3

Is my VLAN 1 a security risk?

view full story
linux-howto

http://serverfault.com – First of all I'm relatively new to VLANs. I have a ZyXEL GS-1524 switch and two networks that I want to keep separate, but they need to use the same router. The router is on port 22, ports 17 and 18 belong to the first network, and all other ones to the second. The issue is that my switch requires all ports to be on VLAN 1. It did not seem to suffice to create only VLAN 2 for the first network, because the same ports belong to VLAN 1 and anything connected to a port belonging to VLAN 1 would be able to reach it. Therefore I created two new VLANs: VLAN 2 for the first network and VLAN 3 for (HowTos)

grtyyu's picture
Submitted by grtyyu on 05/19/2012 – Made popular on 05/19/2012

Stories similar to Is my VLAN 1 a security risk?

I am trying to configure two separate vlans in ESXi. Right now I have two vlan's set up on a single vswitch in separate port groups (one for vlan 100, one for vlan 110). None of the ports connected to the port group for vlan 100 can go anywhere, including the gateway. Everything connected to the port group for vlan 110 works just fine.

I'm new here and also with networking but i can't set internet conection for some vlan created.

I have a Cisco CE500 switch and created 4 vlans define by the roles in the switch. Vlan 2: Servers (role) (port 3-4) Vlan 3: Desktop (role) (port 5-8) Vlan 4: Guest (role) (port 9-12)

Vlan 1 is default, Connect to the ADSL Modem/Router Port 2 assign to the Router Role (vlan 1)

The switch is connected

I see in arp table only MACs and Vlans pairs. I have 3 ports is in same Vlan in access mode ( vlan is configured as interface with ip address and routing ), my question is if packets routed to this vlan/subnet are sended to all associated ports? Or only to port where destionation IP is connected. In route table is destionation network and mentioned vlan.

We have an HP V1910 switch.

Connected to this is an EXSi host with 4 vswitchs each with a VLAN assigned (1-4) connected to one external nic. Also attached to the HP switch is a SAN file server which is has 2 VLAN compatible NICs.

The port the EXSi is connected to is set to hybrid and has VLAN 1-4 set as tagged with VLAN 1 as the default.

What do I need to do to setup the ports for the SAN so VL

Forgive me as it's been a while since I've worked with VLANs and I've never done this with HP.

THE GOAL

The goal is for me to have 5 separate VLANS that operate independently of each other, and can communicate with the egress port as that is where the servers lie. I would like each vlan to have 4 ports available to send to un-managed switches.

I have the following scenario:

I have a Cisco Aironet 1040 access point. I have it configured with two SSIDs, each going to a different VLAN.

I am setting up 4 Vlan.Port 1 is my management port and belongs to Vlan 1 Port 2-12 is Vlan 2. Port 13-24 is Vlan 3. Port 25-36 Vlan 4. There is 3 different companies that uses Vlan 2-4 but i want them to share one printer. The printer is connected to port 48.

Will this work or do i need to have to install a router?

In order to migrate to a new rack inside the datacenter I have to replicate the VLAN setup between a Cisco Switch and a Dell PowerConnect Swithch.

On the Dell Switch I have 2 VLANs :

vlan 10 : WAN vlan 20 : MGMT

On the Cisco Switch i have created the same VLANs and set up different port range

vlan10 : Ports 1-12 vlan20 : Ports 13-24

Like this example:

interface gigabitethernet2

I was wondering how VLAN access control is set for the CISCO 2950?

I have the following scenario:

4 Switches 9 VLANs

Switch 1: VLAN 1, VLAN 2, VLAN 3, VLAN 4, VLAN 5

Switch 2: VLAN 2, VLAN 3, VLAN 5, VLAN 6, VLAN 9

Switch 3: VLAN 3, VLAN 4, VLAN 7, VLAN 8

Switch 4: VLAN 3, VLAN 7, VLAN 8, VLAN 9

How would I set it up for access control.