pVLAN or something else.......!

Unanswered Question

Hi Gurus,

I want one of the PC in my LAN which should not communicate with any other PC/device of same or different VLAN/Subnet of the LAN. One of the probable solution could be private vlan but the switch is 2950 at which it is sitting, which does not support private vlan. How can i acheive this without moving the PC to my core-layer 4500 series switch?

Thanks and regards,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)

Thanks Edison,

But, as the first line of the document says "Use the switchport protected interface configuration command to isolate unicast, multicast, and broadcast traffic at Layer 2 from other protected ports on the same switch.", this switchport will be isolated from other protected ports of the same switch locally. Doesn't that mean that the PC in question will be able to communicate with the device of its vlan but on different switch? Help me understanding it if I'm wrong somewhere?


Edison Ortiz Wed, 01/30/2008 - 12:52

interfaces with protected enabled, won't be able to communicate with other protected enabled interfaces.

protected enabled interfaces are able to communicate to non-protected interfaces.

If I recall correctly, this information isn't carry from switch to switch, for that you need Private Vlans.



Edison Ortiz Wed, 01/30/2008 - 14:08

The only option you have is with switchport protected, no other choices are provided with the 2950.




This Discussion