Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
696
Views
0
Helpful
3
Replies

Trunk Port/Vlan

Go to solution
sdg2009sdg
Level 1
Level 1

‎02-27-2009 07:37 AM - edited ‎03-06-2019 04:17 AM

I've inherited management of a shared fiber line I'm now the only one administrating it…The line consists of 5 3550-12g switches…My issue is one of the line participants has a port going to his private network set up as a dot1q trunk I cannot see what devise he has connected to the fiber line…I would like to know what vlan's are passing across that trunk port he is connected to…I believe the previous administrator gave this participant all the vtp information and this would give him the ability to access other participants vlan's…

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to sdg2009sdg

‎02-27-2009 08:42 AM

Well you could SPAN the trunk port out to see what traffic is flowing across but if you know the vlans that the participant should be using i strongly suggest you use the "switchport trunk allowed vlan ... command to limit only those vlans on the link.

That way whether he is honest or dishonest really doesn't make much difference.

Jon

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎02-27-2009 07:59 AM

if you run the command "sh int trunk" on the 3550 switch that has the port running off to the private network it will show you which vlans are allowed on that trunk link.

Jon

0 Helpful

Go to solution
sdg2009sdg
Level 1
Level 1
In response to Jon Marshall

‎02-27-2009 08:39 AM

That command is showing what is allowed and active which would be everything because it's a trunk port with no limitation, what I would like to know is if he is really using a vlan that he should not be…

Say we have 5 vlans

Participant [A] should only use 1-3

Participant [B] should only use 4 and 5

Because Participant [A] has a trunk port with no limitation on it and the VTP name and password he could be accessing Participant [B] vlans

I would like to know before I take any action that Participant [A] is honest or dishonest

How can I tell if he has vlans setup on his private switch for other Participant?

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to sdg2009sdg

‎02-27-2009 08:42 AM

Well you could SPAN the trunk port out to see what traffic is flowing across but if you know the vlans that the participant should be using i strongly suggest you use the "switchport trunk allowed vlan ... command to limit only those vlans on the link.

That way whether he is honest or dishonest really doesn't make much difference.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card