Multiple Cisco 3500-XL and Protected ports.

Hi Folks,

Is someone able to please confirm my thinking about this situation.

We have 2 x C3500-XL 48 port Switches connected with a Trunk and using just 6 VLANS across both switches. We now have a need to configure just ONE of the VLAN's (using ports spread over both switches) into "port protected" mode (with a single port connected to a F/W as NOT Port Protected), however this URL (sorry it requires a Cisco Login, can someone please advise how to make the URL "public" ???) -

suggests that Port Protection can only be used local to ONE switch, which means we would need to - 1. Configure a new VLAN on the "second" switch, 2. Re-address all hosts on the "new" VLAN 3. And "join" the unprotected ports as separate ports on the F/W.

The annoying part is that the above URL also suggests one would need to use trunking to get between the Switches, but Port Protection is not maintained across Trunk links so why mention it (we have confirmed that this appears to be the case).

Is someone able to confirm my suspicions about this and any other options we might have?

Thanks....................pk.