Cisco 2950T switch - VLAN

Discussion in 'Cisco' started by Raymondo, Aug 3, 2004.

  1. Raymondo

    Raymondo Guest

    Hi there,

    I am new to Cisco. I'm trying to setup a Cisco 2950T switch with two
    Gigabit port. I want to patch one gigabit port to my Firewall's DMZ
    interface and have all my servers in the DMZ (Port 1-8) in 8 different
    VLAN for security purpose.

    I don't want the servers in the DMZ to communicate to each other,
    except to the firewall (Shorewall running on Debian)

    I understand server cannot communicate to each other in different
    VLAN. But is there a way to configure the Gigabit port to communicate
    to all servers (Port 1-8 in 8 different VLAN)


    Thanks in advance!

    Raymond
     
    Raymondo, Aug 3, 2004
    #1
    1. Advertising

  2. Hi,

    Yes, the feature you're looking for is private vlans. Using private vlan
    ports, all ports share the same vlan but are NOT able to communicate with
    other private vlan ports in the same vlan but CAN communicate with any
    non-private-vlan ports in the same vlan. This means:

    Port 1-8 setup as private vlan ports in, lets say, vlan 2
    Port 25 (gbit) as normal access port in vlan 2 (or trunk).

    Port 1->2 is not possible,
    Port 1->3 is not possible,
    ....
    port 1->25 IS possible

    Erik


    "Raymondo" <> wrote in message
    news:...
    > Hi there,
    >
    > I am new to Cisco. I'm trying to setup a Cisco 2950T switch with two
    > Gigabit port. I want to patch one gigabit port to my Firewall's DMZ
    > interface and have all my servers in the DMZ (Port 1-8) in 8 different
    > VLAN for security purpose.
    >
    > I don't want the servers in the DMZ to communicate to each other,
    > except to the firewall (Shorewall running on Debian)
    >
    > I understand server cannot communicate to each other in different
    > VLAN. But is there a way to configure the Gigabit port to communicate
    > to all servers (Port 1-8 in 8 different VLAN)
    >
    >
    > Thanks in advance!
    >
    > Raymond
    >
     
    Erik Tamminga, Aug 5, 2004
    #2
    1. Advertising

  3. Hmm,

    didn't see you posted the same question twice and already go an answer.

    Erik

    "Erik Tamminga" <> wrote in message
    news:cetnml$g6f$1.nb.home.nl...
    > Hi,
    >
    > Yes, the feature you're looking for is private vlans. Using private vlan
    > ports, all ports share the same vlan but are NOT able to communicate with
    > other private vlan ports in the same vlan but CAN communicate with any
    > non-private-vlan ports in the same vlan. This means:
    >
    > Port 1-8 setup as private vlan ports in, lets say, vlan 2
    > Port 25 (gbit) as normal access port in vlan 2 (or trunk).
    >
    > Port 1->2 is not possible,
    > Port 1->3 is not possible,
    > ...
    > port 1->25 IS possible
    >
    > Erik
    >
    >
    > "Raymondo" <> wrote in message
    > news:...
    > > Hi there,
    > >
    > > I am new to Cisco. I'm trying to setup a Cisco 2950T switch with two
    > > Gigabit port. I want to patch one gigabit port to my Firewall's DMZ
    > > interface and have all my servers in the DMZ (Port 1-8) in 8 different
    > > VLAN for security purpose.
    > >
    > > I don't want the servers in the DMZ to communicate to each other,
    > > except to the firewall (Shorewall running on Debian)
    > >
    > > I understand server cannot communicate to each other in different
    > > VLAN. But is there a way to configure the Gigabit port to communicate
    > > to all servers (Port 1-8 in 8 different VLAN)
    > >
    > >
    > > Thanks in advance!
    > >
    > > Raymond
    > >

    >
    >
     
    Erik Tamminga, Aug 5, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Terry Baranski

    Re: Cat 2950T vlan

    Terry Baranski, Jul 18, 2003, in forum: Cisco
    Replies:
    2
    Views:
    502
    Alexander Ottl
    Jul 20, 2003
  2. Raymondo

    VLAN on 2950T-24 (Newbie Question)

    Raymondo, Aug 3, 2004, in forum: Cisco
    Replies:
    2
    Views:
    1,021
    Hansang Bae
    Aug 5, 2004
  3. novice03
    Replies:
    5
    Views:
    5,008
    Doug McIntyre
    Jan 31, 2005
  4. CJ

    Multi-VLAN on 2950T

    CJ, Mar 9, 2005, in forum: Cisco
    Replies:
    0
    Views:
    543
  5. rob frohwein

    cisco 2950T

    rob frohwein, Feb 7, 2006, in forum: Cisco
    Replies:
    3
    Views:
    532
    jcottingim
    Feb 7, 2006
Loading...

Share This Page