Management VLAN is send tagged over each port! mayor security issue!
while working with the nebula CC and switches for a couple of months I've noticed something very worrying.
When configuring an port for only 1 specific VLAN, it also sends the management VLAN tagged over this interface. This is an very big issue because this port could be used to give internet access to guests for instance. I've tried accessing the management vlan over the configured port and it is accessible indeed.
We've already tried setting the port type to access and trunk, but the problem persists.
Please see the screenshots below for how it is set up and how it configures the switch.