Butch, What you are trying to do is called q-in-q vlans or dot1q-tunnel
Depending on the version of IOS, it may or may not be supported. Quick google will get you more info... or you can try to find more info in these docs http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/interfaces/configuration/guide/if_cli/if_qinq_tunnel.pdf FYI, if your switch does not support it, then you can always do it manually... ... define them as trunk ports remove / disable the vlans you don't want to pass change the pvid to some other vlan (than 1) Regards. Faisal Imtiaz Snappy Internet & Telecom 7266 SW 48 Street Miami, FL 33155 Tel: 305 663 5518 x 232 Help-desk: (305)663-5518 Option 2 or Email: [email protected] ----- Original Message ----- > From: "Butch Evans" <[email protected]> > To: [email protected] > Sent: Saturday, December 10, 2016 1:57:45 PM > Subject: [AFMUG] Cisco config? > I have a scenario where I need some "special" handling for vlans and am > not sure how to configure this switch to handle it. Software is: > > IOS (tm) C3550 Software (C3550-I9Q3L2-M), Version 12.1(9)EA1c > > Switch model is WS-C3550-24. Here is the scenario I need to configure: > > Most ports are configured as trunk mode, so any vlans I add to gear outside > the > switch just pass through as I configure them. > I have 4 ports (13-16) that need to be separate. Currently, these are set up > as > "switchport access vlan20". This configuration > effectively creates a separate "switch", which is what I need. What I would > LIKE to do, is have the ability to have those 4 ports allow > me to create vlan configuration on gear plugged into these ports as well. In > other words, I want to create "2 switches" and have > any port that is part of "switch 1" pass vlans unhindered between those ports > and "switch 2" do the same. > > I hope this is clear. I only need a quick example, as I am somewhat familiar > with the configs, just not sure how to overcome the > single vlan limit on the access port. The problem I have is that SOME gear on > some of these ports are vlan unaware (and it needs to > stay that way). Here is a portion of the config showing the 3 port > configuration types: > > > ! > interface FastEthernet0/9 > description Kelly Office > switchport trunk encapsulation dot1q > switchport mode trunk > no ip address > ! > interface FastEthernet0/10 > no ip address > > > ! > interface FastEthernet0/13 > description Accounting switch > switchport access vlan 20 > switchport mode access > no ip address > ! > > > In practice, port 13 (14-16 are exactly like 13) cannot see traffic on either > port 9 or 10. Ports 9 and 10 can see each other (which is what I need) Any > vlan that > I configure on gear plugged into ports 9 or 10 are simply passed through. > Ports > 13-16 do not permit the vlan on the gear to pass. > > -- > Butch Evans > Training and Support for WISPs > 702-537-0979 > http://store.wispgear.net/ > http://www.butchevans.com/
