Cisco WS-CE500-24PC Administration Guide - Page 50

Networking Configuring the LAN 2 General mode is recommended if the port is connected to an unmanaged switch with a mix of VLAN-aware and VLAN-unaware devices. If you choose this option, also enter a PVID number for the port, and configure the VLAN Membership in the lower half of the page. - Trunk: The port is a member of a specified set of VLANs. All data going into and out of the port is tagged. Untagged data coming into the port is not forwarded, except for the default VLAN with PVID=1, which is untagged. Trunk mode is recommended if the port is connected to a VLAN-aware switch or router. If you choose this option, also configure the VLAN Membership in the lower half of the page. • PVID: If you chose Access or General mode, enter the Port VLAN ID to be used to forward or filter the untagged packets coming into port. STEP 4 In the VLAN Membership Configuration area, check the box for each VLAN that you want to associate with this port. STEP 5 Click Apply to save your settings. Multiple VLAN Subnets Typically, VLANs are isolated such that the traffic generated by any one of these networks is not seen by the others. However there are instances where you want to enable communication between VLANs. When you configure VLAN subnets, the security appliance routes traffic between VLANs and provides services such as a DHCP server for the members of each VLAN. STEP 1 Click Networking > VLAN > Multiple VLAN Subnets. The Multiple VLAN Subnets window opens. All VLANs from the Networking > LAN > Available VLANs page appear in the List of available Multiple VLAN Subnets table. The Multiple VLAN Subnet Configuration window opens. STEP 2 In the Multiple VLAN Subnet section of the page, enter the following settings: • IP Address: Enter the VLAN subnet IP address. • Subnet Mask: Enter the subnet mask for this VLAN. STEP 3 In the DHCP section of the page, choose the DHCP mode: Cisco SA500 Series Security Appliances Administration Guide 50