port protected in catalyst 2924XL

wasabiman · ‎12-16-2008

Dear Experts,

I need some confirmation from you all regarding to the port protection. Please help me to verify my case.

Scenario: I have one switch 2924 with vlan 200 assigned for port 3, 4, and 5 (access vlan). Port 1 is trunk go to router in order to be able to communicate with other vlans.

In port 3,4, and 5 i activated port portected.

What i need to confirm are:

Even in the same VLAN, when port protection activated, port 3, 4, and 5 cannot communicate each other, in any way.

Is it correct?

Is there anyway to make 3 and 4 can communicate but not with port 5 without changing VLAN?

Pls help

Thank you in advance

regards

Randy

Is there

ohassairi · ‎12-16-2008

1- yes correct.

2-may be you need to use "private vlan" feature.

with private vlan, ports can be:

-Isolated VLANs-Ports within an isolated VLAN cannot communicate with each other at the LayerÂ 2 level.

-Community VLANs-Ports within a community VLAN can communicate with each other but cannot communicate with ports in other communities at the Layer 2 level.

-Promiscuous- A promiscuous port can communicate with all interfaces, including the isolated and community ports within a PVLAN.

viyuan700 · ‎12-16-2008

"Even in the same VLAN, when port protection activated, port 3, 4, and 5 cannot communicate each other, in any way.

Is it correct?

yes correct and they can communicate through layer 3.

"Is there anyway to make 3 and 4 can communicate but not with port 5 without changing VLAN?"

This is possible with private vlan as suggested in other post but i think private vlan cannot be configured in 2924XL