Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

routing between L3 VLAN and PVLAN

I have a private vlan set up with isolated, commuity and promiscious ports. I also have the secondary VLANs mapped to the primary.  Now I also have another L3 VLAN on the same switch, I can route between the layer 3 VLAN and the PVLAN subnet but cannot hit hosts in the isolated port...

basically I want to be able to hit hosts in isolated ports from VLAN 5

version 12.2

no service pad

service timestamps debug uptime

service timestamps log datetime

no service password-encryption

service sequence-numbers

!

hostname

!

boot-start-marker

boot-end-marker

!

!

!

no aaa new-model

clock timezone EST -5

clock summer-time UTC recurring

switch 1 provision ws-c3750-24ts

switch 2 provision ws-c3750-24ts

system mtu routing 1500

vtp mode transparent

ip routing

!

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

vlan 2

name primary-vlan

  private-vlan primary

  private-vlan association 3-4

!

vlan 3

name isolated-vlan

  private-vlan isolated

!

vlan 4

name sharedhosting

  private-vlan community

!

vlan 5

!

!

!

interface FastEthernet1/0/1

switchport private-vlan host-association 2 3

switchport mode private-vlan host

!

interface FastEthernet1/0/2

!

interface FastEthernet1/0/3

!

interface FastEthernet1/0/4

!

interface FastEthernet1/0/5

!

interface FastEthernet1/0/6

!

interface FastEthernet1/0/7

!

interface FastEthernet1/0/8

!

interface FastEthernet1/0/9

!

interface FastEthernet1/0/10

!

interface FastEthernet1/0/11

!

interface FastEthernet1/0/12

!

interface FastEthernet1/0/13

!

interface FastEthernet1/0/14

!

interface FastEthernet1/0/15

!

interface FastEthernet1/0/16

!

interface FastEthernet1/0/17

!

interface FastEthernet1/0/18

!

interface FastEthernet1/0/19

!

interface FastEthernet1/0/20

!

interface FastEthernet1/0/21

!

interface FastEthernet1/0/22

!

interface FastEthernet1/0/23

!

interface FastEthernet1/0/24

!

interface GigabitEthernet1/0/1

!

interface GigabitEthernet1/0/2

!

interface FastEthernet2/0/1

description Corp12

switchport private-vlan host-association 2 4

switchport mode private-vlan host

!

interface FastEthernet2/0/2

description Corp9

switchport private-vlan host-association 2 3

switchport mode private-vlan host

!

interface FastEthernet2/0/3

description LGP-5505-01

switchport private-vlan mapping 2 3-4

switchport mode private-vlan promiscuous

!

interface FastEthernet2/0/4

!

interface FastEthernet2/0/5

!

interface FastEthernet2/0/6

!

interface FastEthernet2/0/7

!

interface FastEthernet2/0/8

!

interface FastEthernet2/0/9

!

interface FastEthernet2/0/10

!

interface FastEthernet2/0/11

!

interface FastEthernet2/0/12

!

interface FastEthernet2/0/13

!

interface FastEthernet2/0/14

!

interface FastEthernet2/0/15

!

interface FastEthernet2/0/16

!

interface FastEthernet2/0/17

!

interface FastEthernet2/0/18

!

interface FastEthernet2/0/19

!

interface FastEthernet2/0/20

!

interface FastEthernet2/0/21

!

interface FastEthernet2/0/22

!

interface FastEthernet2/0/23

description Uplink to Prod

switchport access vlan 5

!

interface FastEthernet2/0/24

!

interface GigabitEthernet2/0/1

!

interface GigabitEthernet2/0/2

!

interface Vlan1

no ip address

!

interface Vlan2

ip address 172.20.5.152 255.255.255.0

private-vlan mapping 3-4

!

interface Vlan5

ip address 172.20.10.149 255.255.255.0

!

ip default-gateway 172.20.5.152

ip classless

ip route 0.0.0.0 0.0.0.0 172.20.5.150

ip http server

ip http secure-server

!

ip sla enable reaction-alerts

snmp-server community s8n1mp RO

snmp-server location LGP

snmp-server contact Network Admins

!

Comments
Cisco Employee

Hello Lewis,

Please post this as a discussion rather than document.

Regards,

Pulkit Nagpal

Technical Community Manager

537
Views
0
Helpful
1
Comments