N1148T-ON private vlan and management VLAN 1

Hello.

I have a central switch model Dell S4048-ON with a few vlans created. One of them is the VLAN 111 used in a port-channel. Here is the configuration:

...............

interface Port-channel 11 description "Aula 11" no ip address switchport no shutdown ..... interface Vlan 111 description vlan 111 Aula 11 ip address 10.11.0.254/16 untagged Port-channel 11 ip pim sparse-mode ip igmp immediate-leave ip igmp version 3 ip access-group ACL100 in ip helper-address 10.0.0.1 no shutdown !

 

Connected to that port-channel is the student's classroom switch model Dell N1148T-ON (firmware 6.7.1.8).

I created private vlan to avoid communication between students. Here is part of the config with 2 isolated ports and the LACP 1 and port 45 as private-vlan promiscuous:

! configure vlan 1111-1112 exit vlan 1111 private-vlan primary private-vlan association 1112 exit vlan 1112 private-vlan isolated exit interface vlan 1 ip address 10.11.0.253 255.255.0.0 exit ip default-gateway 10.11.0.254 ! interface Gi1/0/1 switchport mode private-vlan host switchport private-vlan host-association 1111 1112 exit ! interface Gi1/0/2 switchport mode private-vlan host switchport private-vlan host-association 1111 1112 exit ! interface Te1/0/25 channel-group 1 mode active exit ! interface Te1/0/26 channel-group 1 mode active exit ! interface Te1/0/27 channel-group 1 mode active exit ! interface Te1/0/28 channel-group 1 mode active exit ! interface Gi1/0/47 switchport mode private-vlan promiscuous switchport private-vlan host-association 1111 1112 switchport private-vlan mapping 1111 1112 exit ! interface port-channel 1 switchport mode private-vlan promiscuous switchport private-vlan mapping 1111 1112 exit

 

Everything is working properly. In the classroom switch, isolated ports (1 and 2) can connect to the internet and other servers in the network (through port-channel 1), and also to port 47 in the same switch. From por 47 I can ping ports 1 and 2 and connect to any other server in the network. And finally ports 1 and 2 can't connect to each other as expected.

The problem I have is I can't connect to the switch IP management address 10.11.0.253, from promiscuous ports (port-channel 1 and 47) or from isolated ports (not important for me).

I can connect only to the management IP address using any port belonging to VLAN 1. And I would need to connect from central switch and port 47.

I don't know how to solve this. Any idea?

Thanks in advance.