Solved: Cannot create VLANs in CISCO 2900 series router

Vladimir Bednikov · ‎06-08-2016

Hi All,

I have set up a CISCO 3750 switch running IOS 12.2 with VLANs and VLAN trunking. I want to do the same to a CISCO 2951 router running IOS 15.4. However, it wont let me set up VLANs via switchport access. I get "Invalid input detected at '^' marker which points to the switchport command. Doing a show interface gi 0/1 switchport indicates it is not port switchable. The router also has 4 EHWIC modules and all four are also not port switchable. I then found a document that suggests using service-module after setting up the interface with an IP address:

service-module gigabitethernet0/1 session

however when I try to run the service-module command, it says "Invalid input detected at '^' marker pointing to the word gigabitethernet.

The document I am referring to is the following:

http://www.cisco.com/c/en/us/td/docs/routers/access/interfaces/software/feature/guide/eesm_sw.html#wp1942894

Prior to this, I have configured CISCO 2800 series routers simply as follows:

interface FastEthernet1/5
switchport access vlan 2

Interface vlan2

.........

without issues.

Note I also tried adding vlans using the vlan database command but I was warned not to do this as it has been deprecated.

Could someone point me to the correct way of setting up VLANs?

TIA,

Vlad

Mark Malone · ‎06-10-2016

That should work fine , the dot1q will tag the native vlan 1 thats the right command to use , you shouldn't need anything on the router side its pure L3,the switch will tag it router will remove it anyway as part of process but having set the command enable vlan 1 to be tagged

The routing will take place automatically as its a 2951 , no requirement to enable ip routing like L3 switch , you can test that by making sure you can ping between source sub-interfaces ---ping x.x.x.x source x.x.x.x or g0/0.10 as example

View solution in original post

Mark Malone · ‎06-09-2016

Hi whats ehwic the module you have installed in show inventory , are they layer 3 too out of the box , did you try no switchport first(turns off L3) then switch access vlan x

That doc is only for these mods just to make sure you have te right doc

This document describes the following Cisco enhanced EtherSwitch service modules only: SM-ES2-16-P, SM-ES3-16-P, SM-ES3G-16-P, SM-ES2-24, SM-ES2-24-P, SM-ES3-24-P, SM-ES3G-24-P, SM-D-ES2-48, SM-D-ES3-48-P, and SM-D-ES3G-48-P. For information about

Vladimir Bednikov · ‎06-09-2016

The modules are the following:

NAME: "Enhanced High Speed WAN Interface Card-1 Port Gigabit Ethernet SFP/Cu on Slot 0 SubSlot 3", DESCR: "Enhanced High Speed WAN Interface Card-1 Port Gigabit Ethernet SFP/Cu"
PID: EHWIC-1GE-SFP-CU , VID: V01, SN: FOC19316Z9L

I have found some documentation to set them up as sub-interfaces. That is, set up gi0/1 then set up gi0/1.30 for vlan 30 etc.

Question is, I want to do VLAN tagging and one of the VLANs is 1 which is native and not tagged by default. On the 3750 switch I ran vlan dot1q ta native to enable tagging of the native VLAN but again, this command is not recognised on the 2951 router.

As for have I tried "no switchport". It fails as it does not understand the switchport command.

Mark Malone · ‎06-09-2016

Hi

thats a layer 2/3 card you should be able to do both , did you try turn off layer 3 with no switchport ?

dot1 is now depreciated as its the only trunk protocol used so theres no need to specify the encapsulation anymore same on all the newer 4331 router modules as well when using sub-interfaces , but saying that your card supports full L2 so i would try no switchport first as when they can do both you usually have to turn off routing first per port wit that command

What your card supports

http://www.cisco.com/c/en/us/products/collateral/interfaces-modules/high-speed-wan-interface-cards/data_sheet_c78-660124.html

Cisco IOS^® Software provides enhanced capabilities such as hierarchical quality of service (HQoS), Multiprotocol Label Switching (MPLS), IP Security (IPsec), and Layer 3 VPNs. Since this is a true routed port card, the user can configure an IP address directly on the EHWIC-1GE-SFP-CU interface and does not have to configure the port for VLAN trunking as is done in switched virtual interface (SVI) configurations.

Vladimir Bednikov · ‎06-09-2016

Hi Mark, thanks for the additional info.

I have tried to run "no switchport" during configuration but it says invalid input detected at switchport.

The CLI does not recognise switchport as a command. Is "no switchport" run in config mode or outside of config mode?

Cheers,

Vlad

Mark Malone · ‎06-09-2016

sorry if its not taking switchport at all that wont work , its per interface command , you will have to set it as sub-interface if its not taking any switchport comamnds

here is an example off one of my routers thats the same 4331 the switchside is just set to trunk connecting to g0/0/0 , standard 2960 switch

interface GigabitEthernet0/0/0
description xxxxx Office Ethernet
ip address x.x.x.x 255.255.255.0
ip access-group x in
ip access-group x out
ip helper-address x.x.x.x
ip helper-address x.x.x.x
no ip redirects
ip accounting output-packets
ip flow ingress
duplex full
speed 1000
no snmp trap link-status
ids-service-module monitoring
standby 1 ip x.x.x.x
standby 1 priority 110
standby 1 preempt
standby 1 track 1 decrement 2
standby 1 track 2 decrement 2
standby 1 track 3 decrement 2
!
interface GigabitEthernet0/0/0.2
description xxxx WLAN Ethernet
encapsulation dot1Q 2
ip address x.x.x.x 255.255.255.0
ip access-group x in
ip access-group x out
ip accounting output-packets
ip flow ingress

!
interface GigabitEthernet0/0/0.3
description xxxx E-Lan Ethernet
encapsulation dot1Q 3
ip address x.x.x.x 255.255.255.248
ip accounting output-packets
ip flow ingress
!

Vladimir Bednikov · ‎06-09-2016

Hi Mark.

Thanks, that is what I ended up doing. However, out of my control, the native vlan 1 is being used and I want to have tagging. On the 3750 switch I enabled the native vlan to be tagged. The same command is not recognised on the 2951. Is tagging enabled on the native vlan of the router?

TIA,

Vlad

Mark Malone · ‎06-09-2016

Hi so the tagging is only relevant between the switch and router boundary ,if you tagged it on the switch side when it gets to router it becomes an ip packet anyway so it should be ok , there is a couple of ways to do this like use something like vlan dot1q tag native , what way have you set it to tag

Vladimir Bednikov · ‎06-09-2016

On the 3750 switch, I used vlan dot1q tag native to enable tagging of the native vlan 1. However, this command is not recognised on the 2951 router.

All I want is basically have the gigabitethernet 0/1 on one vlan, say 20, gigabitethernet0/3/0 trunked with vlans 1 and 30 with tagging of both as the one of the ports on the 3750 switch has been configured as trunked with vlans 1 and 30 with tagging. I also want routing between vlans 1 and 20 and 30 and 20.

Mark Malone · ‎06-10-2016

That should work fine , the dot1q will tag the native vlan 1 thats the right command to use , you shouldn't need anything on the router side its pure L3,the switch will tag it router will remove it anyway as part of process but having set the command enable vlan 1 to be tagged

The routing will take place automatically as its a 2951 , no requirement to enable ip routing like L3 switch , you can test that by making sure you can ping between source sub-interfaces ---ping x.x.x.x source x.x.x.x or g0/0.10 as example

Vladimir Bednikov · ‎06-10-2016

Yeah, eventually figured it out. I also found out that routing is not on by default. Why would a router not have routing on by default????

Cheers,

Vlad

Mark Malone · ‎06-10-2016

What , that's strange , I have 2951 as below on remote site had no requirement to configure it to route as its a router by default , out of interest what did you have to do maybe its IOS specific ?

RABC1#sh ver | i C2951 Software
Cisco IOS Software, C2951 Software (C2951-UNIVERSALK9-M), Version 15.1(4)M9, RELEASE SOFTWARE (fc3)
RABC1#sh ver | i routing
RABC1#

Vladimir Bednikov · ‎06-10-2016

Ours is 15.4 m3.