Configuring VLANs
Defining Private VLANs
Defining Private VLANs
Private VLANs (PVLAN) increase network security by limiting
•Promiscuous — Promiscuous ports can communicate with all ports within a PVLAN. All promiscuous pack- ets are automatically assigned to both the Isolated and the Community VLANs.
•Isolated — Isolated ports are completely isolated from other ports in the same PVLAN. However isolated ports can communicate with promiscuous ports. In addition, all traffic to and from isolated ports with a VLANs is blocked, except for traffic from promiscuous ports. All isolated ports are automatically assigned to the Iso- lated VLAN.
•Community — Community ports communicate with other community ports and with promiscuous ports. Community ports are separated from all other interfaces in other communities or isolated ports in the same PVLAN. All community ports are automatically assigned to the Community VLAN and to the Private VLAN.
Notes
•Ports cannot be defined as either promiscuous or isolated port if the ports are existing VLAN members.
Notes
•Previously created VLANs cannot be configured as isolated or community VLANs.
Notes
•Isolated and Community VLANs are included in the total VLAN count.
If the Primary VLAN is deleted, both the Isolated and the Community VLANs are also deleted. In addition, the Iso- lated and Community VLANs only forward untagged traffic. To define Private VLANs:
1.Click Basic Setup > VLAN >Private VLANs. The Private VLANs Page opens.
Page 113
