Is it possible to apply a PVLAN configuration on a 6500 and have the interface on the FWSM configured as a promiscuous interface.
I found an old thread that said it couldn't be done, but that it might in the future.
The etherchannel interface between the switch and the FWSM uses PAgP and the PVLAN document states that PVLANs are no compatible with PAgP or LACP. (The document referred to is 6500 IOS config guide for release 12.2SXF.)
Can anyone confirm if the latest hardware/software versions can now support this configuration?
"PVLAN support on Firewall Services Module (FWSM) begins in software version 3.1. If you run a software version earlier than 3.1, the only possible workaround is to connect the promiscuous port of the PVLAN using the crossover cable to a regular access port. Then, make a firewall for the VLAN of that access port."
Please see the following link for the PVLAN Cat Switch Support Matrix:
Thank you. That got it working. I'm surprised that there is no configuration required on the sup card or FWSM to get this working. Meaning I didn't have to assign it as a promiscuous port.
Are there any parameters to configure at the FWSM? What if I didn't want the FWSM interface to be promiscuous, or at least control which community VLANs it could access. Is there a way to control this?
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...