Forwarding behavior between a protected port and a nonprotected port proceeds as usual." - having missed that line, I didn't think the first 23 ports would talk to the unprotected port. This resolved the issue for me. Thank you very much for the prompt nature of your response - you nailed it!!

0 Helpful

Go to solution
tawfeqjif
Level 1
Level 1

‎10-27-2022 01:44 AM - edited ‎10-27-2022 01:55 AM

hello

Is there a way to make a vlan group in one step, for example?
interface range fastthernet0/1 - 23
interface range vlan 0/1 - 23

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card