02-27-2009 07:37 AM - edited 03-06-2019 04:17 AM
I've inherited management of a shared fiber line I'm now the only one administrating itâ¦The line consists of 5 3550-12g switchesâ¦My issue is one of the line participants has a port going to his private network set up as a dot1q trunk I cannot see what devise he has connected to the fiber lineâ¦I would like to know what vlan's are passing across that trunk port he is connected toâ¦I believe the previous administrator gave this participant all the vtp information and this would give him the ability to access other participants vlan'sâ¦
Solved! Go to Solution.
02-27-2009 08:42 AM
Well you could SPAN the trunk port out to see what traffic is flowing across but if you know the vlans that the participant should be using i strongly suggest you use the "switchport trunk allowed vlan ... command to limit only those vlans on the link.
That way whether he is honest or dishonest really doesn't make much difference.
Jon
02-27-2009 07:59 AM
if you run the command "sh int trunk" on the 3550 switch that has the port running off to the private network it will show you which vlans are allowed on that trunk link.
Jon
02-27-2009 08:39 AM
That command is showing what is allowed and active which would be everything because it's a trunk port with no limitation, what I would like to know is if he is really using a vlan that he should not beâ¦
Say we have 5 vlans
Participant [A] should only use 1-3
Participant [B] should only use 4 and 5
Because Participant [A] has a trunk port with no limitation on it and the VTP name and password he could be accessing Participant [B] vlans
I would like to know before I take any action that Participant [A] is honest or dishonest
How can I tell if he has vlans setup on his private switch for other Participant?
02-27-2009 08:42 AM
Well you could SPAN the trunk port out to see what traffic is flowing across but if you know the vlans that the participant should be using i strongly suggest you use the "switchport trunk allowed vlan ... command to limit only those vlans on the link.
That way whether he is honest or dishonest really doesn't make much difference.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide