6500 IOS Native L2 Port Security (VTP/STP/CDP/others)

Unanswered Question
Aug 26th, 2009

Hi Forum,

I am testing L2 port security when attaching Corporate swith to an external switch.

1. I can disable STP on the port so the external switch does not affect my network.

2. Add BPDU Guard to it in case it starts STP.

3. change VTP default domain and password.

4. Disable CDP

I will like to know if there is any further measures that I can take to secure the port to an external Switch. I will like to disable VTP on this port if possible.

Any recommendations?

Many thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Thu, 08/27/2009 - 08:21

Hello Gil,

>> I will like to disable VTP on this port if possible.

have vlan1 not permitted on the port

interface type x/y

switchport

switchport trunk enc dot1q

switchport trunk allowed vlan x,y,z

switchport mode trunk

with x,y,z <> from 1

Hope to help

Giuseppe

Actions

This Discussion