We are looking to convert our DMZ to a PVLAN. One issue I am running into while labbing it up is, I cant seem to get trunk ports to work properly as PVLAN secondary ports. The SAN that hosts some of our DMZ servers connects to our 5400 switch via trunk port, so this is necessary. Is there a way to set this up?
For testing purposes, I am testing the connection between a 6300 switch (Switch 1) and a 6000 switch (Switch 2). The 6300 is setup with PVLANs the the 6000 is not. I have already confirmed the PVLANs on the 6300 work properly. The setup is:
Switch 1 (6300)
vlan 10
private-vlan primary
vlan 11
private-vlan isolated primary-vlan 10
vlan 12
private-vlan community primary-vlan 10
int 1/1/1 (Link to router)
vlan trunk native 1
vlan trunk allowed 10
private-vlan port-type promiscuous
int 1/1/2 (Isolated user port)
vlan access 11
private-vlan port-type secondary
int 1/1/3 (Community user port)
vlan access 12
private-vlan port-type secondary
int 1/1/24 (Link to SW2)
vlan trunk native 1
vlan trunk allowed 11
private-vlan port-type secondary
Switch 2 (6000)
int 1/1/1 (user port)
vlan access 11
int 1/1/24
vlan trunk native 1
vlan trunk allowed 11
I have also tried setting the secondary vlan as the native vlan on the trunk port but that did not work either. Any suggestions would be much appreciated.