how to create a private vlan in cisco switch 2960

Unanswered Question
Mar 30th, 2008

i want to create a private vlan in switch 2960 >no body can access to it and no sharing file between this vlan and anther please help me by steps

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
i-kendall Sun, 03/30/2008 - 02:40

Correct me if I am wrong (and I am sure some one will !!), but I think Cisco describe a private VLAN as one where all the ports in the VLAN can only communicate with one (server) port, and not each other. I suspect that what you need is a VLAN where all the members can talk to each other, but no-one can communicate in or out of this VLAN?

If that is correct, then all you need to do is create the VLAN on this switch only, and exclude it from the VLAN trunk. Depending on how many VLANs you have, either configure the trunk to allow all the VLANs except the one you want to be private, or create a vlan-list and use that to exclude the private one. As the 2960 is not L3, no-one should now have the ability to access it other than ports on this same switch that are configured to access it.

Hope that helps.

thotsaphon Sun, 03/30/2008 - 04:33

Hi Ashraf,

You are using the cisco 2960 switch so it cannot support your requirement.

Let me explain a bit more about private-vlans.

You can use a private-vlan edge,protected port to prevent the protected port from talking to the other protected ports within the same vlan.

F.E. f0/1 and f0/2 are in the same vlan on a switch. Configuring them by using protected port features. f0/1 cannot now talk to f0/2 and vise versa.

Keep that in mind,Protected port will perfectly work on a local switch.It will not work between switches because traffics from the trunk port can talk to the protected ports .If you want to use a real private-vlans through the entire network I would tell you to use cisco 3560 or cisco 3750 or higher model because they can use "PRIVATE VLAN or PVLAN". PVLAN needs more explanations as well. ;-)

please check this link out :

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a0080094830.shtml

Hopes this helps

Thot

Actions

Login or Register to take actions

This Discussion

Posted March 30, 2008 at 1:56 AM
Stats:
Replies:2 Avg. Rating:
Views:3101 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard

Rank Username Points
1 14,997
2 8,150
3 7,720
4 7,078
5 6,710
Rank Username Points
185
80
59
57
55