Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

What are the methods of securing vlan trunk against switch spoofing and vlan hopping?

user-image
Question added by Micheal Egereugwu , IT TECHNICAL SUPPORT ENGINEER , AFRI-HUB ICT CENTER
Date Posted: 2017/07/21
Micheal Egereugwu
by Micheal Egereugwu , IT TECHNICAL SUPPORT ENGINEER , AFRI-HUB ICT CENTER

switch#sh int type mod/no

this command displays default switch port configuration: check

administrative mode: dynamic auto

operational mode: dynamic auto

to correct this switch from dynamically negotiting its trunk use and its encapsulation mode issue the following commands

sw(config)#int type mod/no

sw(config-if)#switchport access vlan vlan-id

sw(config-if)#switchport mode access

two things you have achieved with this command

1. removed the switch port from the native vlan and put it in any unused vlan-id

2. chnaged the switchport mode from trunk to access mode

for vlan hopping

set native vlan to a bogus or unused vlan

prune the native vlan off both ends of the trunk.

More Questions Like This