Virtual Wire transition default config ( Tag Allowed ) to layer 2 subinterfaces - Virtual Wire

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Virtual Wire transition default config ( Tag Allowed ) to layer 2 subinterfaces - Virtual Wire

L4 Transporter

Virtual Wire transition default config ( Tag Allowed ) to layer 2 subinterfaces - Virtual Wire

 

Good afternoon, first of all thanks for the support, help and collaboration.

 

Currently there is a scenario where there are two Virtual Wire interfaces, which to filter only the VLAN-TAG, there is the Tag Allowed option where there are the following VLAN TAG: 10,100,150,200,250.

We want to do this to improve filtering issues, better classification through different zones and to be able to classify the traffic in a better way, it is intended to use VWire Subinterfaces to differentiate each TAG with its respective Unique zone for each VLAN.

We intend to migrate little by little, not all at once, some vlans to this new scheme, therefore please your support, comments, clarifications and/or collaboration regarding this point.

As it is to migrate little by little, each vlan, in X maintenance windows, I understand that the steps at a global and general level would be:

 

-Create subinterfaces with example the TAG of VLAN 100 -Create the Vwire leaving the TAG Allowed blank, since the TAG of VLAN 100 will be marked in the TAG of the subinterfaces. -Remove the TAG of VLAN 100 from the TAG Allowed, of the virtual wire, which contains all the TAGs of all the Current VLANs. -Create the corresponding zones for VLAN 100 and associating the tagged subinterfaces (VLAN 100)
-Correctly associate the security policies, in relation to the traffic of VLAN 100.

 

This is thinking, as an example, of VLAN-100 to be gradually migrated, to have a correct operation with the new subinterface scheme for VLAN-100 and obviously to guarantee the correct operation of the other VLANs that are not migrated and not to have any impact with the rest of VLANs that are in the virtualwire without subinterfaces.

 

I remain attentive, please your comments and collaboration.

Thank you

Best regards

High Sticker
1 REPLY 1

Cyber Elite
Cyber Elite

this should work

all the vlans that are int the Tag Allowed will flow throught the 'main' vwire while the vlan tags that correspond to a subinterface tag will flow through the subinterface

just make sure you remove the tag from the vwire when you create a subinterface

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
  • 1707 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!