Private VLAN trunk

Unanswered Question
Dec 18th, 2008
User Badges:
  • Silver, 250 points or more


I want to configure 2 private vlans between my firewall-core-access switch.

The setup is:

firewall - trunk to coreSW - trunk to accessSW

The firewall is the L3 device for 2 new VLANs.

On the trunk between the FW and the core are multiple VLANs configured.

Access switch is C3560-E.

On the side of the Firewall - core, I only want to see my 2 primary VLANs (10,20). From my core, I want a trunk to my access switch carrying those 2 primary VLANs, and then split them up into secondary VLANs.

I checked the docs and I think if I want to do this, I need 2 physical connections from my core to my access switch because I can only configure promiscuous mode for a single VLAN.

After looking at CCO, I found that on a C4500 one can configure

switchport mode private-vlan trunk promiscuous

I think this command would sovle my problem, however, it is not (yet) implemented in the IOS on my C3560-E.

Does someone know when this will be the case, and if it indeed would solve my problem. If you would know any other solutions, I would be glad to hear them!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dario.didio Mon, 01/05/2009 - 06:52
User Badges:
  • Silver, 250 points or more


Nobody that can help me?


This Discussion