Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1229
Views
0
Helpful
6
Replies

Port configuration in Access mode

cguadall
Level 1
Level 1

‎10-13-2021 02:49 AM

Is it possible to configure/force one port to be configured as acces-mode from dashboard?

Labels:
0 Helpful
6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

‎10-13-2021 02:56 AM

Not sure what Model of this switch ?

 

If this is CBS

 

https://www.cisco.com/c/en/us/support/docs/smb/switches/Cisco-Business-Switching/kmgmt-2528-assign-interface-vlan-as-access-or-trunk-port-cbs.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

cguadall
Level 1
Level 1
In response to balaji.bandi

‎10-13-2021 03:03 AM

Yes, It is a CBS. We have no problem configuring a port in access-mode from switch GUI.

 

We want to configure the port from the Cisco Business Dashboard.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to cguadall

‎10-13-2021 06:19 AM 

Cisco Business Dashboard

i am not a big user of CBS, Is this located in cloud ? what option you have ?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

David Harper
Cisco Employee
Cisco Employee

‎10-13-2021 09:22 PM

Hi there,

 

The dashboard doesn't expose the acces vs trunk setting.  Rather it always configures the port as a trunk and just allows and denies vlans on the trunk based on your configuration.  If you only select a single access vlan for a port in dashboard, then the end result is a trunk port with the native vlan set and no other vlans allowed.

 

Is there a particular reason why you need an access port role rather than a trunk with only a native vlan enabled?

 

Cheers,

Dave.

0 Helpful

cguadall
Level 1
Level 1
In response to David Harper

‎10-14-2021 12:56 AM

Hi Dave,

 

We consider a best practice to configure as access-mode the ports where only one VLAN is needed.

 

- Configure all user-facing ports as non-trunking (DTP off) --> https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/Baseline_Security/securebasebook/sec_chap7.html

 

 

In addition, we are facing In some strange cases when we add a VLAN to a profile, this new VLAN is added to some undesired trunks ports.

0 Helpful

David Harper
Cisco Employee
Cisco Employee
In response to cguadall

‎10-15-2021 02:04 AM

I understand where you are coming from.  Do bear in mind that the best practices you cite are aimed at the Catalyst switch line which support a number of features that are not supported in the Cisco Business portfolio.  In particular, DTP is not supported by the Cisco Business switches, so in the context of those guidelines, a trunk port on a Cisco Business switch with only a native vlan configured and permitted will function the same as an access port.  Only untagged frames will be accepted in to the native vlan and tagged frames with any other vlan ID will be discarded.  And since there is no dynamic negotiation supported for the VLANs being trunked, the only way to change the behaviour is to reconfigure the switch.

 

With regards to the second point you raised, when you add a new vlan to a device group with multiple network devices in it, the dashboard will also explicitly enable the vlan on links that interconnect those devices in order to make sure the vlan in contiguous across the device group.  Does that explain what you are seeing, or are the undersired ports connected to something else?

 

Cheers,

Dave.

0 Helpful
Customers Also Viewed These Support Documents