The catos command blocks the processing and forwarding of vtp packets recieved on the interface. i'm not sure about how the ios version works.
----- Messaggio originale ----- Da: Tassos Chatzithomaoglou <[EMAIL PROTECTED]> Inviato: mercoledi 23 aprile 2008 20.14 A: Peter Rathlev <[EMAIL PROTECTED]> Cc: Brian Turnbow <[EMAIL PROTECTED]>; cisco-nsp@puck.nether.net <cisco-nsp@puck.nether.net> Oggetto: Re: [c-nsp] Blocking VTP http://www.cisco.com/en/US/docs/ios/lanswitch/command/reference/lsw_u1.html#wp1013452 I guess enabling vtp on your internal ports and disabling it on your external ones would accomplish the needed security. I don't know what happens if global vtp (on) and per-port vtp (off) are configured simultaneously. -- Tassos Peter Rathlev wrote on 23/4/2008 8:01 μμ: > On Wed, 2008-04-23 at 13:27 +0200, Brian Turnbow wrote: >> There was set vtp port x/x disable in catos at least for 6500s . >> I don't think it ever worked it's way into ios though. > > 12.2(33)SXH seems to have something called "Per port VTP > enable/disable", where you can put "vtp disable" under an interface > configuration. > > I don't know if this just makes the switch transparent to PDUs received > from that port, or if it actually blocks the PDUs. I hope for the > latter. > > It's probably something they "lifted" from CatOS; I heard that it was > their plan to make the SX train have the same features as CatOS... > > Regards, > Peter > > > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/