10-29-2007 11:49 PM - edited 03-03-2019 05:32 AM
Hi Experts,
I have 2 switches. One is switch 3020 and the other one is switch 3750. The port 17 of switch 3750 is configured as trunking port, as below :
switchport trunk encapsulation dot1q
switchport mode trunk
speed 1000
duplex full
The other port 17 at Switch 3020, is configured as below:
interface fastethernet0/17
switchport access vlan 33
--------------------------------------
I have a server connected to port 15, vlan 31.
There is also virtual interface of vlan 31 at 3750 with hsrp standby ip.
-------------------
The question is.. why I am still able to ping to the server from a user that connected to 3750 since the vlan at the trunking is only 33?
Thanks in advanced.
Solved! Go to Solution.
10-30-2007 12:16 AM
The setting "switchport access vlan xxx" determines the vlan ID for the port WHEN it is in access mode. To hard-code it in acces mode you need to enter the command "switchport mode access" as well.
This setting widely recommended as a security measure for ports that you do not want to use as trunks. In this way you can prevent that the attachment of a switch allows access to any vlan in the network.
Leo
10-30-2007 12:07 AM
As you have not specified the port at the 3020 to be in access mode (switchport mode access) the default is in operation.
The default is auto-trunking; when a trunk is discovered on a port, a trunk is established.
You can verify this by checking: sh int ../17 switchport.
This will give you the operational trunking mode.
regards,
Leo
10-30-2007 12:09 AM
Thanks Leo..so this trunking will also applied even when the switchport access vlan xxx is configured at the switchport ??
meaning it can take all the vlans numbering across right? ;)
Thanks again..
10-30-2007 12:16 AM
The setting "switchport access vlan xxx" determines the vlan ID for the port WHEN it is in access mode. To hard-code it in acces mode you need to enter the command "switchport mode access" as well.
This setting widely recommended as a security measure for ports that you do not want to use as trunks. In this way you can prevent that the attachment of a switch allows access to any vlan in the network.
Leo
10-30-2007 12:18 AM
Thanks Leo..
Helpful reply.. :)
Have rated your post..
Regards,
10-30-2007 12:23 AM
Rating posts is always good.
Thanks a lot!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide