VLANs or not with 2950ST-8 LRE - IOS 121-22

seclabs06 · ‎10-25-2006

hi,

My objective here is to provide internet to all 8 ports, but i don't want them to comunicate between each other...

The solutions i was trying to do here were:

1 - assign a diferent vlan to each port. The problem with this is that i can only have one "up" vlan at a time, because this switch only suports layer 2, and my layer 3 gateway that this switch connects to only suports 4 vlans (and very limited vlan options), so i don't think this is going to work.

2 - another way i though was to config the ports like "protected ports" so that no port can comunicate with the other ports, but in this case i would need at least one management port to be able to access all other, and i don't know if this is possible.

So, if anyone has any solution to this, or maybe i'm doing something wrong, any ideias will be greatly apreciated. By the way, for people that are not familiar with this switch, it has 8 LRE ports and 2 GB ports.

thanks in advance, regards,

hugo

Sam Smiley · ‎01-04-2017

The 2950 LRE isn't any different than any other Cisco L2 switch; your thinking is correct on this. From your question VLANs would be a better solution since you have to manage something attached to the CPE device. Adding an access list to the VLAN would allow you to add exceptions for management.

In order to make this happen it sounds like you need to add a L3 switch between your LRE switch and the L3 device you describe. This would allow you to create the number of VLANs you desire and create a L3 connection to your routing device without using up your 4 VLANs. Since you are dealing with a max of 16 Mb/s on the LRE ports an ol' 10/100 L3 switch would work fine.

Cheers,

Sam