Solved: Allowing multiple Vlans on access port

msgforsunil · ‎02-11-2013

Hello Team,

I have the following configurations in cisco CISCO7606 (R7000).

Can you please explain, if its meaningful to have the below configuration, wherein , we are allowing multiple vlans on the access port? If no, then why do we allow such configuration?

interface FastEthernet4/45

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 124-127,423,478,493,578,699,751,787,895,987,1981

switchport mode access

end

interface FastEthernet4/46
switchport
switchport trunk allowed vlan 124-127,423,478,493,578,699,751,787,895,987,1981
switchport mode access
end

Thanks

Sunil Kumar

Edison Ortiz · ‎02-11-2013

As I indicated, the port is set to access mode, not trunk:

1 default active Gi2/6, Gi2/11, Gi2/12, Fa4/13, Fa4/15, Fa4/26, Fa4/27, Fa4/28, Fa4/34

Fa4/38, Fa4/43, Fa4/45, Fa4/46, Fa4/47

When a port is set to trunk, it won't be listed in the show vlan command.

View solution in original post

Edison Ortiz · ‎02-11-2013

Is the port up/up?

If the port is not connected, the trunk port reverts back to Vlan 1.

View solution in original post

Edison Ortiz · ‎02-11-2013

The mode is set to access so the trunk configuration is ignored.

At this moment, that port is assigned to Vlan 1.

Can you post the output from 'show vlan' command?

msgforsunil · ‎02-11-2013

Please find the output below. Listing only those ones that has "/" in it. Please let me know, if you want complete output(which runs to multiple pages)

7606-001#show vlan | include /

1 default active Gi2/6, Gi2/11, Gi2/12, Fa4/13, Fa4/15, Fa4/26, Fa4/27, Fa4/28, Fa4/34

Fa4/38, Fa4/43, Fa4/45, Fa4/46, Fa4/47

205 VLAN0205 act/unsup

211 VLAN0211 active Fa4/10, Fa4/17

369 VLAN0369 active Fa4/25

404 VLAN0404 active Fa4/48

712 VLAN0712 active Fa4/24

932 VLAN0932 active Gi2/5

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

1182 VLAN1182 active Fa4/31

1190 VLAN1190 active Fa4/42

7606-001#

Edison Ortiz · ‎02-11-2013

As I indicated, the port is set to access mode, not trunk:

1 default active Gi2/6, Gi2/11, Gi2/12, Fa4/13, Fa4/15, Fa4/26, Fa4/27, Fa4/28, Fa4/34

Fa4/38, Fa4/43, Fa4/45, Fa4/46, Fa4/47

When a port is set to trunk, it won't be listed in the show vlan command.

msgforsunil · ‎02-11-2013

May I know as why FastEthernet4/38 is listed above, when the configuration states, its trunk? Pasting the configurations below.

7606-001#show running-config interface FastEthernet4/38
Building configuration...

Current configuration : 163 bytes
!
interface FastEthernet4/38
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 699,712,751,787,987,3890
switchport mode trunk
end

Thanks

Sunil Kumar

Edison Ortiz · ‎02-11-2013

Is the port up/up?

If the port is not connected, the trunk port reverts back to Vlan 1.

msgforsunil · ‎02-11-2013

Yes, the port is no up.

7606-001#show interfaces FastEthernet4/38

FastEthernet4/38 is down, line protocol is down (notconnect)

Thanks you Edison for your quick responses.

Thanks

Sunil Kumar

msgforsunil · ‎02-11-2013

And again, when the port is up, will the port be be back in trunk mode and how about the vlans configured on it?

Thanks

Sunil Kumar

Edison Ortiz · ‎02-11-2013

For port 4/38, yes - it will be in trunk mode.

Vlans 699,712,751,787,987,3890 will be allowed on this trunk.

You can verify if they are forwarding, with the show int trunk command.

NSutfin · ‎05-15-2016

No one really answered why you would want this...

But a couples of reasons are that sometimes there are many services that converge over a singe port. In cellular you may have controller that connects to a switch and that controller may service circuit switched voice on a particular VLAN and LTE data on another VLAN but the baseband is controlled on a single unit, Before you aggregate and send back over a common backhaul it is simpler from a design perspective set all ports as acces ports. As an additional security protocol and as a statistical gathering feature , many carriers do not allow untagged traffic to traverse the network.

vipinsoni89 · ‎12-25-2017

I have two networks of those are using Private govt Network in Whole Campus by two separate Network providers.Both of us using Vlan1. Some of our users needs both connectivity type but we are like to merge both networks are we already connected over L3 connectivity. So We need this solution for a standby Network solution for some users. Permitting for new vlan creation is not possible to us. So please help.

Georg Pauwen · ‎12-25-2017

Hello,

what exactly are you looking for ? Restricting access to users in the same VLAN (1) ?

vipinsoni89 · ‎12-25-2017

As attached diagram Network A is responsible for IP Phone Communication and B is used as ILL purpose whenever a user need both facilities we need to provide two separate cables to him on seat from both Network Racks. We would like to make it working via single wire but we have problem that both VLANs are used as default.