cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
955
Views
10
Helpful
7
Replies

Cannot get a Vlan to go into the Up/Up State?

Matthew Martin
Contributor
Contributor

Hello All,

I am configuring a new 2504 Wireless Controller and I am having some troubles getting one of the Vlans to go up/up on the connected Router. I am using a Windows laptop, an 1861 Router and a 2504 Wireless Controller, in order to create a small private network for configuring the WLC and APs.

C1861: IOS Version 15.1(4)M8
2504 WLC: Product Version 8.1.102.0

So I have created 5 new Vlans on the 1861. Each one of these Vlans corresponds to a virtual interface created on the WLC. All of them seem to be working just fine, except for one that I created today, called Vlan8. The 1861 currently shows the Vlan8 interface as "Vlan8 is up, line protocol is down". From what I read line protocol should be considered as "down" until a client tries to connect to that Vlan, so if a device were to connect and try to get an IP Address in that Vlan, then it would/should go "up/up". And since one of the WLC interfaces has a static ip address set within that Vlan, I'm not sure why it isn't registering... I've tried rebooting both the router and the WLC but that didn't help.

The 1861 Router, where Vlan8 is configured has the following configuration pieces below. You'll see the DHCP-Pool, the Vlan interface and the FastEthernet Port the WLC is connected to for Vlan8:

1861 Router:
!
:....
ip dhcp excluded-address 10.30.8.1 10.30.8.10
:....
:...
ip dhcp pool VlanEight
network 10.30.8.0 255.255.255.0
default-router 10.30.8.1
dns-server 192.168.5.35 10.30.1.3
:....
!
:....
interface FastEthernet0/1/7
description to JWP-2504WLC-ATL
switchport mode trunk
no ip address
!.....
!....
interface Vlan8
description Hand Scanners
ip address 10.30.8.1 255.255.255.0
!


Here is the Interface configuration details for the WLC's interface which is in Vlan8.

2504 WLC:
Interface Name................................... intEight
MAC Address...................................... xx:xx:xx:xx:15:a4
IP Address....................................... 10.30.8.254
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 10.30.8.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 8
Quarantine-vlan.................................. 0
NAS-Identifier................................... 2504WLC
Active Physical Port............................. 1
Primary Physical Port............................ 1
Backup Physical Port............................. Unconfigured
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. 10.30.8.1
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
DHCP Option 82 bridge mode insertion............. Disabled
IPv4 ACL......................................... Unconfigured
mDNS Profile Name................................ Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
3G VLAN.......................................... Disabled
L2 Multicast..................................... Enabled


So that is the configuration of the interface for Vlan 8 on the Wireless Controller. From the 1861 I cannot ping 10.30.8.254, nor can I ping the gateway on the 1861 by pinging 10.30.8.1... These pings work for every other interface on the WLC and every other default-gateway addressfor those Vlans on the 1861... Also tried doing a shut/no shut on the FastEthernet port going to the WLC, but that didn't help either.

Any ideas for what I might need to do to get this working..?

Any thoughts or suggestions would be greatly appreciated!

Thanks in Advance,
Matt

1 Accepted Solution

Accepted Solutions

Should be -

router(config)# vlan <vlan ID>

then run "sh vlan-switch" again.

If you see it then check status of SVI.

Jon

View solution in original post

7 Replies 7

Jon Marshall
VIP Community Legend VIP Community Legend
VIP Community Legend

Matt

Not used any of the equipment you are using but if you have a trunk between the router and the WLC that should be enough to bring the SVI up.

Did you add that vlan to the vlan database on the router ie. do you see it listed when you run this command on the router -

"sh vlan-switch"

Jon

Hey Jon, thanks for the reply!

Negative... I do not see that Vlan listed in the "show vlan-switch" output.

How can I add the Vlan to the DB?

Thanks Again,
Matt

Should be -

router(config)# vlan <vlan ID>

then run "sh vlan-switch" again.

If you see it then check status of SVI.

Jon

Hey Jon, thanks again for the quick reply, much appreciated!

Yes sir, that did it..!

Quick question... How come that brought that Vlan "up", I would guess because it added it to the Vlan DB, is that right? I'm just curious why I didn't have to do that for the other few Vlans that I created for this, and is that something that usually needs to be done after creating a Vlan?

Thanks again for your reply, very much appreciated!


Thanks,
Matt

Matt

Are you saying the other vlans were not shown when you ran the command ?

The vlan database shows the L2 vlans that exist on the router.

You need the vlan in the database for the L3 vlan interface to be up/up.

Not sure why you didn't need to do it for the others but be aware that if you configure a interface to be in a certain vlan using the "switchport access vlan <vlan ID>" command then that usually creates the vlan automatically in the database for you.

Configuring a trunk link doesn't though because the device has no way of knowing which vlans you want in the database.

Jon

Hey Jon, thanks again for the reply!

Ok, that make a lot of sense.

Those other Vlans were in the output of that "show vlan-switch" command, which is why I was confused... But now that you say adding that other command to any of the interfaces, like:

switchport access vlan ...

and the other switchport command where you can add Vlan ranges, I know I definitely attempted at one point trying to get certain Vlan access to the laptop I was using... So that makes perfect sense as to why those Vlans were working and this one wasn't, since I never attempted to add a switchport access command for Vlan8.

Awesome, thanks again Jon!

Thanks,
Matt

Matt

No problem and yes I think that probably explains the behaviour you were seeing.

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers