Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
319
Views
0
Helpful
2
Replies

VLAN1 and Management VLAN

mark.wood
Level 1
Level 1

‎01-11-2009 02:29 AM - edited ‎03-06-2019 03:22 AM

I am using VLAN2 for management and VLAN3 and above for data. Do I still need to assign an IP address to VLAN1?

Many thanks for you help

Mark

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎01-11-2009 04:02 AM

Mark

If there are no devices that are in vlan 1 then no you do not need to assign an IP address for vlan 1 interface and you should shutdown vlan 1 interface.

Jon

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎01-11-2009 05:01 AM

Hello Mark,

for security reasons the best thing is to:

- shut SVI vlan1 if exists

- never use vlan 1 even for unused ports.

A suggestion is to use a dedicated parking Vlan for unused ports that:

has no Layer 3 services on it

it is never used as Native Vlan on an 802.1Q trunk in your campus.

the reason for not using Vlan1 for unused ports is that in any case a switch tells more to a PC if the port is in Vlan1.

if you don't use Vlan1 neither for management neither for data you are on the right path from a security point of view.

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card