cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6311
Views
0
Helpful
11
Replies

Configuring two VLANs on same Cisco switch port

Eyad Zorob
Level 1
Level 1
11 Replies 11

Edwin Summers
Level 3
Level 3

What exactly are you trying to accomplish here?  If we step back and go a step above your specific question, what is your actual requirement?  Do you require that all three machines be on the same subnet, but PC1 and PC2 not be able to communicate with each other?  -Ed

thanks Ed for the quick response. the requirement is bi-directional connections between (server from/to PC-1) and server from/to PC-2. no need for PC-1 to communicate with PC-2.

hope that make it clear or at least a bit.

Hi Eyad,

Can your server  interpret the VLAN tagging? if yes you can also configure as trunk the interface between the server and the switch.

Hope that helps

Vasilis

unfortanatly the server doesn't interpret vlan tagging it would've solved it.

Eyad,

That helps a bit, but more specifically, are you requiring that PC1 and PC2 not be able to communicate?

This is an interesting situation which is why I was asking about the exact requirements.  Can you also supply the details (at least box diagram) of the equipment in the "LAN" cloud in your diagram?

Private VLANs are not available (as of my last check) on the 2960 platform.  They are available on the 3560 platform, but without knowing the rest of your design that may create restrictions on other devices in your network that are unacceptable.  The 2960 platform incorporates the "protected port" ("PVLAN edge") feature, but this is only locally significant to the device and would not apply here where the affected ports are on different devices.

I see you have trunks in the diagram, but are end-to-end VLANs a requirement in your network?  What is the reason for requiring PC1 to be on VLAN 100 and PC2 to be on VLAN 200?  I just want to understand the full set of requirements that you must work within.

paolo bevilacqua
Hall of Fame
Hall of Fame

Do you understand routing? For which a router will send traffic no matter where it come from, to where it has to go?

In your case you have a layer 3 switch, that does that at wire speed.

It only need to be configured. If you do not have expereince and/or certifications, recommend you give the job to a professional.

Paolo,

I would like to keep the solution at layer 3 switch, injecting router would be a last option hence this posting getting feed back from professionals to express their ideas and guideline.

i tried the following:

1) switchport multi vlan vlan-list will solve this but the command is no longer avaliable on newer cat switches.

2) switchport voice vlan...but that doesn't work.

thanks

I think you have to read again my post above.

arunviswanath
Level 1
Level 1

Why don't you try to implement the intervlan routing,and use an accesslist

to block the traffic between the pcs

I agree with Paolo and Arun, that probably the best solution here is to implement inter vlan routing on SW-1 and apply ACL that PC1 and PC2 couldn't communicate.

But take care, if you choose this solution, your switch (3560) must have at least IP base licence installed on it.

unnikannanvj
Level 1
Level 1

Intervlan routing on an L3 switch.

Unni

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: