Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
727
Views
0
Helpful
1
Comments

routing between L3 VLAN and PVLAN

networker99
Level 1
Level 1

‎01-03-2012 09:16 PM - edited ‎03-01-2019 04:45 PM

I have a private vlan set up with isolated, commuity and promiscious ports. I also have the secondary VLANs mapped to the primary.  Now I also have another L3 VLAN on the same switch, I can route between the layer 3 VLAN and the PVLAN subnet but cannot hit hosts in the isolated port...

basically I want to be able to hit hosts in isolated ports from VLAN 5

version 12.2

no service pad

service timestamps debug uptime

service timestamps log datetime

no service password-encryption

service sequence-numbers

!

hostname

!

boot-start-marker

boot-end-marker

!

!

!

no aaa new-model

clock timezone EST -5

clock summer-time UTC recurring

switch 1 provision ws-c3750-24ts

switch 2 provision ws-c3750-24ts

system mtu routing 1500

vtp mode transparent

ip routing

!

!

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

vlan 2

name primary-vlan

  private-vlan primary

  private-vlan association 3-4

!

vlan 3

name isolated-vlan

  private-vlan isolated

!

vlan 4

name sharedhosting

  private-vlan community

!

vlan 5

!

!

!

interface FastEthernet1/0/1

switchport private-vlan host-association 2 3

switchport mode private-vlan host

!

interface FastEthernet1/0/2

!

interface FastEthernet1/0/3

!

interface FastEthernet1/0/4

!

interface FastEthernet1/0/5

!

interface FastEthernet1/0/6

!

interface FastEthernet1/0/7

!

interface FastEthernet1/0/8

!

interface FastEthernet1/0/9

!

interface FastEthernet1/0/10

!

interface FastEthernet1/0/11

!

interface FastEthernet1/0/12

!

interface FastEthernet1/0/13

!

interface FastEthernet1/0/14

!

interface FastEthernet1/0/15

!

interface FastEthernet1/0/16

!

interface FastEthernet1/0/17

!

interface FastEthernet1/0/18

!

interface FastEthernet1/0/19

!

interface FastEthernet1/0/20

!

interface FastEthernet1/0/21

!

interface FastEthernet1/0/22

!

interface FastEthernet1/0/23

!

interface FastEthernet1/0/24

!

interface GigabitEthernet1/0/1

!

interface GigabitEthernet1/0/2

!

interface FastEthernet2/0/1

description Corp12

switchport private-vlan host-association 2 4

switchport mode private-vlan host

!

interface FastEthernet2/0/2

description Corp9

switchport private-vlan host-association 2 3

switchport mode private-vlan host

!

interface FastEthernet2/0/3

description LGP-5505-01

switchport private-vlan mapping 2 3-4

switchport mode private-vlan promiscuous

!

interface FastEthernet2/0/4

!

interface FastEthernet2/0/5

!

interface FastEthernet2/0/6

!

interface FastEthernet2/0/7

!

interface FastEthernet2/0/8

!

interface FastEthernet2/0/9

!

interface FastEthernet2/0/10

!

interface FastEthernet2/0/11

!

interface FastEthernet2/0/12

!

interface FastEthernet2/0/13

!

interface FastEthernet2/0/14

!

interface FastEthernet2/0/15

!

interface FastEthernet2/0/16

!

interface FastEthernet2/0/17

!

interface FastEthernet2/0/18

!

interface FastEthernet2/0/19

!

interface FastEthernet2/0/20

!

interface FastEthernet2/0/21

!

interface FastEthernet2/0/22

!

interface FastEthernet2/0/23

description Uplink to Prod

switchport access vlan 5

!

interface FastEthernet2/0/24

!

interface GigabitEthernet2/0/1

!

interface GigabitEthernet2/0/2

!

interface Vlan1

no ip address

!

interface Vlan2

ip address 172.20.5.152 255.255.255.0

private-vlan mapping 3-4

!

interface Vlan5

ip address 172.20.10.149 255.255.255.0

!

ip default-gateway 172.20.5.152

ip classless

ip route 0.0.0.0 0.0.0.0 172.20.5.150

ip http server

ip http secure-server

!

ip sla enable reaction-alerts

snmp-server community s8n1mp RO

snmp-server location LGP

snmp-server contact Network Admins

!

Labels:
0 Helpful
Comments
Pulkit Nagpal
Cisco Employee
Cisco Employee
‎01-03-2012 10:37 PM

Hello Lewis,

Please post this as a discussion rather than document.

Regards,

Pulkit Nagpal

Technical Community Manager

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents