Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
967
Views
0
Helpful
1
Replies

VTP Authentication

remco.gussen
Level 1
Level 1

‎10-31-2006 06:37 AM - last edited on ‎03-25-2019 03:52 PM by Community Manager

Hi There

I'm looking for a solution to create security within a VTP domain.

For example: 5 switches are sharing the same VTP domain. Switch 1 is allowed to pick up only VLAN 1 and passes all the VLAN's. Swich 2 is allowed to pick up only VLAN 2 and passes all the VLAN's. Is this posible based on MAC-address ? Are there any documents that describe how to do / configure it ?

Gr.

Remco

Labels:
0 Helpful
1 Reply 1

tdrais
Level 7
Level 7

‎10-31-2006 02:08 PM

VTP is created to have all switches have a common view of the vlans. It really is not a security thing more of a configuration assistant. If a vlan is in the database a switch can assign a port to the vlan. The best you can do is make it so that a client switch cannot define a port to a vlan that does not exist. The other purpose is to allow broadcast traffic to be pruned off a trunk. If there are no ports on a switch it would prune the vlan off the trunk. I normally manually only allow vlans on trunks I know there are ports active rather than turn everything on and hope it gets pruned.

I do not know a way to restrict a switch from placing ports into a vlan that needs to pass over its trunk ports.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card