EasyManuals Logo

Cisco ME 3400 User Manual

Cisco ME 3400
1138 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #285 background imageLoading...
Page #285 background image
12-9
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
OL-9639-07
Chapter 12 Configuring Private VLANs
Configuring Private VLANs
• You can configure 802.1x port-based authentication on a private-VLAN port, but do not configure
IEEE 802.1x with port security on private-VLAN ports.
• A private-VLAN host or promiscuous port cannot be a SPAN destination port. If you configure a
SPAN destination port as a private-VLAN port, the port becomes inactive.
• If you configure a static MAC address on a promiscuous port in the primary VLAN, you must add
the same static address to all associated secondary VLANs. If you configure a static MAC address
on a host port in a secondary VLAN, you must add the same static MAC address to the associated
primary VLAN. When you delete a static MAC address from a private-VLAN port, you must remove
all instances of the configured MAC address from the private VLAN.
Note Dynamic MAC addresses learned in one VLAN of a private VLAN are replicated in the
associated VLANs. For example, a MAC address learned in a secondary VLAN is replicated
in the primary VLAN. When the original dynamic MAC address is deleted or aged out, the
replicated addresses are removed from the MAC address table.
• Configure Layer 3 VLAN interfaces only for primary VLANs.
Configuring and Associating VLANs in a Private VLAN
Beginning in privileged EXEC mode, follow these steps to configure a private VLAN:
Note The private-vlan commands do not take effect until you exit VLAN configuration mode.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
vlan vlan-id Enter VLAN configuration mode and designate or create a VLAN that
will be the primary VLAN. The VLAN ID range is 2 to 1001 and 1006
to 4094.
Note If the VLAN has been configured as a UNI-ENI community
VLAN, you must enter the no uni-vlan VLAN configuration
command before configuring a private VLAN.
Step 3
private-vlan primary Designate the VLAN as the primary VLAN.
Step 4
exit Return to global configuration mode.
Step 5
vlan vlan-id (Optional) Enter VLAN configuration mode and designate or create a
VLAN that will be an isolated VLAN. The VLAN ID range is 2 to 1001
and 1006 to 4094.
Step 6
private-vlan isolated Designate the VLAN as an isolated VLAN.
Step 7
exit Return to global configuration mode.

Table of Contents

Other manuals for Cisco ME 3400

Preview: Command Reference Guide
Command Reference Guide872 pages
Preview: Command Reference
Command Reference950 pages
Preview: Getting Started Guide
Getting Started Guide32 pages
Preview: Hardware Installation Guide
Hardware Installation Guide88 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ME 3400 and is the answer not in the manual?

Cisco ME 3400 Specifications

General IconGeneral
CategorySwitch
Rack MountableYes
Jumbo Frame SupportYes
Authentication MethodRADIUS, TACACS+
RAM128 MB
Flash Memory32 MB
Power DeviceInternal power supply
ModelME 3400
LayerLayer 2
MAC Address Table Size8000 entries
Remote Management ProtocolSNMP, Telnet, SSH, HTTP, HTTPS
FeaturesVLAN support, IGMP snooping, Quality of Service (QoS)
Compliant StandardsIEEE 802.3, IEEE 802.3u, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.3x
Memory128 MB
Power SupplyAC 120/230 V (50/60 Hz)
Dimensions (H x W x D)4.4 cm x 44.5 cm x 24.2 cm
Routing ProtocolStatic routing

Related product manuals