Just tried and it didn't work. 

Can you share the .pkt file so we try to help?  I know you already share the config , but, if possible, let me take a look on the file.

You need to zip it first.

Sure thing, I'll upload it to this reply. 

Passwords are in the pkt file itself as a comment to right. 

sticky macs should be showing up in the running config

I had no problem configuring vlan ont that trunk.  Did you get somewhere?

---

@David Ruess wrote:

Hello,

 

Is there a reason you blocked those 3 vlans from being allowed to the router?

 

On SD-F1 switch to router:

 

interface GigabitEthernet0/2

switchport trunk allowed vlan 1-49,51-59,61-74,76-1005 (you haven't allowed the 3 VLANs you created)

switchport mode trunk

switchport port-security mac-address sticky <- remove this

 

---

I have no idea why I did that. I took off the address sticky and I just went back and did switchport trunk allowed vlan add x for 50, 60, and 70 but now I get this. 

LAF1switchDB#show int trunk

Port Mode Encapsulation Status Native vlan

Gig0/2 on 802.1q trunking 1




Port Vlans allowed on trunk

Gig0/2 1-1005




Port Vlans allowed and active in management domain

Gig0/2 1,50,60,75




Port Vlans in spanning tree forwarding state and not pruned

Gig0/2 1,50,60,75

Is this supposed to be right?  

You might also have to make the native vlan 1 on the trunk of the Switch since on the router you have it for the dot1q encapsulation.

 

Secondly. The interface you configured for Router on a Stick is not the same interface in the diagram. You configured g0/1.50, etc but the interface is  g0/0 so it should be the g0/0.50 interface that gets the IP and configuration.

---

Would it be better to eliminate the native vlan 1 encaps then?

It's double wired out of the router to the switch with the normal IPv4 and 6 routing going through gi0/0 to the switch's gi0/1. Am I able to use just one wire from the router to the switch? 

Yes you can use the same link for IPv4 and IPv4 networks.

I believe you have to have the dot1 encapsulation type so the VLAN coming from teh switch is translated out of the correct sub interface on the router.

The trunk link is normal. The only reason you have those vlans on the port in forwarding state means those are the only ones active on the switch. 1 is the default and 50, 60, 75 are the only ones with ports assigned. 

-David

Yes, that's the interface. I unblocked the appropriate vlans but I'm getting this for my int trunk on the switch

LAF1switchDB#show int trunk

Port Mode Encapsulation Status Native vlan

Gig0/2 on 802.1q trunking 1




Port Vlans allowed on trunk

Gig0/2 1-1005




Port Vlans allowed and active in management domain

Gig0/2 1,50,60,75




Port Vlans in spanning tree forwarding state and not pruned

Gig0/2 1,50,60,75

So I'm not sure if it's even allowing any of the VLANs through other than 1-1005?

I do not understand this statement "So I'm not sure if it's even allowing any of the VLANs through other than 1-1005?" It is not allowing 1 through 1005. It is allowing 1, 50, 60, and 75. Those are the vlans that you tell us you want to work. It looks to me like they should work now.

Sorry, I see where I got confused.

I tried to redo it and I'm still not getting any successful pings between end devices and the router or anywhere else on the network. I've tried everyone's advice above. 

San Diego Main show run:

version 15.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname SDmainDB

!

!

!

enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1

enable password cisco

!

!

!

!

!

!

no ip cef

ipv6 unicast-routing

!

no ipv6 cef

!

!

!

!

license udi pid CISCO2911/K9 sn FTX1524RA0P-

!

!

!

!

!

!

!

!

!

!

!

spanning-tree mode pvst

!

!

!

!

!

!

interface GigabitEthernet0/0

description Cnx to F1 only

ip address 193.169.30.126 255.255.255.128

duplex auto

speed auto

ipv6 address FE80::2 link-local

ipv6 address 2001:DB8:A:3A::1/64

ipv6 ospf 10 area 0

!

interface GigabitEthernet0/0.50

encapsulation dot1Q 50

ip address 193.169.50.254 255.255.255.0

!

interface GigabitEthernet0/0.60

encapsulation dot1Q 60

ip address 193.169.60.254 255.255.255.0

!

interface GigabitEthernet0/0.75

encapsulation dot1Q 75

ip address 193.169.75.254 255.255.255.0

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

interface GigabitEthernet0/2

no ip address

duplex auto

speed auto

shutdown

!

interface GigabitEthernet0/2/0

description Cnx to R2R SD Aux only

ip address 193.169.30.210 255.255.255.252

ipv6 address 2001:DB8:A:3D::2/64

ipv6 ospf 10 area 0

!

interface Serial0/3/0

description Cnx to New York

ip address 173.18.0.214 255.255.255.252

ipv6 address 2001:DB8:A:4B::2/64

ipv6 ospf 10 area 0

clock rate 2000000

!

interface Serial0/3/1

description Cnx to Chicago

ip address 193.169.30.213 255.255.255.252

ipv6 address 2001:DB8:A:4C::1/64

ipv6 ospf 10 area 0

!

interface Vlan1

no ip address

shutdown

!

router ospf 10

router-id 2.2.2.2

log-adjacency-changes

auto-cost reference-bandwidth 1000

network 193.169.30.212 0.0.0.3 area 0

network 173.18.0.212 0.0.0.3 area 0

network 193.169.30.0 0.0.0.127 area 0

network 193.169.30.208 0.0.0.3 area 0

!

ipv6 router ospf 10

router-id 2.2.2.2

log-adjacency-changes

!

ip classless

!

ip flow-export version 9

!

!

!

banner motd ^CNetwork Maintenance Fri-Sun^C

!

!

!

!

!

line con 0

exec-timeout 0 0

password enter

logging synchronous

login

!

line aux 0

!

line vty 0 4

password telnet

login

!

!

!

end

SD-F1 Switch show run

version 15.0

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname LAF1switchDB

!

enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1

enable password cisco

!

!

!

no ip domain-lookup

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface FastEthernet0/1

switchport access vlan 50

switchport mode access

!

interface FastEthernet0/2

switchport access vlan 50

switchport mode access

!

interface FastEthernet0/3

switchport access vlan 50

switchport mode access

!

interface FastEthernet0/4

switchport access vlan 50

switchport mode access

!

interface FastEthernet0/5

switchport access vlan 50

switchport mode access

!

interface FastEthernet0/6

switchport access vlan 50

switchport mode access

!

interface FastEthernet0/7

switchport access vlan 50

switchport mode access

!

interface FastEthernet0/8

switchport access vlan 60

switchport mode access

!

interface FastEthernet0/9

switchport access vlan 60

switchport mode access

!

interface FastEthernet0/10

switchport access vlan 60

switchport mode access

!

interface FastEthernet0/11

switchport access vlan 60

switchport mode access

!

interface FastEthernet0/12

switchport access vlan 60

switchport mode access

!

interface FastEthernet0/13

switchport access vlan 60

switchport mode access

!

interface FastEthernet0/14

switchport access vlan 60

switchport mode access

!

interface FastEthernet0/15

switchport access vlan 60

switchport mode access

!

interface FastEthernet0/16

switchport access vlan 75

switchport mode access

!

interface FastEthernet0/17

switchport access vlan 75

switchport mode access

!

interface FastEthernet0/18

switchport access vlan 75

switchport mode access

!

interface FastEthernet0/19

switchport access vlan 75

switchport mode access

!

interface FastEthernet0/20

switchport access vlan 75

switchport mode access

!

interface FastEthernet0/21

switchport access vlan 75

switchport mode access

!

interface FastEthernet0/22

switchport access vlan 75

switchport mode access

!

interface FastEthernet0/23

switchport access vlan 75

switchport mode access

!

interface FastEthernet0/24

switchport access vlan 75

switchport mode access

!

interface GigabitEthernet0/1

switchport mode trunk

!

interface GigabitEthernet0/2

!

interface Vlan1

no ip address

shutdown

!

banner motd ^CNetwork maintenance Fri-Sun^C

!

!

!

line con 0

password enter

logging synchronous

login

exec-timeout 0 0

!

line vty 0 4

password telnet

login

line vty 5 15

login

!

!

!

!

end

So on the Router you have the G0/0 interface configured with an IP and then you have sub interfaces configured with an IP. You need to remove the interface configuration and apply things you need to the sub interfaces. You also aren't advertising the sub interface IPs into OSPF so other devices that learn OSPF dont know where they are. You can do that 1 of 2 ways since you have everything in OSPF area 0 anyway.

router ospf 1

network 0.0.0.0 0.0.0.0 area 0

or

router ospf 1

network 193.169.50.0 0.0.0.255 area 0

network 193.169.60.0 0.0.0.255 area 0

network 193.169.75.0 0.0.0.255 area 0

Dont forget if you need IPv6 on the sub interfaces you will need to configure that as well separately. Keeping the G0/0 interface blank

-David