cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
380
Views
4
Helpful
3
Replies

switchport question

serotonin888
Level 1
Level 1

Hi,

Ive been looking at the config on a cisco 4506 (not one that ive setup). And i noticed that several of the interfaces have both "switchport access vlan 10" and "switchport mode trunk" configured. I thought that this wasnt possible. I thought the switchport could only be "access" or "trunk". e.g.

interface GigabitEthernet2/20

switchport access vlan 10

switchport trunk encapsulation dot1q

switchport trunk native vlan 10

switchport mode trunk

switchport nonegotiate

This shows as a trunk link in "sh int status" so im guessing the "trunk" overrides "access"?

Can anyone help explain why the ports might have been configured like this?

Appreciate any help

Thanks

1 Accepted Solution

Accepted Solutions

Collin Clark
VIP Alumni
VIP Alumni

Let's say someone decided to unplug the cable and plug their laptop into the port. The port would come up as an access port and be in VLAN 10, which should have no access (since VLAN 10 is also the native VLAN I am assuming there is no L3 gateway for vlan 10). Some see this as a security enhancement, locking the port in a secure vlan.

Hope that helps.

View solution in original post

3 Replies 3

Collin Clark
VIP Alumni
VIP Alumni

Let's say someone decided to unplug the cable and plug their laptop into the port. The port would come up as an access port and be in VLAN 10, which should have no access (since VLAN 10 is also the native VLAN I am assuming there is no L3 gateway for vlan 10). Some see this as a security enhancement, locking the port in a secure vlan.

Hope that helps.

Kevin Dorrell
Level 10
Level 10

Because you have the port hard-configured as a trunk, and furthermore you do not even negotiate, the switchport access vlan 10 will be ignored.

If you had the situation where the trunk status was negotiated then the command would be relevant whenever it fell back to access mode.

Kevinn Dorrell

Luxembourg

serotonin888
Level 1
Level 1

Thanks to both of you. Both posts were very helpful.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: