On Fri, Apr 3, 2009 at 3:34 PM, David Rees <dree...@gmail.com> wrote: > On Fri, Apr 3, 2009 at 7:48 AM, Paul Mansfield > <it-admin-pfse...@taptu.com> wrote: >> use vlans, a managed switch, and use 192.168.x.0/24 for each vlan. for >> bonus points, use NAC and dynamic vlans to allow only approved devices >> and put them on the right network. >> >> (we do something similar, vlan N is 192.168.N/24. it's bad practise to >> use vlan1 so we start at 2) > > I'm fairly new to VLANs - why is it bad practice to use vlan1? >
Security reasons. Vulnerable to VLAN hopping/dropping in some circumstances. --------------------------------------------------------------------- To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com For additional commands, e-mail: discussion-h...@pfsense.com Commercial support available - https://portal.pfsense.org