Filter
Top Products
VLAN Configuration
132
NXA-ENET24 - Software Management Guide
Private VLANs
Private VLANs provide port-based security and isolation between ports within the assigned VLAN. This
switch supports two types of private VLAN ports: promiscuous, and community ports. A promiscuous port can
communicate with all interfaces within a private VLAN. Community ports can only communicate with other
ports in their own community VLAN, and with their designated promiscuous ports. (Note that private VLANs
and normal VLANs can exist simultaneously within the same switch.)
Each private VLAN consists of two components: a primary VLAN and one or more community VLANs. A
primary VLAN allows traffic to pass between promiscuous ports, and between promiscuous ports and
community ports subordinate to the primary VLAN. A community VLAN conveys traffic between community
ports, and from the community ports to their associated promiscuous ports. Multiple primary VLANs can be
configured on this switch, and multiple community VLANs can be configured within each primary VLAN.
To configure private VLANs, follow these steps:
1. Use the Private VLAN Configuration menu (page 133) to designate one or more community VLANs and
the primary VLAN that will channel traffic outside of the community groups.
2. Use the Private VLAN Association menu (page 133) to map the secondary (i.e., community) VLAN(s) to
the primary VLAN.
3. Use the Private VLAN Port Configuration menu (page 135) to set the port type to promiscuous (i.e.,
having access to all ports in the primary VLAN) or host (i.e., having access restricted to community
VLAN members, and channeling all other traffic through a promiscuous port). Then assign any
promiscuous ports to a primary VLAN and any host ports a secondary VLAN (i.e., community VLAN).
Displaying Current Private VLANs
The Private VLAN Information page displays information on the private VLANs configured on the switch,
including primary and community VLANs, and their associated interfaces.
Displaying Current Private VLANs - Web
Click Private VLAN, Private VLAN Information. Select the desired port from the VLAN ID drop-down menu.
Command Attributes
•VLAN ID: ID of configured VLAN (1-4093, no leading zeroes).
• Primary VLAN: The primary VLAN with which the selected VLAN is associated. (Note that this displays as
VLAN 0 if the selected VLAN is itself a primary VLAN.)
• Ports List: The list of ports (and assigned type) in the selected private VLAN.
FIG. 143
Web - Private VLAN Information