cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
531
Views
0
Helpful
0
Replies

APIC-EM Plug and Play ISR attached Switch Deployment

michael.taylor
Level 1
Level 1

Hello Fellow Networkers,

In my current configuration a 2K/3K switch obtains a DHCP address across the pnp controlled native VLAN 666.  The adjacent sub-interface on the directly attached ISR is configured with “encapsulation native vlan 666”.  Plug and play deploys successfully; however, I’m trying to mitigate the security risk associated with an intruder getting DHCP serviced VLAN 666 access just by attaching a laptop.

Endeavours so far have involved PnP deploying a switch configuration trunking VLAN 666 and then using a EEM tcl script to amend the ISR sub-interface encapsulation upon receipt of a syslog %LINEPROTO-5-UPDOWN message.

Any advice on the Cisco promoted best practice would be very much appreciated

Thank you in anticipation

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:


This community is intended for developer topics around Data Center technology and products. If you are looking for a non-developer topic about Data Center, you might find additional information in the Data Center and Cloud community