I've recently setup our PAN-2020's with L3 sub-interfaces presenting VLANS to our core switches (per this discussion: ). However, I've run into a problem that I can't manage or connect to devices, like our SAN, KVM, and even the PAN Firewall (management port) because they are on the same switch and use the default vlan of the switch. If I define an available L3 port as a management network, and leave it untagged, it creates headaches and breaks the L3 vlanning.
My question is, can I create a L3 interface with a network and untagged, attach it to another VR and route management traffic to that VR, and then present that interface to the switch with the untagged network. I don't think that should cause any issues, but wondered if anyone's had experience with this, or ran into similar issues? I've also found this discussion, but they've not complete given me any insight into if this is possible or not:
Thanks for any help you can give. :smileyhappy:
If the switch interface supports both tagged and untagged on the same interface you should be able to have both tagged and untagged traffic on the PA connected to this interface if I fully understand your question =)
I guess my question is... in L3 vlanning, since the physical port is untagged with no defined network, and L3 sub interfaces are added with defined networks, can I define a subinterface untagged with a network without any problems?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!