NATIVE LAN with a CISCO CATALYST 2960 & KERIO CONTROL

pdenableetoavit19698 · ‎02-23-2023

Hi there,

I am reconfiguring a Cisco switch connected to a Kerio Control that act as dhcp controller. There are multiple lans configured and vlans and am trying to understand which one is the native LAN.

How to tell?

If using 4 different LANs what is the ideal LAN configuration?

Thank you and have a nice day!

marce1000 · ‎02-24-2023

- The native VLAN is the one into which untagged traffic will be put when it’s received (or send) on a trunk port ,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

balaji.bandi · ‎02-24-2023

The Native VLAN is simply the one VLAN which traverses a Trunk port without a VLAN tag.

Is the switch act as just Layer 2 ? or Layer 3 (if layer 3 means you need to use IP-helper address to get DHCP for the respected VLAN to get respected IP address).

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎02-24-2023

you config subinterface ?
if Yes then
do show interface trunk <<- this in SW you can now know which Native VLAN the SW use

if you face issue with Kerio please update us.

Richard Burts · ‎02-25-2023

We are told there is a 2960 switch with multiple lans/vlans but no other helpful detail. Is there a single connection from 2960 to Kerio? Or are there perhaps multiple connections? It is tempting to assume that there is a single connection and that it is configured as a trunk. But it would be nice to be sure of that detail.

Assuming that it is a single connection configured as a trunk can you post the configuration of that interface? By default in a Cisco trunk the native vlan is vlan 1, but it is possible that the config specifies a different native vlan. So seeing the configuration would be helpful.

The original poster asks a very open ended question "If using 4 different LANs what is the ideal LAN configuration?". Without knowing more about the environment it is difficult to say what is ideal, but advice that is frequently offered would suggest that if there are to be 4 active LAN networks that the switch should be configured with 4 vlans in addition to the default vlan 1. Unused switch ports would remain in vlan 1 and as switch ports are activated and devices are connected the switch port would be assigned to one of the other vlans.

As we think about the ideal configuration another question would be whether a single connection from the switch to the controller device is sufficient or whether multiple connections from switch to controller device would provide redundancy and be worth the effort and expense.

HTH

Rick

pdenableetoavit19698 · ‎02-25-2023

Thank you so much for your helpful feedback @Richard Burts @MHM Cisco World @balaji.bandi @marce1000. New learning curve atm...

Here is quick map to start with.

Yes there is a single connection from 2960 to Kerio. Not sure yet if trunk.

Should there be a Lan for each internet/connectivity/ISP (vsat/starlink/4g etc) ,

Which one should be the native LAN?

Vlans are mainly organized around admin/staff/guests/entertainment system

Agree with the option to have multiple connection from switch to contoller. Will have to see what is the best way to implement it.

Thank you again!

MHM Cisco World · ‎02-25-2023

Yes that why I ask you in previous post if you face issue with Kerio
simple solution
check the native vlan in SW
and never use native vlan in link between SW and Kerio why ?
because cisco send untag frmae for native vlan but ohter vendor send tag for native vlan.
this make mismatch in SW.

or you can use
vlan dot1q tag native <<- this command force cisco SW to tag native vlan

THIS ALSO THE ANSWER FOR YOUR SECOND POST ABOUT PUTTY ERROR LOG MESSAGE YOU RECEIVE

pdenableetoavit19698 · ‎02-26-2023

ok thanks! will check vlans. here is the Kerio routing table.

Georg Pauwen · ‎02-27-2023

Hello,

do you have the switch configuration ? Unless explicitly specified somewhere in the configuration the default Vlan 1 is most likely the native Vlan. Post the output of 'sh run' from the 2960 switch.

Richard Burts · ‎02-27-2023

The posted routing table from Kerio is interesting. It shows multiple networks routed through some gateway which appears to be on LAN 6 port. It would be nice to know whether that is the connection to the 2960 (which seems likely to me) or connects to something else. The fact that there are multiple networks with a single gateway suggests to me that the connection of 2960 to Kerio is a single vlan and not a trunk.

It would help if we could see the config of the 2960.

HTH

Rick

pdenableetoavit19698 · ‎02-27-2023

SW to kerio is on LAN3

balaji.bandi · ‎02-25-2023

I think you have other thread we hve address i gues ? is this is something new ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎02-26-2023

Hello,

post the full running configuration (sh run) of the switch. Where is the inter-Vlan routing taking place ?

pdenableetoavit19698 · ‎02-27-2023

btw...how to have the config displaying in one shot without having to press enter to display every next line?

>>>
Building configuration...

Current configuration : 8017 bytes
!
! Last configuration change at 02:05:40 UTC Fri Mar 26 1993
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname SW48
!
boot-start-marker
boot-end-marker
!
logging buffered 16532
no logging console
enable secret
enable password
!
no aaa new-model
system mtu routing 1500
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !

--More-- quit
--More-- spanning-tree mode pvst
--More-- spanning-tree extend system-id
--More-- !
--More-- vlan internal allocation policy ascending
--More-- lldp run
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- interface FastEthernet0/1
--More-- description ToRouter
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/2
--More-- description ToRouter
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/3
--More-- description ToKerio
--More-- switchport mode trunk
--More-- switchport nonegotiate
--More-- !
--More-- interface FastEthernet0/4
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/5
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/6
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/7
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/8
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/9
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/10
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/11
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/12
--More-- description AccessPoint
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/13
--More-- description Sat
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/14
--More-- description Sat
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/15
--More-- description Sat
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/16
--More-- description Sat
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/17
--More-- description Sat
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/18
--More-- description Sat
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/19
--More-- description Sat
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/20
--More-- description Sat
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/21
--More-- description Sat
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/22
--More-- description Yamaha
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- ip access-group FILTER_AIRPLAY in
--More-- !
--More-- interface FastEthernet0/23
--More-- description Yamaha
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- ip access-group FILTER_AIRPLAY in
--More-- !
--More-- interface FastEthernet0/24
--More-- description Yamaha
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- ip access-group FILTER_AIRPLAY in
--More-- !
--More-- interface FastEthernet0/25
--More-- description AppleTV
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/26
--More-- description AppleTV
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/27
--More-- description AppleTV
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/28
--More-- description AppleTV
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/29
--More-- description AppleTV
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/30
--More-- description AppleTV
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/31
--More-- description AppleTV
--More-- switchport access vlan 110
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/32
--More-- description YamahaWXAD
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/33
--More-- description YamahaWXAD
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/34
--More-- description YamahaWXAD
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/35
--More-- description YamahaWXAD
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/36
--More-- description Cypress
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/37
--More-- description Panasonic
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/38
--More-- description Crestron
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/39
--More-- description Crestron
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/40
--More-- !
--More-- interface FastEthernet0/41
--More-- description BR1
--More-- switchport access vlan 130
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/42
--More-- description Triad
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/43
--More-- description AccessPoint
--More-- switchport access vlan 100
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/44
--More-- description AccessPoint
--More-- switchport access vlan 100
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/45
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/46
--More-- description AccessPoint
--More-- switchport access vlan 100
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface FastEthernet0/47
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface FastEthernet0/48
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface GigabitEthernet0/1
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface GigabitEthernet0/2
--More-- switchport access vlan 100
--More-- switchport mode access
--More-- !
--More-- interface GigabitEthernet0/3
--More-- description PC
--More-- switchport mode trunk
--More-- !
--More-- interface GigabitEthernet0/4
--More-- description NAS
--More-- switchport trunk native vlan 100
--More-- switchport mode trunk
--More-- !
--More-- interface Vlan1
--More-- no ip address
--More-- shutdown
--More-- !
--More-- interface Vlan100
--More-- ip address

Richard Burts · ‎02-27-2023

Thanks for posting the config. term length 0 should give you the output in one shot.

Assuming that Fast0/3 is the connection to Kerio then it is a trunk and the native vlan would be vlan 1.

HTH

Rick