Table of Contents
Advertisement
This chapter shows you how to configure the Switch to prevent communications between ports in a
VLAN.
34.1 Private VLAN Overview
Private VLAN allows you to do port isolation within a VLAN in a simple way. If you enable a private
VLAN rule for a VLAN on the Switch, the Switch automatically adds all ports (except the uplink
port(s)) in this VLAN to the isolated port list and blocks traffic between the isolated ports. The
uplink ports (25 to 28 on the MES3500-24(F) or 9 to 10 on the MES3500-10) are always in the
promiscuous port list. A promiscuous port can communicate with any port in the same VLAN. An
isolated port can communicate with the promiscuous port(s) only.
Note: You can have up to one private VLAN rule for each VLAN.
In the following example, ports 1, 2, 3 and 25 belong to VLAN 123. You configure and enable
private VLAN for VLAN 123 on the Switch. Then ports 1, 2 and/or 3 cannot send traffic to each
other, but they all can talk to the uplink port 25.
Figure 160 Private VLAN Example
Note: Make sure you keep at least one port in the promiscuous port list for a VLAN with
private VLAN enabled. Otherwise, this VLAN is blocked from the whole network.
34.2 Configuring Private VLAN
Click Advanced Application > Private VLAN in the navigation panel to display the screen as
shown.
C
25
3
2
VLAN 123
Isolated ports: 1 ~ 3
Promiscuous port: 25
MES3500 Series User's Guide
264
HAPTER
Private VLAN
3 4
- Quick Links:
- The Web Configurator
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
