• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

isolated switch using private vlans

O

oddyager

Diamond Member
I have a 3560 switch configured with a primary and isolated vlans. the machines that are connected to the "isolated" ports can not talk to each other but can talk to machines that are connected to "promiscous" ports. This is all layer 2. However I also at the same time want to be able to telnet to this switch from our internal network to this switch. Since this switch is not part of our VTP domain since its supposed to be isolated is there a way to designate one port on there, either a SVI or one of the physical ports, to be accessible from our internal network without breaking the private vlans?
 
Sure, just create a layer 3 port (no switchport), give it an IP and plug it into one of your normal switches. If you want to make doubly sure that no routing can happen across that interface, also apply an ACL permitting only telnet/ssh.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top