Manualshelf

User's Manual

ManualsBrandsCisco Systems ManualsSwitchCisco Systems WSC3750X48TS
511512513514515516517518519520
18-12
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-21521-01
Chapter 18 Configuring Private VLANs
Configuring Private VLANs
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan:
20 501
<output truncated>
Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port
Beginning in privileged EXEC mode, follow these steps to configure a Layer 2 interface as a
private-VLAN promiscuous port and map it to primary and secondary VLANs:
Note Isolated and community VLANs are both secondary VLANs.
When you configure a Layer 2 interface as a private-VLAN promiscuous port, note this syntax
in
formation:
The secondary_vlan_list parameter cannot contain spaces. It can contain multiple comma-separated
items. Each item can be a single private-VLAN ID or a hyphenated range of private-VLAN IDs.
Enter a secondary_vlan_list, or use the add keyword with a secondary_vlan_list to map the
secondary VLANs to the private-VLAN promiscuous port.
Use the remove keyword with a secondary_vlan_list to clear the mapping between secondary
VLANs and the private-VLAN promiscuous port.
This example shows how to configure an interface as a
private-VLAN promiscuous port and map it to a
private VLAN. The interface is a member of primary VLAN 20 and secondary VLANs 501 to 503 are
mapped to it.
Switch# configure terminal
Switch(config)# interface gigabit
ethernet1/0/2
Switch(config-if)# switchport mod
e private-vlan promiscuous
Switch(config-if)# switchport pri
vate-vlan mapping 20 add 501-503
Switch(config-if)# end
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface-id Enter interface configuration mode for the Layer 2
interface to be configured.
Step 3
switchport mode private-vlan promiscuous Configure the Layer 2 port as a private-VLAN
promiscuous port.
Step 4
switchport private-vlan mapping primary_vlan_id
{add | remove} secondary_vlan_list
Map the private-VLAN promiscuous port to a primary
VLAN and to selected secondary VLANs.
Step 5
end Return to privileged EXEC mode.
Step 6
show interfaces [interface-id] switchport Verify the configuration.
Step 7
copy running-config startup config (Optional) Save your entries in the switch startup
configuration file.