2-680
Catalyst 6500 Series Switch Command Reference—Release8.1
78-15474-01
Chapter2 Catalyst 6500 Series Switch and ROM Monitor Commands set vlan
To secure a range of VLANs on a Firewall Services Module, these conditions must be satisfied:
1. Port membership must be defined for the VLANs, and the VLANs must be in active state.
2. The VLANs do not have a Layer 3 interface in active state on the MSFC.
3. The VLANs are not reserved VLANs.
VLANs that do not satisfy condition number 2 in the list above are discarded from the range of VLANs
that you attempt to secure on the Firewall Services Module. VLANs that meet condition number 2 and
condition number 3 but do not meet condition number 1 are stor ed in the sup ervis or e ngin e dat abase ;
these VLANs are sent to the Firewall Services Module as soon as they meet condition number 1.
Examples This example shows how to set VLAN 850 to include ports 3 through 7 on module 3:
Console> (enable) set vlan 850 3/4-7
VLAN 850 modified.
VLAN Mod/Ports
---- -----------------------
850 3/4-7
Console> (enable)
This example shows how to set VLAN 7 as a primary VLAN:
Console> (enable) set vlan 7 pvlan-type primary
Console> (enable)
This example shows how to set VLAN 901 as an isolated VLAN:
Console> (enable) set vlan 901 pvlan-type isolated
Console> (enable)
This example shows how to set VLAN 903 as a community VLAN:
Console> (enable) set vlan 903 pvlan-type community
Console> (enable)
This example shows how to unmap all instances currently mapped to VLAN 5:
Console> (enable) set vlan 5 mistp-instance none
Vlan 5 configuration successful
Console> (enable)
This example shows how to secure a range of VLANs on a Firewall Services Module:
Console> (enable) set vlan 2-55 firewall-module 7
Console> (enable)
This example shows the message that appears w he n VLA N po rt- prov is ion ing veri ficat io n is en ab l ed :
Console> (enable) set vlan 10 2/1
Port Provisioning Verification is enabled on the switch.
To move port(s) into the VLAN, use 'set vlan <vlan> <port> <vlan_name>'
command.
Console> (enable)