Vlan retagging only supports in Transparent Mode.

Unfortunately I am unable to find the complete doc with example , but I think it is good to start with that doc.

Thanks

Atif

Hi,

thank you Atif for you presence...

I have fixed "partially" this issue...

both FW ports are running in Transparent Mode.

below is a partial view of my lab topology:

                                                           +------------+

 towards L3SW (port A)   <-------------|  ns5200  |------------->  towards L3SW (port B)

                                                           +------------+

L3SW is my layer 3 switch

when configuring the remote ports of my L3SW  as "trunk links" ---> it does not work

when I configure these remote ports in "access mode" ---> it works

the thing is that I need to configure these links as "trunk" because I will use mutiple vlans over each physical link

so the question is: how to put local ports (of the FW) in "trunk mode" ?

I already tried the command  "set interface vlan1 vlan trunk ". but it was rejected by the FW. Below is the output :

ns5200-> set interface vlan1 vlan trunk 
can't set vlan trunk if there is any user define vlanID set
ns5200->  

any idea ?

thank you in advance

rgds

--

Vlan can be as the Trunk or the retagger not at the same time.

Can you please confirm that you are trying to use both at the same time ?

Thanks

Atif

Hi,

your are right Atif. I am using the FW as a "vlan retagger" but in the other hand I need to configure the remote ports (on my L3SW) as "trunk links" because I need to send multiple vlans on each physical port.

this is why, I have tried to use the command "set interface vlan1 vlan trunk".

I don't know if a netscreen device (running in Transparent Mode and acting as a "vlan retagger") can handle multiple vlans on the same physical ports ? If it is possible to do such configurations, could you advise how ?

many thanks in advance

rgds

--

Thank you (very much) Atif for your help

situation is clear now

Have a nice week-end.

rgds

--

Hi Atif,

I am sorry Atif to asking you again... but just to be sure !

I want to avoid any confusion about the term "trunk"...

ethernet2/1 <---[ns5200] ---> ethernet2/2

I have the following :

 - both ports e2/1 & e2/2 are running in Transparent mode (they belongs to 2 differents Layer 2 security zones)

 - I have configured the FW to act as a vlan-retagger between VLAN a (present on e2/1) and VLAN b (present on e2/2)

my the question is :

 - Is it true that:

    + If I keep both interfaces running in Transparent mode (ports affected to Layer 2 security zones), then

    + If I add VLAN c (on e2/1)  and VLAN d (on e2/2) --> I can not do vlan-retagging anymore ?

Would you like to confirm this assertion ?

Many thanks in advance.

 rgds

--