cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
403694
Views
36
Helpful
31
Replies

Can we assign multiple Vlans to same physical switch port-Access Port

ravi281278
Level 1
Level 1

Hi,

We are having L2 Vlans on our switch and there is a requirement of assigning multiple VLANs to same physical switch port-Access port. We will be terminating server over this port having multiple applications.

Thanks

31 Replies 31

It is not clear what you are saying about the Sophos. Is its port an access port assigned to vlan 200? Or is it a trunk port with both vlan 1 and 200? Or is this a subinterface, which would indicate that it is a trunk port?

 

If the Sophos is an access port then you just configure your 3560 with access ports. As long as the 3560 ports are all in the same vlan they should work (and it does not really mater whether the 3560 uses vlan 200 or some other vlan - because with access ports they are just sending normal (untagged) Ethernet frames and there is no requirement that vlan ID must match the peer device)

HTH

Rick

Hi Richard,

Thanks for your reply , Port 1 (172.16.16.254) on Sophos is a physical port
, not sure if its access or trunk. Created VLAN on this port which gave me
Port1.200 and the ip range assigned to it via Sophos is 10.10.200.50 - 150

Port 1 is connected to Cisco 3560 on fa0/1 , also i have made this port as
trunk with 802.1q encapsulation

VLAN 1 is created with 172.16.16.17

When a laptop is connected to fa0/2 or any other port on the switch , they
get ip from sophos in the range of 172.16.16.0/ 24

Im trying to assign fa0/3 to fa0/15 with VLAN 200 so that devices connected
to these ports get ip in the range 10.10.200.50 to 150

Also from the switch (using telnet on laptop) im able to ping both Port 1
address and Por1.200 address

Hope im making sense and appreciate your assistance

Have a good day

Cheers
Raj

Hi Richard,

Thanks for your reply , Port 1 (172.16.16.254) on Sophos is a physical port
, not sure if its access or trunk. Created VLAN on this port which gave me
Port1.200 and the ip range assigned to it via Sophos XG DHCP  is 10.10.200.50 to  .150

Port 1 is connected to Cisco 3560 on fa0/1 , also i have made this port as
trunk with 802.1q encapsulation

VLAN 1 is created with 172.16.16.17

When a laptop is connected to fa0/2 or any other port on the switch , they
get ip from sophos in the range of 172.16.16.0/ 24

Im trying to assign fa0/3 to fa0/15 with VLAN 200 so that devices connected
to these ports get ip in the range 10.10.200.50 to 150

Also from the switch (using telnet on laptop) im able to ping both Port 1
address and Por1.200 ip address

Hope im making sense and appreciate your assistance

Have a good day

Cheers
Raj

Hi Richard,

Thanks for your reply , Port 1 (172.16.16.254) on Sophos is a physical port
, not sure if its access or trunk. Created VLAN on this port which gave me
Port1.200 and the ip range assigned to it via Sophos is 10.10.200.50 - 150

Port 1 is connected to Cisco 3560 on fa0/1 , also i have made this port as
trunk with 802.1q encapsulation

VLAN 1 is created with 172.16.16.17

When a laptop is connected to fa0/2 or any other port on the switch , they
get ip from sophos in the range of 172.16.16.0/ 24

Im trying to assign fa0/3 to fa0/15 with VLAN 200 so that devices connected
to these ports get ip in the range 10.10.200.50 to 150

Also from the switch (using telnet on laptop) im able to ping both Port 1
address and Por1.200 address

Hope im making sense and appreciate your assistance

Have a good day

Cheers
Raj

Raj

 

Thank you for the additional information. What you have told us does seem to indicate that the Sophos interface is a trunk which carries both vlan 1 and vlan 200. You have told us that devices in vlan 1 are working and that they do get IP addresses assigned using DHCP from Sophos. And you have told us that from the switch you are able to ping both vlan addresses on Sophos. All of this is good and seems that it should work. Are you saying that it is not working? If so would you post the output of these commands on your switch:

show vlan

show interface trunk

HTH

Rick

Hi Ric,

 

Thanks for  your message , please find attached requested outputs

Appreciate your help

Have a good day

 

Raj

 

Thank you for the outputs. They do confirm that FA0/1 is configured as a trunk and carries both vlan 1 and vlan 200. They seem to indicate that FA0/3 is configured as a trunk and carries only vlan 200. Is that correct? This could get data from vlan 200 on FA0/3 to FA0/1 and on to Sophos. But it wold work only if the device connected to FA0/3 is a device that understands and supports dot1Q trunking and its Ethernet interface is sending tagged frames for vlan 200.

 

What kind of device is connected to FA0/3? I am guessing that it is sending untagged frames. So the switch is treating those frames as belonging to vlan 1. What I would expect (and what could make your switch work as expected) is to configure FA0/3 as an access port assigned to vlan 200.

 

The suggestion to use voice vlan is one way to have 2 vlans assigned to the same access port. But I do not believe that it will accomplish what you are attempting to do.

HTH

Rick

 

Hallelujah, Thanks Rick , that worked, changing the interface from trunk mode to access helped

Appreciate your help mate , this was haunting me for few days

Once again appreciate your time and efforts

Have a good day ahead

Cheers

Raj

Raj

 

Thanks for the update. Glad to know that you got it working and that my suggestion pointed you toward the solution.

HTH

Rick

Tagir Temirgaliyev
Spotlight
Spotlight

you can assign 1 vlan to 1 access port but you can assign secondary ip address to vlan interface

so you will get 2 networks

please guide me.. in my organisation there is approx 350 users and 15 catlyst switch 3760 series. .but only vlan 1 is create on root switch. and connet to other switch..some issue is frequenty facing in network. . i want to implement atleat two  vlan and stp .but issue is that i dont want to do changes on users desktop as their is no dhcp in our organistain. all have assign static ip address.4 network ip are user in our organisation network. but all are interconnete and able to ping each other. may be configured on fireware. there is large number of live user.. is there any possible way . to overcome form this issue. need your guide..

Hi.

Are you sure about Cisco Catalist 3760 series number ? wuold not be Cisco Catalist 3750 or 3560 ?

Please reply.

Regards

Hi Mukesh

to help you, I need to know a few things:


all models of switches used in the network;

how they are interconnected;

classes used for IP addressing

who is the DHCP server, Linux or Windows server or router or switch;

maybe this video help you:  http://www.youtube.com/watch?v=cnpzulyys2s

Regards

Alexandre

Hello

This isnt a very good network design having all those switches in one large flat broadcast domain. As you are using staitc addressing which apart from being very administrative it also prone duplication and with this flat network you could easily incurr broadcast/unicast floods etc.

 

As you dont want to split the users into a additional vlan/subnet then creating another L2 vlan will be of no use, you need to start thinking about dyanmic addressing(dhcp), Segregating your network with additional vlans and L3 subnets.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

svender01
Level 1
Level 1

You can only assign 1 vlan per ACCESS port, if more are needed it needs to be a trunk port

interface fastethernet0/1
switchport mode trunk
switchport trunk allowed vlan 1,10,20
interface fastethernet0/18
switchport mode access
switchport access vlan 20