To use or not to use VLAN 1

Unanswered Question
Mar 6th, 2007

Hey everyone,

I have network that consist of a 2x Cisco 3550 switches and about 30x 2950T switches.

All the switches and core are configured in VLAN 1 along with servers and computers. I am planning on moving the servers to its own VLAN and the same for the computers. Shall I leave the switches in VLAN 1? I am not sure what is the best practise. Can someone please give me some advice.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Tue, 03/06/2007 - 00:51

Hi Mark

Cisco recommends not using vlan 1 for any user/management traffic. Where i work we have a dedicated vlan for managing the switches. No port is left in vlan 1. In addition we always set the native vlan on trunks to be vlan 999 otherwise it will default to vlan 1.

Vlan 1 is still used internally by the switches for vtp, pagp, stp traffic. You can't stop this happening but you can make sure you don't use it yourself.

Attached is a link on a vlan security paper from Cisco which covers the use of vlan 1 among other things




This Discussion