This question is concerning a standalone switch using port fa 0/1-24. If I leave the default vlan1 configured on all fa0/1-24 ports, and connect port fa0/1 to vlan 10; then the other 23 ports will also assume vlan 10 connectivity. If I disconnect port fa0/1 from vlan 10, and connect port fa 0/24 to vlan 20; the the other 23 ports will assume vlan 20 connectivity. Is there another way to perform the function described above and avoid using vlan1 due to Cisco's concern for security.
I am not really clear on what you are asking: you have a standalone 3560 switch, you want to avoid using VLAN 1, and instead want to dynamically assign ports to VLANs ?
As to using VLAN 1, the general recommendation is to not use it for data traffic, but in your case, having only one switch, that would not be a (security) concern. VLAN 1 is normally used for management, but in a standalone environment, you can leave the ports at their default (which is VLAN 1).
Dynamically assigning ports to VLANs based on the VLAN port assignment of one specific port is, to my best knowledge, not possible. There is a way to dynamically assign VLANs to ports, based on the client´s MAC address, which is called VMPS, but which is rather tedious to set up...
Lets take this a step further. This 3560 is in a test lab and assume vlan 10 would be coming from a production network and vlan 20 is the test lab on wheels. The default setting for the switch would be vlan20 for work inside the test lab on every day basis and isolated. Now I want to connect into the production network (vlan10) and upload a large amount of test data and all the devices on vlan 20 would need to belong to vlan 10 during this connection. Then disconnect from vlan 10 and return the 3560 to vlan 20 isolated again. I am trying to avoid trunking or routing due to this lab being remote and not being manageable, yet have a test engineer plug into vlan 10 only when data needs uploading without reconfiguring the switch for vlan 10 versus vlan 20. I am not sure this can be done but the engineer thinks networks are magic.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.