Cisco Vlan Beschränkung
Zur Navigation springen
Zur Suche springen
Anzeigen der Vlans
- switch-gelb#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/0/1, Fa1/0/2, Fa1/0/3, Fa1/0/6, Fa1/0/7, Fa1/0/8, Fa1/0/12
Fa1/0/18, Fa1/0/19, Fa1/0/20, Fa1/0/21, Fa1/0/22, Fa1/0/23
Fa1/0/24, Fa1/0/25, Fa1/0/26, Fa1/0/27, Fa1/0/28, Fa1/0/29
Fa1/0/30, Fa1/0/31, Fa1/0/32, Fa1/0/33, Fa1/0/34, Fa1/0/35
Fa1/0/36, Fa1/0/37, Fa1/0/38, Fa1/0/39, Fa1/0/40, Fa1/0/41
Fa1/0/42, Fa1/0/43, Fa1/0/44, Fa1/0/45, Fa1/0/46, Fa1/0/47
Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4
10 office active Fa1/0/4, Fa1/0/5
20 work active Fa1/0/9, Fa1/0/10, Fa1/0/11
30 labor active Fa1/0/13, Fa1/0/14, Fa1/0/15, Fa1/0/16, Fa1/0/17
40 tante-frieda active
50 ceo active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
- switch-rot#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/1, Gi1/0/2, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/23, Gi1/0/25
Gi1/0/26, Gi1/0/27, Gi1/0/28
10 office active Gi1/0/3, Gi1/0/4, Gi1/0/5
Gi1/0/6
20 work active Gi1/0/7, Gi1/0/8, Gi1/0/9
Gi1/0/10
30 labor active Gi1/0/11, Gi1/0/12, Gi1/0/13
Gi1/0/14
40 tante-frieda active
50 ceo active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Was darf transportiert werden
- switch-gelb#show interfaces trunk
Port Mode Encapsulation Status Native vlan Fa1/0/48 on 802.1q trunking 10 Port Vlans allowed on trunk Fa1/0/48 1-4094 Port Vlans allowed and active in management domain Fa1/0/48 1,10,20,30,40,50 Port Vlans in spanning tree forwarding state and not pruned Fa1/0/48 1,10,20,30,40,50
Vlans beschränken
- switch-gelb#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
- switch-gelb(config)#interface fa1/0/48
- switch-gelb(config-if)#switchport trunk allowed vlan ?
WORD VLAN IDs of the allowed VLANs when this port is in trunking mode add add VLANs to the current list all all VLANs except all VLANs except the following none no VLANs remove remove VLANs from the current list
Alle Vlans die Berechtingung entziehen
- switch-gelb(config-if)#switchport trunk allowed vlan none
- switch-gelb(config-if)#do show interface trunk
Port Mode Encapsulation Status Native vlan Fa1/0/48 on 802.1q trunking 10 Port Vlans allowed on trunk Fa1/0/48 none Port Vlans allowed and active in management domain Fa1/0/48 none Port Vlans in spanning tree forwarding state and not pruned Fa1/0/48 none
Einige Vlans hinzufügen
- switch-gelb(config-if)#switchport trunk allowed vlan add 10,20-40
- switch-gelb(config-if)#do show interface trunk
Port Mode Encapsulation Status Native vlan Fa1/0/48 on 802.1q trunking 10 Port Vlans allowed on trunk Fa1/0/48 10,20-40 Port Vlans allowed and active in management domain Fa1/0/48 10,20,30,40 Port Vlans in spanning tree forwarding state and not pruned Fa1/0/48 none
Vlans entfernen
- switch-gelb(config-if)#switchport trunk allowed vlan remove 30
- switch-gelb(config-if)#do show interface trunk
Port Mode Encapsulation Status Native vlan Fa1/0/48 on 802.1q trunking 10 Port Vlans allowed on trunk Fa1/0/48 10,20-29,31-40 Port Vlans allowed and active in management domain Fa1/0/48 10,20,40 Port Vlans in spanning tree forwarding state and not pruned Fa1/0/48 10,20,40
Am besten man gibt genau die Vlans an dieman will
- switch-gelb(config-if)#switchport trunk allowed vlan add 1,10,20,30,40,50
- switch-gelb(config-if)#do show int trunk
Port Mode Encapsulation Status Native vlan Fa1/0/48 on 802.1q trunking 10 Port Vlans allowed on trunk Fa1/0/48 1,10,20,30,40,50 Port Vlans allowed and active in management domain Fa1/0/48 1,10,20,30,40,50 Port Vlans in spanning tree forwarding state and not pruned Fa1/0/48 1