Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1439
Views
25
Helpful
4
Replies

allow vlans in trunk port is not working

Go to solution
Mordecalex
Level 1
Level 1

‎01-01-2023 11:56 AM

Hi, i would like my web server just accept traffic from vlan 20 (i got 3 multilayer switches with vlan 20) but when i use my central switch and enter the following commands:

enable

config term

int g0/1

switchport trunk allow vlan 20

my server stop receiving traffic from every vlan, why is that? am i missing some step?

 

here is the file from packet tracer

Labels:
exercise SRWE (1).zip
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to MHM Cisco World

‎01-01-2023 02:29 PM

When you configure g0/1 as a trunk the result is that all vlans are allowed on the trunk. When you add the command 

switchport trunk allow vlan 20

the result is that only vlan 20 is allowed on the trunk. All other vlans are not allowed on that trunk.

We do not know much about your environment and what you are attempting to achieve. But if you have a server and you want only vlan 20 to be able to access the server then I would suggest that a good solution would be to use an access list to restrict access.

HTH

Rick

View solution in original post

4 Replies 4

Go to solution
MHM Cisco World
VIP
VIP

‎01-01-2023 12:07 PM

allow vlan 20 ?? I think you need to allow vlan1 also. 

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to MHM Cisco World

‎01-01-2023 02:29 PM

When you configure g0/1 as a trunk the result is that all vlans are allowed on the trunk. When you add the command 

switchport trunk allow vlan 20

the result is that only vlan 20 is allowed on the trunk. All other vlans are not allowed on that trunk.

We do not know much about your environment and what you are attempting to achieve. But if you have a server and you want only vlan 20 to be able to access the server then I would suggest that a good solution would be to use an access list to restrict access.

HTH

Rick

Go to solution
Elliot Dierksen
VIP
VIP

‎01-02-2023 01:39 PM

An addition to the excellent point that @Richard Burts made is that the default on a trunk is to allow all known VLAN's. If you are trying to pass a VLAN through a switch and it doesn't know about it, that traffic will get dropped. VTP transparent will (I think) let unknown VLAN's pass, but any other VTP mode will definitely not pass unknown VLAN's.

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Elliot Dierksen

‎01-05-2023 11:55 AM

I am glad that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card