Options
Private VLANS
Hi, I am currently studying SWITCH and am just learning PVLANS, so not too familiar yet.
I have a scenario at work that I have been attempting to lab. I have 2 x 3750 switches with hsrp and a firewall cluster. I can get the PVLANS working with the primary, isolated/community ports fine, I have defined an SVI on the primary vlan and I can use the hsrp VIP address as the default gateway for the devices.
If the firewall cluster internal interfaces were on the primary vlan i can route through, but I would like the interfaces to be on a separate vlan rather than the primary vlan. I defined a separate VLAN with an SVI but isolated hosts will not route through, I kinda expected that though as am aware it needs to be connected to a promiscuous port, but how to route from secondary > primary to another vlan on same switch? I have be unsuccessful in finding too much information on the internet in regard to a switch/firewall resilient setup. Am I missing the point, is this not possible?
thanks
I have a scenario at work that I have been attempting to lab. I have 2 x 3750 switches with hsrp and a firewall cluster. I can get the PVLANS working with the primary, isolated/community ports fine, I have defined an SVI on the primary vlan and I can use the hsrp VIP address as the default gateway for the devices.
If the firewall cluster internal interfaces were on the primary vlan i can route through, but I would like the interfaces to be on a separate vlan rather than the primary vlan. I defined a separate VLAN with an SVI but isolated hosts will not route through, I kinda expected that though as am aware it needs to be connected to a promiscuous port, but how to route from secondary > primary to another vlan on same switch? I have be unsuccessful in finding too much information on the internet in regard to a switch/firewall resilient setup. Am I missing the point, is this not possible?
thanks