Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VTP and security

We currently are running VTP. We are in the process of upgrading some current closets that connect back to dual 65XX. What my question is. Should we not be doing VTP and also start to configure Pruning. Here is a sample setup

4 to 5 3750s will be connected back to dual 65XX.

Is it good security practices to not use VTP, and is pruning good practice as well.

VIP Purple

Re: VTP and security

Hello Scott,

I would continue running VTP, and if you are looking for added security, configure VTP passwords on all your switches. As for pruning, I think VTP pruning is much easier and less work-intensive to configure than statically allowing (or disallowing) VLANs on your trunk links. In your scenario, I would configure both 6500 switches as VTP servers, and configure the 3750 switches as VTP clients. Also, I would configure the 6500 switches as primary and secondary root switches. Depending on the amount of VLANs you have, you might want to distribute the VLANs among both switches, that is, configure half of the VLANs with one of the 6500 switch as primary root (and the other half as secondary), and do the reverse on the other 6500...

Hope that makes sense...



CreatePlease login to create content