I just read a post where one of you said if a pc connects to a switch port that is configured as ISL trunk, it should be isolated.
I just did a test about this. The PC can ping the gateway that is on the siwtch it connects to. The port is ISL trunk.
is this test result reasonalbe? or am i missing something here?
switchport trunk encapsulation isl
switchport trunk allowed vlan 1
switchport mode dynamic desirable
when I mentioned an ISL trunk I was meaning a port that is a trunk always not as a result of DTP negotiation
try the following
switchport mode trunk
in this case the port is always a trunk and doesn't need to negotiate a trunk using DTP (another Cisco L2 protocol) like in your config. The PC doesn't asnwer to DTP messages and the port reverts to mode access
In your scenario if you use
sh int fas0/1 switchport
you should see
admin state : trunk or dynamic desirable
operational state: access port
your port should act as an access port in Vlan1 and as a result of this the PC is not isolated and can ping the default gateway on Vlan1.
Hope to help