Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
480
Views
5
Helpful
2
Replies

native vlan and security..

jemekeren
Level 1
Level 1

‎04-04-2007 07:45 PM - edited ‎03-05-2019 03:18 PM

hello there...i need your help.. i heard that we should change native vlan number.. why? and what the consequences to change that native vlan1. ex:cdp,vtp,etc... tx anyway :)

Labels:
0 Helpful
2 Replies 2

alessandroye
Level 1
Level 1

‎04-09-2007 07:56 AM

the native vlan is vlan 1 by default.

But if you are configuring the trunk interface, you could change this problem by the command.

switch(config-if)#switchport trunk native vlan [vlan-id]

the untagged data traffic will be forwarding to the new native vlan.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎04-09-2007 09:39 AM

Hi

Attached is a link to a vlan security doc from cisco which explains the use of the native vlan and why it should be changed from vlan 1 which is the default.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml#wp39211

We use a non-routable vlan as our native vlan on all our switches. This vlan also never has any switch ports in it.

Vlan 1 will still be used to send cdp, vtp pagp between switches.

HTH

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card