Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What are the methods of securing vlan trunk against switch spoofing and vlan hopping?

user-image
Question ajoutée par Micheal Egereugwu , IT TECHNICAL SUPPORT ENGINEER , AFRI-HUB ICT CENTER
Date de publication: 2017/07/21
Micheal Egereugwu
par Micheal Egereugwu , IT TECHNICAL SUPPORT ENGINEER , AFRI-HUB ICT CENTER

switch#sh int type mod/no

this command displays default switch port configuration: check

administrative mode: dynamic auto

operational mode: dynamic auto

to correct this switch from dynamically negotiting its trunk use and its encapsulation mode issue the following commands

sw(config)#int type mod/no

sw(config-if)#switchport access vlan vlan-id

sw(config-if)#switchport mode access

two things you have achieved with this command

1. removed the switch port from the native vlan and put it in any unused vlan-id

2. chnaged the switchport mode from trunk to access mode

for vlan hopping

set native vlan to a bogus or unused vlan

prune the native vlan off both ends of the trunk.

More Questions Like This