I recently upgraded from an old ISA to a Forefront box. I'm now receiving a ton of 0xc0040050 errors. The vast majority are to an internal broadcast address - 100.100.100.255. This is a legacy subnet that runs on VLAN 1. I have three VLANs defined on my Forefront box - 40, 50, 250. These are configured with HP's NCU and function perfectly. It sounds like Forefront sees these packets and throws an error since it is not expecting any direct traffic in that IP range. I need to stop this logging, either by removing VLAN1 from the switchport or at the Forefront side.
The router in question is an aging 2811 running IOS 12.4. Forefront is on SP 1 rollup 3. I'm really hoping that I can somehow remove this VLAN from the switchport – that seems the cleanest solution. I can’t pull it by default and I’m not familiar with a way of overriding that behavior.
interface FastEthernet1/8
switchport trunk native vlan 250
switchport trunk allowed vlan 1,2,40,50,250,1002-1005
switchport mode trunk
When I attempt to remove the VLAN I receive
Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.