cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
790
Views
0
Helpful
2
Replies

Prohibit access to switch ports with untagged vlan

rumak18
Beginner
Beginner

Hello,

 

i want to secure my switche from foreign access. I want to make sure, that only computers with the correct VLAN setting (tagged vlan) on his network card is able to get access to this switch. I do not want this this switch to send out untagged packets through ports. 

Is there a way for this?

1 ACCEPTED SOLUTION

Accepted Solutions

Seb Rupik
VIP Advisor VIP Advisor
VIP Advisor

Hi there,

You will need to configure the switchport as mode trunk, and change the default native VLAN to one in a suspended state:

!
vlan 100
  name user_vlan
!
vlan 999
  name UNUSED
  state suspend
!
int gi1/0/'1
  switchport mode trunk
  switchport trunk allowed vlan add 100
  switchport trunk native vlan 999
  no shut
!

cheers,

Seb.

View solution in original post

2 REPLIES 2

Seb Rupik
VIP Advisor VIP Advisor
VIP Advisor

Hi there,

You will need to configure the switchport as mode trunk, and change the default native VLAN to one in a suspended state:

!
vlan 100
  name user_vlan
!
vlan 999
  name UNUSED
  state suspend
!
int gi1/0/'1
  switchport mode trunk
  switchport trunk allowed vlan add 100
  switchport trunk native vlan 999
  no shut
!

cheers,

Seb.

Oh wow. Great and short. I will try it. Didn't know that you can suspend vlans. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: