Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 588
  • Last Modified:

Cisco switch config with a dumb switch

Hi Experts,
I am have a vlan 25 assigned to a port and I need to extend that drop to more than one host, and need to connect a dumb switch to that port. All devices on that port will extend vlan 25 and no other vlans will be present on that dumb switch.

I know I need on that interface:
switchport mode access
switchport access vlan 25

Do I need to completely disable spanning-tree on that port?

Please advise.

Thanks,
Marek
0
maredzki
Asked:
maredzki
  • 3
  • 2
  • 2
1 Solution
 
Don JohnstonInstructorCommented:
Do I need to completely disable spanning-tree on that port?
Nope
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
IF you disable spanning-tree on that port AND you connect 2 ports of the dumb switch to create a loop, your Cisco-switch would not prevent that from happen.

So I would say that you SHOULD keep spanning-tree running on that port to avoid that from happening.

Regards
Jimmy
0
 
Don JohnstonInstructorCommented:
If two ports on the dumb switch are connected, spanning tree won't help.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
Yeah, because the Cisco-switch will see his own BPDU:s coming back.
0
 
maredzkiAuthor Commented:
So what do you guys suggest, keep spanning-tree there with portfast or other setting? The reason I ask is that the cisco switch warns when you set spanning-tree portfast on a port that if you have the port connected to a hub, switch, bridge etc it will cause issues.

Marek
0
 
Don JohnstonInstructorCommented:
I'd keep STP on. Because there's nothing to gain by turning it off.

Portfast on offers no benefit so that won't matter.
0
 
maredzkiAuthor Commented:
Ok, I will keep the seettings I have and use them for the port connecting to the dumb switch:

spanning-tree portfast
switchport mode access
switchport access vlan 25
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now