PVLAN Problem

murmucka · ‎10-21-2024

Hi,

i made a pvlan configuration, anyway its seems to be not working.

VLAN Config on Core:

vlan 2500

  private-vlan primary

  private-vlan association 2600

vlan 2600

  private-vlan isolated

Access Port Config for PC

interface GigabitEthernet1/0/36
 description ** PVLAN Test **
 switchport private-vlan host-association 2500 2600
 switchport mode private-vlan host
 no logging event link-status
 snmp trap mac-notification change added
 no snmp trap link-status
 storm-control broadcast level bps 10m
 storm-control action shutdown
 spanning-tree portfast
 spanning-tree bpduguard enable

And Config on Trunk Port to Firewall (Default Gateway for VLAN 2500)

interface GigabitEthernet1/0/2
 description ** FW **
 switchport private-vlan trunk allowed vlan 1-4094
 switchport private-vlan mapping 2500 2600
 switchport mode private-vlan trunk promiscuous
 spanning-tree portfast trunk

Anyway, PC cant Ping FW Shared IP in this network, also FW cannot reach Client. Is something missing there?

(Core Switch is 9300)

M02@rt37 · ‎10-22-2024

Hello @murmucka

Please try to ping the firewall's IP address from the switch itself to verify if the switch can reach the firewall. This will help isolate whether the problem is with the switch-to-firewall connection or the PC's access configuration...

Also, do a test using a different device or a standard VLAN configuration to verify the reachability of the firewall.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

paul driver · ‎10-22-2024

Hello
sh vtp status
sh vlan private-vlan

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul