10-03-2020 07:34 AM
Hi
we have network with no vlan setup. I have attached a simple pic. Every thing is running on default vlan. Now we have a requirement for vlan to separate a network. I will have to create sub interfaces on lan port of router. My Question is:
Can i add a default vlan 1 on a subinterface and additional vlan 2 on another subinterface so that i dont disturb anything else? I believe i only have to create subinterfaces on lan port of router (like copy main config of Gi 0/1 to Gi 0/1.1 and vlan 2 on Gi 0/1.2 ) and trunk port on switch uplink. And then finally vlan port assignment for vlan 2 to seperate the ports from default vlan. Is it right or I have to do much more?
thanks
Solved! Go to Solution.
10-10-2020 10:15 AM
If you want the existing ports assignments in the default vlan to continue you need only to
- on the switch
* create vlan 50
* configure the connection from the switch to the router to be a trunk. You can let it default and carry every vlan or you can specify that it carry vlan 1 and 50.
* assign switch ports to vlan 50
- on the router
* configure a subinterface for vlan 50 which needs to specify dot1q encapsulation, that it will carry vlan 50, and assign the IP address and mask.
* you might want to also configure things like access-group and ip nat inside but these are optional and not required.
Note that the default vlan on the switch is vlan 1 so the existing switch ports are already in vlan 1. Also note that the existing configuration on the router physical interface could remain in the router config and would process the untagged frames for vlan 1 - or you could configure a subinterface and move the vlan 1 parameters from the physical interface to the subinterface.
10-03-2020 07:39 AM
You need to make switch side Trunk port - by default all VLAN allowed ( if you like allow the only VLAN required as good practice)
on the Router side you can do Gi01 with no config, gi0/1.1 VLAN 1 Gi0/1.2 VLAN 2 so on
here is an example guide to configuring.
https://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/14976-50.html
10-06-2020 07:32 PM
HI,
Can I do something like this on router lan port like keeping current config main interface and create a new subinterface.
interface GigabitEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip access-group 2 in
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1.1
encapsulation dot1q 50
ip address 192.168.50.1 255.255.255.0
And the on switch, I can make it a trunk port.
Regards,
10-06-2020 07:55 PM
Hi Talha
the above configuration will not work because you only have one cable on your Gi0/1 interface.
Your original idea is the one to go with
have two virtual interfaces
interface GigabitEthernet0/1.2
encapsulation dot1q 1 native // 1 is default vlan
ip address 192.168.1.1 255.255.255.0
ip access-group 2 in
ip nat inside
ip virtual-reassembly in
and
interface GigabitEthernet0/1.1
encapsulation dot1q 50
ip address 192.168.50.1 255.255.255.0
10-07-2020 08:14 AM
I see, In that case I know I have to assign switch ports to vlan 50 but do I have to assign ports to vlan 1 as well on switch or they will work as they are working now as default vlan ports?
Thanks
10-07-2020 10:51 AM
Hi,
If the goal is to get away from using the default vlan (vlan1) than you should not use it at all.
So, you can change vlan 1 to say 10 and if you need more VLAN just add as you go, 20, 30, 50, etc..
If you only have one connection from the switch to the router (a trunk port) you need to create a sub-interface for each one of these vlans/subnet on the router. For ease of management, try to match the sub-interface number with vlan id and the subnet where possible.
example:
interface GigabitEthernet0/1.50
encapsulation dot1q 50
ip address 192.168.50.1 255.255.255.0
interface GigabitEthernet0/1.10
encapsulation dot1q 50
ip address 192.168.10.1 255.255.255.0
interface GigabitEthernet0/1.20
encapsulation dot1q 50
ip address 192.168.20.1 255.255.255.0
HTH
10-07-2020 05:40 PM
May I add just a slight correction to above
the encapuslation dot1q statement indicates to the router which vlan is active
so
should look like this
interface GigabitEthernet0/1.10
encapsulation dot1q 10
ip address 192.168.10.1 255.255.255.0
nterface GigabitEthernet0/1.20
encapsulation dot1q 20
ip address 192.168.20.1 255.255.255.0
10-07-2020 09:59 PM
HI Reza,
The goal is to use the vlan 1 on subinterface so I don't have to change port settings (if it works) for current working environment and adding additional vlan in the network. I am trying to minimize the work on network while adding a vlan. right now there is no vlan setup and everything is working on vlan 1.
So If I add vlan 1 on a subinterface and let say new vlan 50 on another subinterface then on switch side, do I still need to assign port for vlan 1 or will they be working as it is, as vlan 1 is native.
If above assumptions is correct then all I need to do on switch side is to assign ports for new vlan 50 only. Is that correct?
10-10-2020 10:15 AM
If you want the existing ports assignments in the default vlan to continue you need only to
- on the switch
* create vlan 50
* configure the connection from the switch to the router to be a trunk. You can let it default and carry every vlan or you can specify that it carry vlan 1 and 50.
* assign switch ports to vlan 50
- on the router
* configure a subinterface for vlan 50 which needs to specify dot1q encapsulation, that it will carry vlan 50, and assign the IP address and mask.
* you might want to also configure things like access-group and ip nat inside but these are optional and not required.
Note that the default vlan on the switch is vlan 1 so the existing switch ports are already in vlan 1. Also note that the existing configuration on the router physical interface could remain in the router config and would process the untagged frames for vlan 1 - or you could configure a subinterface and move the vlan 1 parameters from the physical interface to the subinterface.
10-15-2020 05:44 PM
I am glad that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide