[c-nsp] Blocking VTP
Tassos Chatzithomaoglou
achatz at forthnet.gr
Sun Apr 20 04:27:37 EDT 2008
1) make the port an access port
2) block 01-00-0C-CC-CC-CC (used by CDP too)
3) use transparent vtp v1 & different domain
4) block vlan 1 (although actually that's not possible)
You can also use "switchport nonegotiate" to turn DTP off, if you're getting vtp mismatch messages
(different vtp domains on each side).
--
Tassos
Skeeve Stevens wrote on 20/4/2008 10:53 πμ:
> Hey All,
>
> Is there a way on a 2950, 3550, 3560(G), 3750(G) to block VTP from coming in
> a port - at all.
>
> .Skeeve
>
> --
> Skeeve Stevens, RHCE
> skeeve at skeeve.org / www.skeeve.org
> Cell +61 (0)414 753 383 / skype://skeeve
>
> eintellego - skeeve at eintellego.net - www.eintellego.net
> --
> I'm a groove licked love child king of the verse
> Si vis pacem, para bellum
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list