Hi Everyone,
I often hear that end user desktops should be configured with access ports, not trunk ports. I understand that this is for security reasons.
However, on my SG300/350 series switches, there is a preconfigured Smartport value for desktops. This configuration configures a trunk port, then assigns the port membership native VLAN to a value you specify.
So in the end, the port is configured as a trunk, but only one VLAN is accessible. This sounds pretty similar to an access port. For example, if I configure a SmartPort for desktop and specify VLAN 152, it looks like this:
Questions
1. Is it wrong to configure an end-user desktop port in this fashion?
2. Any downside to using a trunk port for an end-user desktop as long as no other VLANs are joined?