To allow the trunk to pass vlan 12 traffic. specifying it a the native vlan is just telling the switch to not TAG vlan 12 traffic.
Regards ________________________________ From: Kingsley Charles <[email protected]> To: [email protected] Sent: Tue, April 13, 2010 9:56:31 AM Subject: [OSL | CCIE_Security] Native vlan mapped to physical interface Hi all Vol 2 > Lab 15 > Section 1.0 ASA1's e0/0 is connected to cat 3 f0/10. vlan 12's subnet address is 192.1.12.0. e0/0's IP address is 192.1.12.10. "switchport trunk native vlan 12" alone is suffice to route traffic from "192.1.12.0" to ASA1's e0/0. Why are we adding vlan 12 in the trunk allowed list? ASA 1 config interface Ethernet0/0 nameif outside security-level 0 ip address 192.1.12.10 255.255.255.0 standby 192.1.12.60 ! interface Ethernet0/0.55 vlan 55 nameif DMZ55 security-level 55 ip address 192.168.5.10 255.255.255.0 standby 192.168.5.60 Cat3 config interface FastEthernet0/10 description ASA1 F0/0 switchport trunk encapsulation dot1q switchport trunk native vlan 12 switchport trunk allowed vlan 12,55 switchport mode trunk With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
