beautypg.com

Private vlans – NETGEAR AV Line M4250 GSM4210PX 8-Port Gigabit PoE+ Compliant Managed AV Switch with SFP (220W) User Manual

Page 576

background image

8. In the Ports table, select the ports that must be protected ports and members of the

protected port group.
By default, all ports are unprotected.

9. Click the Apply button.

Your settings are saved.

10. To save the settings to the running configuration, click the Save icon.

Private VLANs

A private VLAN contains switch ports that cannot communicate with each other, but can
access another network. These ports are called private ports. Each private VLAN contains
one or more private ports and a single uplink port or uplink aggregation group. Note
that all traffic between private ports is blocked at all layers, not just Layer 2 traffic, but
also traffic such as FTP, HTTP, and Telnet.

A private VLAN separates a regular VLAN domain into two or more subdomains. Each
subdomain is defined (represented) by a primary VLAN and a secondary VLAN:

Primary VLAN: The primary VLAN ID is the same for all subdomains that belong to
a private VLAN.

Secondary VLAN: The secondary VLAN ID differentiates subdomains from each
other and provides Layer 2 isolation between ports of the same private VLAN.

Within a private VLAN, three types of VLANs can exist:

Primary VLAN: The VLAN forwards traffic from promiscuous ports to isolated ports,
community ports, and other promiscuous ports in the same private VLAN. In a private
VLAN, you can configure one primary VLAN only. All ports in a private VLAN share
the same primary VLAN.

Isolated VLAN: The VLAN is a secondary VLAN that carries traffic from isolated ports
to promiscuous ports. In a private VLAN, you can configure one isolated VLAN only.

Community VLAN: The VLAN is a secondary VLAN that forwards traffic between
ports that belong to the same community and to the promiscuous ports. In a private
VLAN, you can configure multiple community VLANs.

Within a private VLAN, the switch supports five types of port designations:

Promiscuous port: The port is a member of a primary VLAN (within the private VLAN)
and can communicate with all types of ports in the private VLAN, including other
promiscuous ports, community ports, and isolated ports.

Main User Manual

576

Manage Switch Security

AV Line of Fully Managed Switches M4250 Series Main User Manual

See also other documents in the category NETGEAR Video surveillance systems: