A question about default vlan

Interfaces can only belong to one VLAN. (at least with anything in recent history). If you put an interface into VLAN90, it belongs to VLAN90..

Unless you leave it in vlan 1 and then configure as a trunk. Then your statement is still accurate, but its not apparent that the native vlan of the trunk is vlan 1 since its not an access port. It does show up in show trunk though. But as for access ports, you can only be a member of one vlan, except for secondary vlans, which are still technically a type of tagging.

Possibly that is true with Cisco equipment (I don't know), but it is not true in general. For example the Nortel Baystack line of switches allow one to assign VLANs according to packet protocol in a number of ways -- .e.g, 802.2 vs 802.3 vs SNAP.

I -have- run into switches that allowed one to assign multiple port- based VLANs to the same port. What that -means-, exactly, in terms of the theory of what VLANs -are-, is not clear; I believe the practice on the devices I saw was that packets originating from any of the VLANs could be delivered to the same port, and that packets heading out of the port would be assigned into a VLAN according to the VLAN entry the destination MAC. Yes, this -would- have problems if the same MAC represented different devices on different VLANs, as is legal. The practical use of assigning multiple port-based VLANs to a port appeared to be to allow you to hang a server on the multiply-assigned port and have it able to talk to clients in several VLANs, with those clients not able to talk to each other directly, without the trouble of having to use multiple physical interfaces for the server or the trouble of configuring the server NIC as a trunk port.

How to config a access port with multiple Vlan using cisco switch?

You can't on current hardware.

Ancient hardware supported 'multi vlan mode', but it was a very confusing feature.

What does multiple vlan access port mean to you, and why wouldn't you consider this a huge security risk?

Why can't you do whatever you need to with a trunked port? Almost every ethernet card now-a-days supports .1q trunking natively.

I suspect Cisco removed it do to misuse, misunderstanding, and lots of TAC time taken up by it for something that wasn't really well defined as it was, sort of like VMPS.

Suppose I like to assign a port which can access multiple vlans. If the PC NIC support 802.1q so that port can config to trunk port. if the NIC does not support 802.1q. What can I do? Does cisco trunk port all tagged except native vlan? I know some vendor can config a port with multiple vlans.