Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Looking for alternate code to switchport multi vlan command

Looking for alternate code to switchport multi vlan command 10 years 3 months ago #16352

  • JeffH
  • JeffH's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
Different agencies connect to our network through our firewall.
They connect to a switch which is then connected to a port on our firewall.
In order to isolate each connection we assigned each one a unique VLAN number, lets say 101-109 (to keep things simple), like this:
interface FastEthernet0/1
switchport access vlan 236

Then we set the port(s) that connects the switch to the firewall:
interface FastEthernet0/24
switchport multi vlan 1,101-109
switchport mode multi

Note: on the new switch we will be connecting to our new firewall cluster using 2 Gig ports

Can anyone provide the proper code to duplicate this setup?
The administrator has disabled public write access.

Re: Looking for alternate code to switchport multi vlan command 10 years 3 months ago #16364

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
I'm affraid i have not got to the switching part of the CCNP yet (only just started with BCRAN). It sounds to me like you are talking about 802.1Q trunking but i cannot begin to help with configuration.

Hopefully someone else can help (thats indeed if i am correct there)

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

switchport protected 10 years 3 months ago #16447

  • JeffH
  • JeffH's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
I think I found the answer with the switchport protected command...
Configuring Protected Ports

A protected port feature is used in those environments where no traffic can be forwarded between two ports on the same switch. This way, one neighbor connected to one port does not see the traffic that is generated by another neighbor connected to the second port. The blocking of traffic (unicast, broadcast, or multicast) only works when both ports are protected. When a protected port is communicating with an unprotected port, the traffic is forwarded in the usual manner. Once the ports are protected, traffic between them can only be forwarded by a Layer 3 device.

By default, the protected port feature is not enabled. You can configure protected ports on either a physical interface or an EtherChannel group. Once you enable the protected port feature on the latter, it is extended to all the group's ports.
The administrator has disabled public write access.

Re: Looking for alternate code to switchport multi vlan command 10 years 3 months ago #16450

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Thanks for sharing, its very interseting and infact it could resolve an issue i am currently having. I'll take a look into that.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.
Time to create page: 0.076 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup