Configuring the Switch
3-154
3
Configuring Private VLANs
The Private VLAN Configuration page is used to create/remove primary, community,
or isolated VLANs.
Command Attributes
• VLAN ID – ID of configured VLAN (1-4094).
• Type – There are three types of VLANs within a private VLAN:
- Primary VLANs – Conveys traffic between promiscuous ports, and to
community ports within secondary (or community) VLANs.
- Community VLANs - Conveys traffic between community ports, and to their
promiscuous ports in the associated primary VLAN.
- Isolated VLANs – Conveys traffic only between the VLAN’s isolated ports and
the promiscuous port. Traffic between isolated ports within the VLAN is blocked.
• Current – Displays a list of the currently configured VLANs.
Web – Click VLAN, Private VLAN, Configuration. Enter the VLAN ID number, select
Primary, Isolated or Community type, then click Add. To remove a private VLAN from
the switch, highlight an entry in the Current list box and then click Remove. Note that
all member ports must be removed from the VLAN before it can be deleted.
Figure 3-84 Private VLAN Configuration
CLI – This example configures VLAN 5 as a primary VLAN, and VLAN 6 as a
community VLAN and VLAN 7 as an isolated VLAN.
Associating VLANs
Each community or isolated VLAN must be associated with a primary VLAN.
Command Attributes
• Primary VLAN ID – ID of primary VLAN (1-4094).
• Association – Community VLANs associated with the selected primary VLAN.
• Non-Association – Community VLANs not associated with the selected VLAN.
Console(config)#vlan database 4-179
Console(config-vlan)#private-vlan 5 primary 4-189
Console(config-vlan)#private-vlan 6 community
Console(config-vlan)#private-vlan 7 isolated
Console(config-vlan)#