Configure Virtual Local Area Network (VLAN) Interface Settings on a Cisco Business 350 Series Switch

Objective

A Virtual Local Area Network (VLAN) allows you to logically segment a Local Area Network (LAN) into different broadcast domains. In scenarios where sensitive data may be broadcast on a network, VLANs can be created to enhance security by designating a broadcast to a specific VLAN. Only users that belong to a VLAN are able to access and manipulate the data on that VLAN. VLANs can also be used to enhance performance by reducing the need to send broadcasts and multicasts to unnecessary destinations.

You can create a VLAN, but this has no effect until the VLAN is attached to at least one port, either manually or dynamically. Ports must always belong to one or more VLANs.

Each VLAN must be configured with a unique VLAN ID (VID) with a value from 1 to 4094. The device reserves VID 4095 as the Discard VLAN. All packets classified to the Discard VLAN are discarded at ingress, and are not forwarded to a port.

This article provides instructions on how to configure VLAN interface settings on an Cisco Business 350 Series Switch.

Applicable Devices | Software Version

• CBS350 (Data Sheet) | 3.0.0.69 (Download latest)
• CBS350-2X (Data Sheet) | 3.0.0.69 (Download latest)
• CBS350-4X (Data Sheet) | 3.0.0.69 (Download latest)

Configure VLAN Interface Settings on a Switch

Important: Before proceeding with the steps below, make sure VLANs have been configured on the switch. To know how to configure VLAN settings on your switch, click here for instructions.

Step 1

Log in to the web-based utility and choose VLAN Management > Interface Settings.

Step 2

Choose an interface from the Interface Type drop-down list and click Go to populate a list of ports or LAGs on the interface.

• Port — From the Interface Type drop-down list, choose Port if only a single port needs to be chosen.
• LAG — From the Interface Type drop down list, choose the LAG to configure. This affects the group of ports defined in the LAG configuration.

Step 3

Click the radio button for the port or LAG you want to modify. Click the edit icon.

Step 3

Click the radio button that corresponds to the desired VLAN mode for the interface from the drop-down menu.

• Access — The interface is an untagged member of a single VLAN. If this option is chosen, skip to Step 10.
• Trunk — The interface is an untagged member of at most one VLAN and is a tagged member of one or more VLANs. If this option is chosen, skip to Step 10.
• General — The interface can be a tagged or untagged member of one or more VLANs.
• Customer — The interface is in Q-in-Q mode. This enables the link partner to use their own VLAN arrangements across the provider network. If this option is chosen, skip to Step 10.
• Private VLAN – Host — This option sets the interface as either isolated or community. You can then choose either an isolated or community VLAN in the Secondary VLAN - Host area.
• Private VLAN – Promiscuous — This option sets the interface as promiscuous.
• VLAN Mapping — Tunnel—Select to set the interface as a VLAN tunnel edge port.
• VLAN Mapping — One to One—Select to set the interface as to be used as a VLAN mapping one to one edge port.

Step 4 (Optional)

In the Ethertype Tagging field, select an Ethertype tagging method for the S-VLAN tag .

Step 5 (Optional)

Click the radio button that corresponds to the desired frame type that the interface can receive. Frames that are not this frame type are discarded at ingress. These options are only available in General mode.

• Admit All — The interface accepts all types of frames (untagged, tagged, and priority tagged frames).
• Admit Tagged Only — The interface accepts only tagged frames.
• Admit Untagged Only — The interface accepts only untagged and priority tagged frames.

Step 6 (Optional)

Check Enable to enable ingress filtering on the interface. When ingress filtering is enabled, the interface discards all incoming frames that are classified as VLANs of which the interface is not a member. This is only available in General mode.

Step 7 (Optional)

Choose the primary VLAN from the Primary VLAN drop-down list. The primary VLAN is used to allow Layer 2 connectivity from promiscuous ports to isolated ports and to community ports.

Note: Alternatively, you can leave it blank if the interface is not in private VLAN mode then skip to Step 10.

Step 8 (Optional)

Choose an isolated or community VLAN for those hosts that only require a single secondary VLAN.

Note: The Secondary VLAN – Host drop-down list is only available if Private VLAN – Host was selected. To learn how to configure Private VLAN settings on a switch, click here for instructions.

Step 9 (Optional)

For promiscuous ports, move all secondary VLANs that are required for normal packet forwarding from the Available Secondary VLANs then click the > button. Promiscuous and trunk ports can be members in multiple VLANs.

Note: These areas are only available if Private VLAN – Promiscuous was selected.

To learn how to configure Private VLAN settings on a switch, click here for instructions.

Step 10

Click Apply, and then click Close.

Step 11

Click Save to save settings to the startup configuration file.

You should now have configured the VLAN interface settings on your Cisco Business 350 Series Switch.