Can someone definitively tell me what a catalyst 4507 will do with tagged frames that it receives on an access port?
My old 5500 that I just replaced seems to have been forwarding such traffic unadulterated to the destination mac address but the 4507 I just installed doesn't seem to be.
I'm aware of security implications about allowing hosts to add vlan tags to their traffic but this is a lab environment where the behavior of the old switch was of great benefit in our situation.
Will the 4507 drop tagged frames that it receives on a non trunk port?
Thank you in advance.
>> the endpoints are tagging some of their outbound frames with their own vlan information. In other words, it's not a vlan that exists on the cisco switch. It's just an identifier that the receiving endpoint will recognize and process independently of IP communications
this is not permitted anymore. You understand the disruptive potential of what you have described above in the network of a bank.
You should define all the vlans that you are going to use only at layer2 (no ip services over them)
make all the ports trunk ports
switchport trunk enc dot1q
switchport trunk native vlan 193
switchport mode trunk
the default is that all L2 vlans are permitted
vlan 193 has also L3 services but this is not a problem
this should work
the vlans have to be defined at layer2 (so I hope)
Hope to help