Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
331
Views
0
Helpful
3
Replies

Traffic leaking between PVLAN Isolated ports

andris.zarins
Level 1
Level 1

‎01-06-2006 06:18 AM - edited ‎03-03-2019 01:20 AM

Hi,

Is it possible to leak traffic between ports configured as 'PVLAN isolated' ?

Task is pretty simple - there is an IP segment, terminated on cat3750 SVI, and two test servers connected to this switch in ports, configurated for isolated PVLAN. I'd like to be sure there is no uncontrolled communication between those servers, except permitted traffic.

Both servers can reach SVI IP address, but cant reach each other. So far, so good, PVLAN works. What about allowing some traffic between those hosts? Any ideas if thats possible at all, and how to configure devices?

Labels:
0 Helpful
3 Replies 3

mheusinger
Level 10
Level 10

‎01-06-2006 07:17 AM

Hi,

you could place the two servers in two different VLANs, let the Cat 3750 route between them and apply access-lists to control the desired traffic.

Have a look at

"Configuring Network Security with ACLs"

http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a0080403fec.html#

for all possibilities.

Hope this helps

Martin

0 Helpful

andris.zarins
Level 1
Level 1
In response to mheusinger

‎01-11-2006 01:01 AM

All servers are placed in one VLAN (IP subnet) and it's supposed to stay that way. Test is about PVLAN usage.

Anyone else ?

0 Helpful

bfele
Level 1
Level 1

‎02-23-2006 08:00 AM

Use local proxy arp on SVI interface (ip local-proxy-arp). Then you can apply RACL to limit traffic between servers for specific applications.

Regards,

Bostjan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents