I'm used to work with Nortel Networks' BayStack switches and I have been told I cannot do what I do with my BayStack 450 switches with Cisco's. I find that hard to believe.
Here it is.
Let's say I want to share a device between 2 VLANs. For this example, an internet access through a simple LinkSys router. (You can replace the internet access with a printer or a server, it doesn't matter).
Let's say I have a 24 ports switch. In this case, a Nortel BayStack 450 switch. By default, all ports in that switch are members of VLAN 1. Let's say I want ports 1 to 6 to be members of VLAN 10, and ports 7 to 12 be members of VLAN 20. Port 13 is the port where I connect my internet router and is member of VLAN 25.
I want VLAN 10 and VLAN 20 to access internet through VLAN 25 and no communication between VLAN 10 and VLAN 20.
Here is what I do.
First, you must know that an access port in Nortel Baystack 450 switches can be members of multiple VLANs.
- Remove ports 1 to 13 from VLAN 1.
- Assign ports 1 to 6 to be members of VLAN 10 and 25. Assign PVID (Port VLAN Identifier) to 10 for those ports.
- Assign ports 7 to 12 to be members of VLAN 20 and 25. Assing those ports to PVID 20.
- Assign port 13 to be member of VLANs 10, 20 and 25 and assign PVID of this port to 25.
In this configuration:
VLAN 10 can access internet through VLAN 25 but don't have access to VLAN 20.
VLAN 20 can access internet through VLAN 25 but don't have access to VLAN 10.
This configuration works very well and I don't need a router to do it. In fact, I can also extend this configuration between multiple switches by including all the VLANs in the trunk ports.
Is it possible to do the same with Cisco's switchs? I've been told I can't do that.