Cisco Support Community

Configure Virtual Local Area Network (VLAN) Protocol-Based Groups to VLAN on a Switch


A Virtual Local Area Network (VLAN) allows you to logically segment a Local Area Network (LAN) into different broadcast domains. In scenarios where sensitive data may be broadcast on a network, VLANs can be created to enhance security by designating a broadcast to a specific VLAN. Only users that belong to a VLAN are able to access and manipulate the data on that VLAN.

Networking devices on which multiple protocols are running cannot be grouped to a common VLAN. Non-standard devices are used to pass traffic between different VLANs in order to include the devices participating in a specific protocol. For this reason, the user cannot take advantage to the many features of VLAN.

Configuration of the switch with protocol-based VLAN can fix this issue. It divides the physical network into logical VLAN groups for each required protocol. In the inbound packet, the frame is checked and the VLAN membership can be determined based on the protocol type. The Protocol-Based Groups to VLAN mapping helps to map a protocol group to a single port. To learn more about the configuration of VLAN protocol-based group, click here.

This article provides instructions on how to configure VLAN protocol-based groups to VLAN on a switch.

Applicable Devices

  • Sx250 Series
  • Sx350 Series
  • SG350X Series
  • Sx500 Series
  • Sx550X Series

Software Version

  • – Sx500 Series
  • – Sx250 Series, Sx350 Series, Sx350X Series, Sx550X Series

Configure VLAN Settings on the Switch

Step 1. Log in to the web-based utility and choose Advanced in the Display Mode drop-down list.

Note: If you have an Sx500 Series switch, skip to Step 2.

Step 2. ChooseVLAN Management > VLAN Groups > Protocol-Based Groups to VLAN.

Note: The available VLAN Management options may vary depending on the switch that you have. In this example, SG350X switch is used.

Step 3. In the Mapping Group to VLAN Table, click Add.

Step 4. The type of the group is displayed in the Group Type field automatically. Click one of the following interface type radio buttons in the Interface area to which the VLAN protocol-based group is assigned and choose the desired interface from the drop-down list.

  • Unit — The unit ID of unit (master, slaves, or backup) in the stack and number of expansion slots available in it. This switch supports up to four units.

Note: If you have an Sx500 Series switch, this option displays as Unit/Slot.

  • LAG — The several ports of the switch are combined to form a single group called a Link Aggregation Group (LAG). This switch supports up to eight LAGs.

Note: In this example, GE5 port of Unit 2 is chosen.

Step 5. Choose the desired group ID of the VLAN group from the Group ID drop-down list. The group ID is used for the VLAN protocol to be mapped to the specific groups created. In this example, the Group ID is 5.

Note: The Group ID is available only if it is configured in the Protocol-Based Groups page. To learn how to configure this feature, click here.

Step 6. Enter the VLAN ID that attaches the interface to a user-defined VLAN ID in the VLAN ID field.

Note: In this example, 20 is used. To learn how to configure a VLAN on a switch, click here for instructions.

Step 7. Click Apply then click Close.

Step 8. (Optional) Click Save to save settings to the startup configuration file.

You should now have configured the VLAN protocol-based groups to VLAN settings on your switch.