Layer 2 Switching Commands 812switchport general forbidden vlanUse the switchport general forbidden vlan command in InterfaceConfiguration mode to forbid adding specific VLANs to a general mode port.To revert to allowing the addition of specific VLANs to the port, use theremove parameter of this command.Syntaxswitchport general forbidden vlan {add vlan-list | remove vlan-list}• add vlan-list — List of valid VLAN IDs to add to the forbidden list.Separate nonconsecutive VLAN IDs with a comma and no spaces. Use ahyphen to designate a range of IDs.• remove vlan-list — List of valid VLAN IDs to remove from the forbiddenlist. Separate nonconsecutive VLAN IDs with a comma and no spaces. Usea hyphen to designate a range of IDs.Default ConfigurationAll VLANs allowed.Command ModeInterface Configuration (Ethernet and port channel) modeUser GuidelinesThis configuration only applies to ports configured in general mode. It ispossible to configure the general mode VLAN membership of a port while theport is in access or trunk mode. Doing so does not change the VLANmembership of the port until it is configured to be in general mode.ExampleThe following example forbids adding VLAN numbers 234 through 256 toport 1/0/8.console(config)#interface gigabitethernet 1/0/8console(config-if-Gi1/0/8)#switchport general forbidden vlan add 234-256