NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

peos42's avatar
peos42
Tutor
Mar 04, 2018
Solved

Forbidden VLANs

Hi all   Let´s assume I configure a a trunk port this way.... --snip-- interface 1/xg26 description 'SERVER3' switchport mode trunk switchport trunk native vlan 2026 switchport trunk allowed ...
Security
security VLAN
  • peos42's avatar
    peos42
    Mar 29, 2018

    I am satisfied by doing exclude. Therefor I do not want to spend more time with a private chat. Also... I think the community deserve to know. To get help in the forum is one thing. To share info is another. The second one is not fulfilled if going into a private chat.

     

    As I have a work around with the exclude (that I think should not be needed), I am done in this thread. But I do think netgear should consider to clarify for all as it is a securrity matter.

     

    Tnx for your time

    /Peo

peos42's avatar
peos42
Tutor
Mar 20, 2018

Please explain what you mean... I must be missing something.

 

The Native VLAN I have is 999 to tag untagged incoming internet traffic on port 28 to be able to take it out on another switch port. TV traffic already has VLAN tag 21. So no change here as it will stop working. Everything is working well.

 

I only talk about it seems VLAN 1 is till allowed even though it is not configured. I think it is a design flaw to even see vlan 1 when doing "show interfaces switchport 1/xg28". This as I have actively chosen what is allowed. And vlan 1 is not a part of the allowed list.

 

Also.. The GUI already shows PVID is 999 on switch port 28, but CLI shows 1. This is for sure not ok with this miss match.

 

 

 

 

To exclude VLAN 1 is a solution. This is what I have done. But what I mean here is that it should not be necessary here...

 

DaneA's avatar
DaneA
NETGEAR Employee Retired
Mar 27, 2018

peos42,

 

I inquired again your concern to the higher tier of NETGEAR Support and just got a feedback.  It was suggested that you open a chat or online support ticket with NETGEAR Support here at anytime in order to further investigate if this is a possible flaw as per you have described here in the forum thread.  

 

 

Regards,


DaneA

NETGEAR Community Team

  • peos42's avatar
    peos42
    Tutor
    Mar 29, 2018

    I am satisfied by doing exclude. Therefor I do not want to spend more time with a private chat. Also... I think the community deserve to know. To get help in the forum is one thing. To share info is another. The second one is not fulfilled if going into a private chat.

     

    As I have a work around with the exclude (that I think should not be needed), I am done in this thread. But I do think netgear should consider to clarify for all as it is a securrity matter.

     

    Tnx for your time

    /Peo

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More