09-06-2007 09:45 PM - edited 03-05-2019 06:19 PM
We need to take eight ports out of a 3750 switchstack (four ports on two of the members, remaining ports on these members assigned to network devices; three other stack members have ports assigned to servers, printers, desktops, etc) and assign them to network teams for (soon-to-be) DMZ-based servers. We've looked at doing L2 VLANs, but we'd prefer to keep L3. Other than assigning ACLs, is there a way to dedicate those ports to a DMZ VLAN? Are PVLANs the only other option?
Solved! Go to Solution.
09-12-2007 01:22 PM
You'll need to implement 'Private Vlans' to accomplish this. Here are some good links that explain how Private Vlans work and what's needed to configure them:
Securing Networks with Private VLANs and VLAN Access Control Lists
http://www.cisco.com/warp/customer/473/90.shtml
System Requirements to Implement Private VLANs
09-12-2007 01:22 PM
You'll need to implement 'Private Vlans' to accomplish this. Here are some good links that explain how Private Vlans work and what's needed to configure them:
Securing Networks with Private VLANs and VLAN Access Control Lists
http://www.cisco.com/warp/customer/473/90.shtml
System Requirements to Implement Private VLANs
09-12-2007 02:54 PM
Thanks - I was looking for a second opinion and you offered it. Appreciate the links, I'll look though those and compare to our config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide