RE: Switching Question...Security...

From: Tyson Scott (tscott@ipexpert.com)
Date: Thu Jan 08 2009 - 14:04:07 ARST

If I am understanding your question you have trunk links to each device.

Switchport trunk allowed vlans x,x,x

would prevent any new vlans from being allowed over the trunk port to the
switch.

Regards,
 
Tyson Scott - CCIE #13513 R&S and Security
Technical Instructor - IPexpert, Inc.

Telephone: +1.810.326.1444
Cell: +1.248.504.7309
Fax: +1.810.454.0130
Mailto: tscott@ipexpert.com
 
Join our free online support and peer group communities:
http://www.IPexpert.com/communities
 
IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On Demand
and Audio Certification Training Tools for the Cisco CCIE R&S Lab, CCIE
Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE Storage
Lab Certifications.

 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
backbone systems
Sent: Thursday, January 08, 2009 2:13 AM
To: CCIE Lab
Subject: Switching Question...Security...

Hi,

i have the following scenerio......read it in an old book..

i have router R1-R2- R3 connected to a switch SW1....they have point
to point subinterfaces created bw the three routers....fully
mesh...with different vlans....

Now if the qs says..." The administrator is concerned that future
users can create additional trunk interfaces on the routers for
communication.u need to configure SW1 in such a way that they can not
do that.the overall summary was that u need to stop creation of any
new point to point communication between the routers.no more dot1q
trunks"

what possible solutions can we possible have to the above question?

BB

Blogs and organic groups at http://www.ccie.net

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:37 ARST