Skip to main content

mark f edwards

26 Posts

December 9th, 2013 10:00

solved it.....

two different solutions:

1)  snmp-server community mark-net rw view DefaultSuper

2)  erase everything, start over, and go with all the defaults, which will prompt you for everything.  then adjust the ports accordingly.

mark f edwards

26 Posts

December 10th, 2013 08:00

since this line is causing the issues accessing the web-interface over the protected ports:

switchport mode private-vlan community

i am wondering if one of these other options would be more suitable?

console(config-if)# switchport mode ?
 private-vlan - - - -private VLAN modes
 general - - - - - - -generic port mode
 access - - - - - - - vlan unaware port
 trunk - - - - - - - - - vlan aware port

mark f edwards

26 Posts

December 10th, 2013 09:00

mark f edwards

26 Posts

December 8th, 2013 19:00

maybe this will help shed some light on the issue:

console# show running-config
interface ethernet e1
switchport mode private-vlan isolated
exit
interface range ethernet e(2-24)
switchport mode private-vlan community
exit
interface ethernet g4
switchport mode private-vlan promiscuous
exit
vlan database
vlan 1000
exit
interface vlan 1000
private-vlan primary
private-vlan isolated 20
private-vlan community add 10
exit
interface range ethernet e(2-24)
switchport private-vlan community 10
exit
interface ethernet g4
switchport private-vlan promiscuous 1000
exit
interface ethernet e1
switchport private-vlan isolated 1000
exit
interface vlan 1
ip address 192.168.123.234 255.255.255.0
exit
username admin password 21232f297a57a5a743894a0e4a801fc3 level 15 encrypted

Default settings:
Service tag: 5N0P291

SW version 1.0.1.10 (date 27-Sep-2005 time 17:55:49)

Fast Ethernet Ports
==========================
no shutdown
speed 100
duplex full
negotiation
flow-control off
mdix auto
no back-pressure

Gigabit Ethernet Ports
=============================
no shutdown
speed 1000
duplex full
negotiation
flow-control off
mdix auto
no back-pressure

interface vlan 1
interface port-channel 1 - 8

spanning-tree
spanning-tree mode STP

qos basic

mark f edwards

26 Posts

December 9th, 2013 10:00

hello daniel -

thank you for replying.   i was able to get past my problem two different ways:

1) start completely over and just use the defaults when prompted
2) enter this command:   snmp-server community marks-net rw view DefaultSuper

but here are my simple requirements:  i want port E1 to be an isolated port (for a wireless station), then i want ports E2-E48 all part of one protected community.  G4 is connected to our router.  the router is an ordinary linksys off-the-shelf router, so i assume its level-3 since it uses subnet-masking.

port one cannot ping any other port.   ports two through 48 can all ping each-other and can not ping port one -- so everything appears to be working correctly.

below is the results my running-config.   naturally any suggestions you may have are most appreciated!   thank you.

console# show running-config
interface ethernet e1
switchport mode private-vlan isolated
exit
interface range ethernet e(2-48)
switchport mode private-vlan community
exit
interface ethernet g4
switchport mode private-vlan promiscuous
exit
vlan database
vlan 1000
exit
interface vlan 1000
private-vlan primary
private-vlan isolated 20
private-vlan community add 10
exit
interface range ethernet e(2-48)
switchport private-vlan community 10
exit
interface ethernet g4
switchport private-vlan promiscuous 1000
exit
interface ethernet e1
switchport private-vlan isolated 1000
exit
interface vlan 1
ip address 192.168.123.234 255.255.255.0
exit
ip default-gateway 192.168.123.254
username admin password 21232f297a57a5a743894a0e4a801fc3 level 15 encrypted
snmp-server community vvcc-net rw view DefaultSuper


Default settings:
Service tag: G8WY281

SW version 1.0.0.112 (date 20-Jun-2005 time 22:04:47)

Fast Ethernet Ports
==========================
no shutdown
speed 100
duplex full
negotiation
flow-control off
mdix auto
no back-pressure

Gigabit Ethernet Ports
=============================
no shutdown
speed 1000
duplex full
negotiation
flow-control off
mdix auto
no back-pressure

interface vlan 1
interface port-channel 1 - 8

spanning-tree
spanning-tree mode STP

qos basic

mark f edwards

26 Posts

December 9th, 2013 15:00

a bit of an update - the web-interface still works on e1, but no other port.  its as if the webpage-interface itself is considered to be outside the community.

mark f edwards

26 Posts

December 9th, 2013 15:00

hey daniel -

interesting enough, about mid-way though my configure, i "loose"  the ability to connect via web.   i ran through my configuration script [yet] again, but as an experiment at each step, i refreshed the webpage interface to make sure it was still answering.

however, as soon as i issue this command:

switchport mode private-vlan community

the web-browser page quits responding to me.  my configuration steps are below.

enable
configure
interface vlan 1
ip address 192.168.0.250 /24
exit
ip default-gateway 192.168.0.1
username admin password admin level 15
vlan database
vlan 1000
exit
interface vlan 1000
private-vlan primary
private-vlan community add 10
private-vlan isolated 20
interface range ethernet e2,e4
interface range ethernet e2-48
switchport mode private-vlan community
switchport private-vlan community 10
interface ethernet e1
switchport mode private-vlan isolated
switchport private-vlan isolated 1000
interface ethernet g4
switchport mode private-vlan promiscuous
switchport private-vlan promiscuous 1000

can you offer me some assistance as to how i can have port e1 totally isolated, ports e2-48 community, and g4 the internet ?

thank you so much !

Was this post helpful?

View All

No Events found!

Top