native vlan
Hi,
i was wondering if there would be any issues if switches in network are configured with different native vlans on different trunks?
For example, native vlan between sw1 and sw2 is 3 and between sw2 and 3 is 5. Would there be some chance of vlan hopping this way?
SW1=======SW2=======SW3
i was wondering if there would be any issues if switches in network are configured with different native vlans on different trunks?
For example, native vlan between sw1 and sw2 is 3 and between sw2 and 3 is 5. Would there be some chance of vlan hopping this way?
SW1=======SW2=======SW3
Comments
-
networker050184
Mod Posts: 11,962 Mod
No that won't cause any issues. It won't increase your chances of a Valn hoping attack either from what I understand about it.An expert is a man who has made all the mistakes which can be made. -
APA
Member Posts: 959
Its a best practice... so no issues as long as the native vlans configured are not user vlans and aren't used on any switchports to pass data therefore minimizing propagation if a malicious user did try to vlan hop
Configure your switchports to access mode for connectivity to end hosts...... if somehow a user ends up part of the native vlan and tried to vlan-hop then at least the propagation of that traffic has been minimized by what I mentioned above.
CCNA | CCNA:Security | CCNP | CCIP
JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
JNCIS:SP | JNCIP:SP