Forum Discussion

Nimbostratus

Jul 30, 2009

L2 port security

Hi i want make secure port on Bigip, terminology name on Cisco pvlan (private vlan) like this ; i have 1 internal vlan and assigned port 1.1 and 1.2 to th...

config

design

JRahm

Admin

Jul 31, 2009

Can you provide a drawing of what you're trying to accomplish? I'm not sure I follow what you're saying. For the LTM to receive traffic from your pvlan hosts, it will need to be connected as a promiscous port since your two hosts are (I assume) configured in isolation mode. I personally prefer the vACL approach for controlling intra-subnet traffic for two reasons. 1) configuration is straight forward, making it easy to troubleshoot, and 2) there are some serious holes in pvlan from security perspective.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)