1 2 Previous Next 20 Replies Latest reply: Apr 5, 2018 9:18 AM by Simon Go to original post RSS
       
      • 15. Re: CCNP SWITCH Labs - How to disable DTP
        JaakkoRau

        I would like to add one piece of information:

         

        When port is configured as access port using switchport mode access command, DTP is automatically disabled:

         

        interface GigabitEthernet0/3

        media-type rj45

        negotiation auto

        end

         

        SW4#show interfaces g0/3 switchport

        Name: Gi0/3

        Switchport: Enabled

        Administrative Mode: dynamic auto

        Operational Mode: trunk

        Administrative Trunking Encapsulation: negotiate

        Operational Trunking Encapsulation: dot1q

        Negotiation of Trunking: On

        Access Mode VLAN: 1 (default)

        Trunking Native Mode VLAN: 1 (default)

        Administrative Native VLAN tagging: enabled

        Voice VLAN: none

        Administrative private-vlan host-association: none

        Administrative private-vlan mapping: none

        Administrative private-vlan trunk native VLAN: none

        Administrative private-vlan trunk Native VLAN tagging: enabled

        Administrative private-vlan trunk encapsulation: dot1q

        Administrative private-vlan trunk normal VLANs: none

        Administrative private-vlan trunk associations: none

        Administrative private-vlan trunk mappings: none

        Operational private-vlan: none

        Trunking VLANs Enabled: ALL

        Pruning VLANs Enabled: 2-1001

        Capture Mode Disabled

        Capture VLANs Allowed: ALL

        Protected: false

        Appliance trust: none



        SW4#conf t

        Enter configuration commands, one per line.  End with CNTL/Z.

        SW4(config)#int g0/3

        SW4(config-if)#switchport mode access

        SW4(config-if)#^Z

        SW4#show running-config interface g0/3

        Building configuration...


        Current configuration : 95 bytes

        !

        interface GigabitEthernet0/3

        switchport mode access

        media-type rj45

        negotiation auto

        end

         

        SW4#show interfaces g0/3 switchport

        Name: Gi0/3

        Switchport: Enabled

        Administrative Mode: static access

        Operational Mode: static access

        Administrative Trunking Encapsulation: negotiate

        Operational Trunking Encapsulation: native

        Negotiation of Trunking: Off

        Access Mode VLAN: 1 (default)

        Trunking Native Mode VLAN: 1 (default)

        Administrative Native VLAN tagging: enabled

        Voice VLAN: none

        Administrative private-vlan host-association: none

        Administrative private-vlan mapping: none

        Administrative private-vlan trunk native VLAN: none

        Administrative private-vlan trunk Native VLAN tagging: enabled

        Administrative private-vlan trunk encapsulation: dot1q

        Administrative private-vlan trunk normal VLANs: none

        Administrative private-vlan trunk associations: none

        Administrative private-vlan trunk mappings: none

        Operational private-vlan: none

        Trunking VLANs Enabled: ALL

        Pruning VLANs Enabled: 2-1001

        Capture Mode Disabled

        Capture VLANs Allowed: ALL

         

         

        Protected: false

        Appliance trust: none

         

        So for me it seems static trunk configuration is the only state where switchport nonegotiate is effective.

         

        By the way, in IOSv L2 this command works.

        • 16. Re: CCNP SWITCH Labs - How to disable DTP
          Digamber

          Hello,

           

          The DTP packets are not sent in these three circumstances:

           

          1.) Either the port is a static access port configured by the command switchport mode access

           

          2.) Or the port is a static trunk port configured with the command switchport mode trunk and at the same time, the DTP negotiation is deactivated using the command switchport nonegotiate

           

          3.) The port is a routed port configured with the command no switchport

           

          Best regards,

          Digambar C

          +919096290882

          • 17. Re: CCNP SWITCH Labs - How to disable DTP
            leandroecomp

            Ports administratively configured as trunks still have DTP enabled, while ports administratively configured as access have DTP disabled. The command to disable DTP statically is switchport nonegotiate. Using this command makes it visible in the configuration, however when configuring an access port, the switchport mode access command is what disables DTP.

            • 18. Re: CCNP SWITCH Labs - How to disable DTP
              Michael

              don't you switch it back to access from trunk to disable DTP.

               

              switchport mode access

              switchport switchport nonegotiate

              • 19. Re: CCNP SWITCH Labs - How to disable DTP
                Simon

                Seems it still isn't supported today...

                 

                Think it also cost me in a recent failed attempt at 300-115 exam.

                 

                Please can we get an update?

                 

                (Should've got real equipment to work on!)

                • 20. Re: CCNP SWITCH Labs - How to disable DTP
                  Simon

                  Another command that doesn't seem to be supported is, 'vlan dot1q tag native'. Maybe someone else can confirm this?

                   

                  Find it a bit unfair that fundamental security methods like this are not available to practice. Especially, if you are to be tested on configuration of them in the exam.

                   

                  No excuses. I sit the exam again in a few days.

                  1 2 Previous Next