Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

native vlan and security..

hello there...i need your help.. i heard that we should change native vlan number.. why? and what the consequences to change that native vlan1. ex:cdp,vtp,etc... tx anyway :)

2 REPLIES
Community Member

Re: native vlan and security..

the native vlan is vlan 1 by default.

But if you are configuring the trunk interface, you could change this problem by the command.

switch(config-if)#switchport trunk native vlan [vlan-id]

the untagged data traffic will be forwarding to the new native vlan.

Hall of Fame Super Blue

Re: native vlan and security..

Hi

Attached is a link to a vlan security doc from cisco which explains the use of the native vlan and why it should be changed from vlan 1 which is the default.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml#wp39211

We use a non-routable vlan as our native vlan on all our switches. This vlan also never has any switch ports in it.

Vlan 1 will still be used to send cdp, vtp pagp between switches.

HTH

Jon

317
Views
5
Helpful
2
Replies
CreatePlease to create content