Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Trunk Port/Vlan

I've inherited management of a shared fiber line I'm now the only one administrating it…The line consists of 5 3550-12g switches…My issue is one of the line participants has a port going to his private network set up as a dot1q trunk I cannot see what devise he has connected to the fiber line…I would like to know what vlan's are passing across that trunk port he is connected to…I believe the previous administrator gave this participant all the vtp information and this would give him the ability to access other participants vlan's…

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Trunk Port/Vlan

Well you could SPAN the trunk port out to see what traffic is flowing across but if you know the vlans that the participant should be using i strongly suggest you use the "switchport trunk allowed vlan ... command to limit only those vlans on the link.

That way whether he is honest or dishonest really doesn't make much difference.

Jon

3 REPLIES
Hall of Fame Super Blue

Re: Trunk Port/Vlan

if you run the command "sh int trunk" on the 3550 switch that has the port running off to the private network it will show you which vlans are allowed on that trunk link.

Jon

New Member

Re: Trunk Port/Vlan

That command is showing what is allowed and active which would be everything because it's a trunk port with no limitation, what I would like to know is if he is really using a vlan that he should not be…

Say we have 5 vlans

Participant [A] should only use 1-3

Participant [B] should only use 4 and 5

Because Participant [A] has a trunk port with no limitation on it and the VTP name and password he could be accessing Participant [B] vlans

I would like to know before I take any action that Participant [A] is honest or dishonest

How can I tell if he has vlans setup on his private switch for other Participant?

Hall of Fame Super Blue

Re: Trunk Port/Vlan

Well you could SPAN the trunk port out to see what traffic is flowing across but if you know the vlans that the participant should be using i strongly suggest you use the "switchport trunk allowed vlan ... command to limit only those vlans on the link.

That way whether he is honest or dishonest really doesn't make much difference.

Jon

462
Views
0
Helpful
3
Replies