Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
385
Views
6
Helpful
5
Replies

cisco 3560 and 2 subnets questions

stickhg
Level 1
Level 1

‎01-10-2006 06:00 PM - edited ‎03-03-2019 01:23 AM

This question is concerning a standalone switch using port fa 0/1-24. If I leave the default vlan1 configured on all fa0/1-24 ports, and connect port fa0/1 to vlan 10; then the other 23 ports will also assume vlan 10 connectivity. If I disconnect port fa0/1 from vlan 10, and connect port fa 0/24 to vlan 20; the the other 23 ports will assume vlan 20 connectivity. Is there another way to perform the function described above and avoid using vlan1 due to Cisco's concern for security.

Labels:
0 Helpful
5 Replies 5

lgijssel
Level 9
Level 9

‎01-10-2006 11:47 PM

Yes there is.

Configure the inter-switch link as a trunk and create a vtp domain spanning both switches. You can then configure each individual port to belong to any vlan you want.

Regards,

Leo

0 Helpful

Georg Pauwen
VIP
VIP

‎01-11-2006 12:06 AM

Hello,

I am not really clear on what you are asking: you have a standalone 3560 switch, you want to avoid using VLAN 1, and instead want to dynamically assign ports to VLANs ?

As to using VLAN 1, the general recommendation is to not use it for data traffic, but in your case, having only one switch, that would not be a (security) concern. VLAN 1 is normally used for management, but in a standalone environment, you can leave the ports at their default (which is VLAN 1).

Dynamically assigning ports to VLANs based on the VLAN port assignment of one specific port is, to my best knowledge, not possible. There is a way to dynamically assign VLANs to ports, based on the client´s MAC address, which is called VMPS, but which is rather tedious to set up...

Does that make sense ?

Regards,

GP

stickhg
Level 1
Level 1
In response to Georg Pauwen

‎01-11-2006 03:25 AM

Lets take this a step further. This 3560 is in a test lab and assume vlan 10 would be coming from a production network and vlan 20 is the test lab on wheels. The default setting for the switch would be vlan20 for work inside the test lab on every day basis and isolated. Now I want to connect into the production network (vlan10) and upload a large amount of test data and all the devices on vlan 20 would need to belong to vlan 10 during this connection. Then disconnect from vlan 10 and return the 3560 to vlan 20 isolated again. I am trying to avoid trunking or routing due to this lab being remote and not being manageable, yet have a test engineer plug into vlan 10 only when data needs uploading without reconfiguring the switch for vlan 10 versus vlan 20. I am not sure this can be done but the engineer thinks networks are magic.

0 Helpful

Georg Pauwen
VIP
VIP
In response to stickhg

‎01-11-2006 04:01 AM

Hello,

there is no way to dynamically assign a VLAN to a specific port (other than the VMPS mentioned before). So you would need either routing or trunking at a minumum...

Regards

GP

stickhg
Level 1
Level 1
In response to Georg Pauwen

‎01-11-2006 04:27 AM

Thanks for the help. I intend to leave the switch on vlan 1 then let the ports go to vlan 10 or 20 depending on which connectivity is used.

0 Helpful
Customers Also Viewed These Support Documents