Firewall Wizards mailing list archives
RE: VLAN Security
From: Carson Gaspar <carson () taltos org>
Date: Sat, 12 Jun 2004 13:04:14 -0400
--On Thursday, June 10, 2004 7:41 PM +0300 John Kougoulos <koug () intranet gr> wrote:
* Never deliver VLAN 1 downstream (switchport trunk allowed vlan remove 1)Is this possible? As far as I know you can not remove vlan 1 from a trunk at least on a cisco switch. Even if it doesn't appear on the allowed vlans, if you put a sniffer you will see traffic from vlan 1 and on show spanning-tree you will see it running an STP instance for vlan 1.
I believe this was fixed in recent versions of the switch software (as we just disabled VLAN1 after waiting for an OS upgrade), but I'm not a Cisco switch jockey...
-- Carson _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- VLAN Security Jeff Boles (Jun 08)
- Re: VLAN Security Carson Gaspar (Jun 08)
- Re: VLAN Security Bennett Todd (Jun 08)
- Re: VLAN Security Shimon Silberschlag (Jun 23)
- Re: VLAN Security Bennett Todd (Jun 08)
- Re: VLAN Security Mason (Jun 09)
- RE: VLAN Security Vinicius Moreira Mello (Jun 09)
- <Possible follow-ups>
- RE: VLAN Security Melson, Paul (Jun 08)
- RE: VLAN Security DCSIM Subscriptions (IA) (Jun 10)
- RE: VLAN Security John Kougoulos (Jun 11)
- RE: VLAN Security Carson Gaspar (Jun 14)
- RE: VLAN Security John Kougoulos (Jun 11)
- RE: VLAN Security DCSIM Subscriptions (IA) (Jun 16)
- RE: VLAN Security Irwin Lazar (Jun 26)
- Re: VLAN Security Carson Gaspar (Jun 08)