Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
571
Views
5
Helpful
1
Replies

Cisco SG 350x changed his Vlans and native vlan configuration in some interfaces after reload

Go to solution
slimahmeding
Level 1
Level 1

‎04-07-2020 03:55 AM

Hi,

the Switch SG350x changed his Vlans and native vlan configuration in some interfaces after restarting the switch.
note that the configuration is saved before restarting.

exemple of interface conf :

 

Before restarting the switch :

 

interface GigabitEthernet1/0/1
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree disable
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport access vlan 31
switchport general pvid 31
switchport trunk native vlan 31
switchport trunk allowed vlan remove 1-30,32-39,41-4094
macro description "no_ip_phone_desktop | ip_phone_desktop"
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop

 

After restarting the switch:

 

interface GigabitEthernet1/0/3
storm-control broadcast level 10
storm-control multicast level 10
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree disable
spanning-tree portfast
spanning-tree bpduguard enable
switchport mode trunk
switchport access vlan 31
switchport general pvid 31
switchport trunk allowed vlan remove 2-39,41-4094
macro description ip_phone_desktop
!next command is internal.
macro auto smartport dynamic_type ip_phone_desktop
!

 

Please find attached the two configuration files:
Conf 1.txt -> Before restarting the switch
Conf 2.txt -> After restarting the switch

 

Please explain why the configuration of the VLANs has changed.

 

 
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
pieterh
VIP
VIP

‎04-08-2020 03:41 AM

1) you make some design error here

  • switchport access vlan 31

    is intended for when a port is mode access,  when the port is in trunk mode this command will be ignored

  • switchport trunk native vlan 31

    is intended for a trunk port,  when the port is in access mode this command will be ignored

2) with the auto smartport command activated:

  • macro auto smartport dynamic_type ip_phone_desktop

The switch tries to determine what device is connected (based on dhcp request and other profile information)

and if it detects a destop it wil apply the desktop template wich will change the port to mode access and deactivate the "switchport trunk..." commands (which obviously are for a trunk port)

NB! there are situation where this automatic detection does not work as desired. resulting in an unexpected configuration.


NB! a port for an ip-phone is an ACCESS port with two vlan's allowed (not a trunk)
I guess you configured vlan 40 as the voice vlan ?
this could explain why result is that vlan 1 and 40 are allowed and all other vlan's removed
vlan-1 for the desktop, vlan-40 for the phone/voice vlan

 

 

 

View solution in original post

1 Reply 1

Go to solution
pieterh
VIP
VIP

‎04-08-2020 03:41 AM

1) you make some design error here

  • switchport access vlan 31

    is intended for when a port is mode access,  when the port is in trunk mode this command will be ignored

  • switchport trunk native vlan 31

    is intended for a trunk port,  when the port is in access mode this command will be ignored

2) with the auto smartport command activated:

  • macro auto smartport dynamic_type ip_phone_desktop

The switch tries to determine what device is connected (based on dhcp request and other profile information)

and if it detects a destop it wil apply the desktop template wich will change the port to mode access and deactivate the "switchport trunk..." commands (which obviously are for a trunk port)

NB! there are situation where this automatic detection does not work as desired. resulting in an unexpected configuration.


NB! a port for an ip-phone is an ACCESS port with two vlan's allowed (not a trunk)
I guess you configured vlan 40 as the voice vlan ?
this could explain why result is that vlan 1 and 40 are allowed and all other vlan's removed
vlan-1 for the desktop, vlan-40 for the phone/voice vlan

 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card