Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2300
Views
20
Helpful
9
Replies

Adding Vlan in a network

Go to solution
Talha
Level 1
Level 1

‎10-03-2020 07:34 AM

Hi 

we have network with no vlan setup. I have attached a simple pic. Every thing is running on default vlan. Now we have a requirement for vlan to separate a network.  I will have to create sub interfaces on lan port of router. My Question is:

Can i add a default vlan 1 on a subinterface and additional vlan 2 on another subinterface so that i dont disturb anything else? I believe i only have to create subinterfaces on lan port of router (like copy main config of Gi 0/1 to Gi 0/1.1 and vlan 2 on Gi 0/1.2 ) and trunk port on switch uplink. And then finally vlan port assignment for vlan 2 to seperate the ports from default vlan. Is it right or I have to do much more?

 

thanks

Labels:
Preview file
12 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Talha

‎10-10-2020 10:15 AM

If you want the existing ports assignments in the default vlan to continue you need only to 

- on the switch

* create vlan 50

* configure the connection from the switch to the router to be a trunk. You can let it default and carry every vlan or you can specify that it carry vlan 1 and 50.

* assign switch ports to vlan 50

- on the router

* configure a subinterface for vlan 50 which needs to specify dot1q encapsulation, that it will carry vlan 50, and assign the IP address and mask. 

* you might want to also configure things like access-group and ip nat inside but these are optional and not required.

 

Note that the default vlan on the switch is vlan 1 so the existing switch ports are already in vlan 1. Also note that the existing configuration on the router physical interface could remain in the router config and would process the untagged frames for vlan 1 - or you could configure a subinterface and move the vlan 1 parameters from the physical interface to the subinterface. 

HTH

Rick

View solution in original post

9 Replies 9

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎10-03-2020 07:39 AM

You need to make switch side Trunk port - by default all VLAN allowed ( if you like allow the only VLAN required as good practice)

on the Router side you can do Gi01 with no config, gi0/1.1 VLAN 1 Gi0/1.2 VLAN 2 so on

 

here is an example guide to configuring.

 

https://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/14976-50.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Talha
Level 1
Level 1
In response to balaji.bandi

‎10-06-2020 07:32 PM

HI, 

Can I do something like this on router lan port like keeping current config main interface and create a new subinterface.

interface GigabitEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip access-group 2 in
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto

interface GigabitEthernet0/1.1
encapsulation dot1q 50
ip address 192.168.50.1 255.255.255.0

And the on switch, I can make it a trunk port.

Regards,

0 Helpful

Go to solution
pmckenzie
Level 3
Level 3
In response to Talha

‎10-06-2020 07:55 PM

Hi Talha

             the above configuration will not work because you only have one cable on your Gi0/1 interface.

Your original idea is the one to go with

have two virtual interfaces 

interface GigabitEthernet0/1.2

encapsulation dot1q 1 native   // 1 is default vlan

ip address 192.168.1.1 255.255.255.0
ip access-group 2 in
ip nat inside
ip virtual-reassembly in

 

and
interface GigabitEthernet0/1.1
encapsulation dot1q 50
ip address 192.168.50.1 255.255.255.0

 

    

There are worlds out there where the sky is burning, where the sea's asleep and the rivers dream, people made of smoke and cities made of song. Somewhere there's danger, somewhere there's injustice and somewhere else the tea is getting cold" Dr Who

Go to solution
Talha
Level 1
Level 1
In response to pmckenzie

‎10-07-2020 08:14 AM

I see, In that case I know I have to assign switch ports to vlan 50  but do I have to assign ports to vlan 1 as well on switch or they will work as they are working now as default vlan ports?

 

Thanks

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to Talha

‎10-07-2020 10:51 AM

Hi,

If the goal is to get away from using the default vlan (vlan1) than you should not use it at all.

So, you can change vlan 1 to say 10 and if you need more VLAN just add as you go, 20, 30, 50, etc..

If you only have one connection from the switch to the router (a trunk port) you need to create a sub-interface for each one of these vlans/subnet on the router. For ease of management, try to match the sub-interface number with vlan id and the subnet where possible.

 

example:

interface GigabitEthernet0/1.50
encapsulation dot1q 50
ip address 192.168.50.1 255.255.255.0

 

interface GigabitEthernet0/1.10
encapsulation dot1q 50
ip address 192.168.10.1 255.255.255.0

 

interface GigabitEthernet0/1.20
encapsulation dot1q 50
ip address 192.168.20.1 255.255.255.0

HTH

Go to solution
pmckenzie
Level 3
Level 3
In response to Reza Sharifi

‎10-07-2020 05:40 PM

May I add just a slight correction to above

the encapuslation dot1q statement indicates to the router which vlan is active

so

should look like this

interface GigabitEthernet0/1.10
encapsulation dot1q 10
ip address 192.168.10.1 255.255.255.0

 

nterface GigabitEthernet0/1.20
encapsulation dot1q 20
ip address 192.168.20.1 255.255.255.0

 

There are worlds out there where the sky is burning, where the sea's asleep and the rivers dream, people made of smoke and cities made of song. Somewhere there's danger, somewhere there's injustice and somewhere else the tea is getting cold" Dr Who

Go to solution
Talha
Level 1
Level 1
In response to Reza Sharifi

‎10-07-2020 09:59 PM

HI Reza,

The goal is to use the vlan 1 on subinterface so I don't have to change port settings (if it works) for current working environment and adding additional vlan in the network. I am trying to minimize the work on network while adding a vlan. right now there is no vlan setup and everything is working on vlan 1.

So If I add vlan 1 on a subinterface and let say new vlan 50 on another subinterface then on switch side, do I still need to assign port for vlan 1 or will they be working as it is, as vlan 1 is native. 

If above assumptions is correct then all I need to do on switch side is to assign ports for new vlan 50 only. Is that correct?

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Talha

‎10-10-2020 10:15 AM

If you want the existing ports assignments in the default vlan to continue you need only to 

- on the switch

* create vlan 50

* configure the connection from the switch to the router to be a trunk. You can let it default and carry every vlan or you can specify that it carry vlan 1 and 50.

* assign switch ports to vlan 50

- on the router

* configure a subinterface for vlan 50 which needs to specify dot1q encapsulation, that it will carry vlan 50, and assign the IP address and mask. 

* you might want to also configure things like access-group and ip nat inside but these are optional and not required.

 

Note that the default vlan on the switch is vlan 1 so the existing switch ports are already in vlan 1. Also note that the existing configuration on the router physical interface could remain in the router config and would process the untagged frames for vlan 1 - or you could configure a subinterface and move the vlan 1 parameters from the physical interface to the subinterface. 

HTH

Rick

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Richard Burts

‎10-15-2020 05:44 PM

I am glad that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card