Port host is a macro that turns off port channelling, turns on portfast. Nothing in port host that I know of shuts off VTP or HSRP frames from running around the layer 2 broadcast domain....you might be able to do something with a VACL, i am not sure..we deny access in our 6509's to rogue dhcp servers with a VACL...
Larry Letterman Network Engineer Cisco Systems ----- Original Message ----- From: "Daniel Cotts" To: Sent: Friday, January 24, 2003 2:49 PM Subject: RE: How to Block STP, VTP, etc. on Access Ports? [7:61796] > It appears that the "Security Consultants" then didn't earn their fee. Must > be a company run by Dogbert. > Consulting truism: "The higher up the chain of command you sell your > services - the less you have to know and the higher you can charge." > > > -----Original Message----- > > From: s vermill [mailto:[EMAIL PROTECTED]] > > > Thanks Priscilla. I found it interesting that the security > > consultants made > > note of these "findings" and made a strong recommendation > > that we fix them. > > No suggestions on how to do so were offered. I imagine there > > is a L2 ACL > > solution or something along those lines. I was hoping for > > something clean, > > but I guess it's time to earn our paycheck. > > > > Regards, > > > > Scott [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61841&t=61796 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
