Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
836
Views
0
Helpful
5
Replies

Private VLANs Cat4500e

David Kondicz
Level 1
Level 1

‎06-28-2016 01:18 PM - edited ‎03-08-2019 06:24 AM

Hi all,

we have upgraded our core switch from cat3560x to cat 4506e with SUP 7 and i am going to be crazy from private vlans. :(

Can anyone helps me with som default port config fou my 4 scenarios?

Before i have used simple protected port on acces and trunk ports also.

We have using several vlans but mostly they are 300,500 and 10 more....

On Cat 3560x theumlink port was trunk or acces but as no protected. The downlink ports was as protected to isolate customers from each other.

On cat4500e i need to configure uplink port for vlan 300, 500 (as simple acces ports) also as trunk, and downlink ports as isolated acces port vlan 500, another for vlan 300. And one more trunk isolated downlink port for 12 vlans :(

Can anyone helsp me with simple config step by step?

Thank you

Br Dave

Labels:
0 Helpful
5 Replies 5

Bova_1980
Level 1
Level 1

‎06-28-2016 01:29 PM

No need to get crazy. From my point of view your question is unclear. Before going ahead with the configuratikn, you must clarify the logic of your setup. Why do you need tp use private vlan? Which requirement's constraint is forcing you to use private vlan? I am assuming to isolate communucation between customers. If so, then start to list and draw the logic of the communication. How many vlan do you have? Which vlan has to communicate with which vlan? Where is locate the promiscuos port? What about the host ports? Make clear the logic and the role of the ports before going ahead with config.

0 Helpful

David Kondicz
Level 1
Level 1
In response to Bova_1980

‎06-28-2016 01:59 PM

Hello,

My current config on 3560x looks like this

Uplink ports:

Gi 0/1 - trunk alloved vlan 50-130 (will be good if vlan 50 will be isolated and other no - on 3560x not possible becouse inly interface can be isolated)

Gi 0/2 - acces vlan 30

Downlink ports

range Gi 0/10-24 - swi acc vlan 50 (protected port)

Gi 0/25 - trun all vlan 30,50 (protected)

Gi 0/26 - acc vlan 30 (protected)

Gi 0/27 - tru all vlan 50,60,70,80,90,100 (protected)

Look to be a bit messy with pvlan :(

dave

0 Helpful

Bova_1980
Level 1
Level 1
In response to David Kondicz

‎06-28-2016 02:06 PM

Sorry David I am not going to produce any configuration here. Again, my was only a suggestion. Simply try to understand the logic before do a show runn interface. Based on the logic of your design you could for sure find a solution, propose one and based on your solution you can have a discussion with pther technicians.

0 Helpful

David Kondicz
Level 1
Level 1
In response to Bova_1980

‎07-03-2016 02:18 AM

I cant find a logic, becouse there in not realy a logic. Pvlan isolated trunk works only if you are connection cat4500 switches or higher thats supports pvlan. But there is no chanse to make an simple isolation like protected ports. Bit crazy, dont think?

0 Helpful

David Kondicz
Level 1
Level 1

‎07-01-2016 05:41 AM

No one can hels me?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card