Native VLAN mismatch issue on Cat 3750 with Intrushield

joe.rella · ‎01-31-2007

I am trying to partition off 4 sections of the Cat 3750, to act as virtual switches separate from each other. I want traffic to go from VLAN 2, through an Intrushield device, to VLAN 3 which has the gateway port. Whenever I connect the Intrushield, I get Native VLAN mismatch messages on the switch console and the communication does not work. I understand that the switch is seeing the same traffic on 2 different VLANs (exiting out a port on VLAN 2, traversing the Intrushield, and re-entering the switch on VLAN 3)and is complaining. Does anyone know how to do this? Do I need to buy separate switches, or can the cat 3750 be partitioned this way? If it can, how?

mheusinger · ‎01-31-2007

Hello,

assuming that the Intrushield is basically transparent and just monitoring the frames, I would assume the BPDUs will trigger those messages. In principle you could get the same result when connecting the VLAN2 port and the VLAN3 port with a crossover cable.

You could setup BPDU filter on the respective ports to block BPDUs.

Can you please check in "Understanding BPDU Filtering"

http://www.cisco.com/en/US/products/hw/switches/ps5532/products_configuration_guide_chapter09186a008067edd0.html#wp1046220

whether this resolves your issue.

Hope this helps! Please use the rating system.

Regards, Martin

joe.rella · ‎01-31-2007

This was very helpful. I turned on BPDU filtering, but I was still getting the messages on the console. I then disabled CDP on those same interfaces and the messages went away. Everything is working as I envisioned it originally.

Thanks.