I'm embarrased to say, I got it wrong, you must use any Vlan but 1 on the trunk port. Here's the direct quote from the link below"
"... prolonged discussions took place with the switch vendor to discuss the implications of the results above. After consultation with their developers it was concluded that the traffic from VLAN 1 was allowed to hop to other VLANs because the trunk port was also set (implicitly) to native VLAN 1. They suggested that by changing the native VLAN of the trunk port the VLAN hopping could be eliminated. This was tested and was found to be true......" http://www.sans.org/newlook/resources/IDFAQ/vlan.htm -- RFC 1149 Compliant. Get in my head: http://sar.dynu.com ""MADMAN"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > How?? > > C6509> (enable) clear vlan 1 > VLAN number must be in the range 2..1000,1025..4094. > C6509> (enable) > > You can disable it on trunks however > > dave > > "Steven A. Ridder" wrote: > > > > The big problem with Vlan 1 is that if it exists on your network a hacker > > can do VLAN hopping (not a good thing). Cisco recommends deleting Vlan 1 > > from switches. > > > > -- > > > > RFC 1149 Compliant. > > Get in my head: > > http://sar.dynu.com > > > > ""maverick hurley"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > absoultly it will help for security, The thing to remember is that your > > > ports are default for native vlan1. You can specify a different vlan > > number > > > for your management like vlan 5. But in case of trunking mishaps/issues > > and > > > vlan pruning issues it is safer using vlan 1. > -- > David Madland > Sr. Network Engineer > CCIE# 2016 > Qwest Communications Int. Inc. > [EMAIL PROTECTED] > 612-664-3367 > > "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39268&t=39192 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
