Can we use the native VLAN as a normal VLAN ? - Cisco Community

513

Views

0

Helpful

4

Replies

Hi Everyone,

What's the main reason of having a native VLAN in a Cisco Switch ? Why the VLAN traffics passing through this native VLAN are all untagged ?

Can we use the native VLAN as a normal VLAN ?

Please advise.

Thanks !

Alvin

4 Replies 4

The native vlan in a 802.1Q trunk is exactly an untagged vlan. It's a little bit different concept comparing to some other vendor where you add an interface into a vlan and then you choose if it's tagged or untagged.

Yes you can use a native vlan as a "normal" data (PCs) vlan.

Hi Leandro,

Thanks for your information.

What will be the best practice of using the native VLAN ? For management purpose ? Leave it intact without assigning any IP address ? Or just use it as a normal VLAN ?

Thanks !

Alvin

Maybe that will help you:

My “Security Best Practice” is to configure the Native VLAN ID to VLAN 666 and to ensure that this VLAN is not used anywhere in the network. The number “666″ helps people to remember this. An attacker who attempts to use the VLAN hopping attack will end up in a dead VLAN that has no hosts to leverage.

Thanks, Leandro.

Regards,

Alvin

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking products for a $25 gift card