01-20-2010 05:47 AM - edited 03-06-2019 09:22 AM
Hello,
I found a similar post on that topic last year, but I prefer to restart a new post for this specific question:
I have a Cat 6500 (Sup-720 and IOS 12.2(33)SXH2a), on which I have several DMZ vlans configured. On a trunk port thansporting all these DMZs, I have a Checkpoint firewall connected, that also support 802.1Q of course. Now, each vlan is a primary vlan of a private vlan domain, Then, I configure private community vlans on which I connect systems that do not have to communicate together. They only have to communicate with the corresponding promiscous port on the primary vlan.
The problem is that I can't configure the trunk port as promiscous like in a Catalyst 4500 with the command :
Cat4500(config-if)# switchport mode private-vlan trunk promiscuous
This is a real problem because I cannot dedicate a port for each DMZ on the firewall..
Is there any IOS version that allows it ? What would be the solution ?
Thank you
Yves
01-20-2010 05:58 AM
HI
Check the latest IOS for your 4500 chasis and SUP engine
regards
krishna kumar
01-20-2010 06:06 AM
Hi
I have verified the Promicus vlan supprot 4500
latest version entservices.122-53.SG1
regards
krishna
01-20-2010 06:14 AM
Hi Krishna,
Thanks for your answer. However, my question was related to a Cat 6500. I know that the 4500 supports the function.
Yves
01-29-2010 08:08 AM
Hi,
As fas as I know this is not supported on the 6500 or the 7600, not with the SXF or the SR release
An alternatve is "Private hosts with PACLs" On cco: The Private Hosts feature provides Layer 2 (L2) isolation between the hosts in a VLAN. You can use Private Hosts as an alternative to the Private VLAN isolated-trunks feature, which is currently not available on the Cisco 7600 router.
The link is at: http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/pacl.html
Regards, Patrick
02-01-2010 12:00 PM
Thank you Patrick for the update. I will investigate the Privaze Host solution.
best regards,
Yves
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: