Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

pvlan connecting to an upstream switch


i have a query re pvlans connecting to an upstream switch

i currently have a firewall connecting to a switch (switch A) on a promiscuous port (PVLAN 16)

the switch has another switch (switch B) chained off it on a trunk port

i now have a requirement to introduce a new 'core' switch between the firewall and switch A

the reason is to use this core switch to terminate other firewall dmzs so we can cut down on switch intrastructure

the core switch will now terminate switches that carry other pvlans (18 & 20) but isn't configured with any pvlans

each pvlan has its own set of downstream switches and will connect to different firewall interfaces (no subinterfaces) via the core switch

i tried to configure this last week in a short maintenance window but couldn't get it working

i set up the core switch with a trunk port to switch A (also a trunk) and from the firewall could ping switch A & B but not the hosts  

my query

do i need to keep the ports between the core switch and downstream pvlan switches (ie switch A) as promiscuous

as the core doesn't have any pvlan configuration the links to the various firewall interfaces are configured as access ports for the particular vlan

thanks to anyone taking the time to read this or to comment and apologies for the convoluted description

Everyone's tags (1)
New Member

pvlan connecting to an upstream switch


anyone any ideas?