Switchport forbidden vlan – Edge Products ES3528-WDM User Manual
Page 468
 
VLAN Commands
30-12
30
Command Mode
Interface Configuration (Ethernet, Port Channel)
Command Usage
• A port, or a trunk with switchport mode set to hybrid, must be assigned to at
least one VLAN as untagged.
• If a trunk has switchport mode set to trunk (i.e., 1Q Trunk), then you can only
assign an interface to VLAN groups as a tagged member.
• Frames are always tagged within the switch. The tagged/untagged parameter
used when adding a VLAN to an interface tells the switch whether to keep or 
remove the tag from a frame on egress. 
• If none of the intermediate network devices nor the host at the other end of the
connection supports VLANs, the interface should be added to these VLANs 
as an untagged member. Otherwise, it is only necessary to add at most one 
VLAN as untagged, and this should correspond to the native VLAN for the 
interface. 
• If a VLAN on the forbidden list for an interface is manually added to that
interface, the VLAN is automatically removed from the forbidden list for that 
interface. 
Example 
The following example shows how to add VLANs 1, 2, 5 and 6 to the allowed list as 
tagged VLANs for port 1:
switchport forbidden vlan
This command configures forbidden VLANs. Use the no form to remove the list of 
forbidden VLANs.
Syntax
switchport forbidden vlan {add vlan-list | remove vlan-list}
no switchport forbidden vlan
• add vlan-list - List of VLAN identifiers to add.
• remove vlan-list - List of VLAN identifiers to remove.
• vlan-list - Separate nonconsecutive VLAN identifiers with a comma and no 
spaces; use a hyphen to designate a range of IDs. Do not enter leading 
zeros. (Range: 1-4093).
Default Setting
No VLANs are included in the forbidden list.
Command Mode
Interface Configuration (Ethernet, Port Channel)
Console(config)#interface ethernet 1/1
Console(config-if)#switchport allowed vlan add 1,2,5,6 tagged
Console(config-if)#