cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
20112
Views
16
Helpful
6
Replies
gabriel.bostan
Beginner

Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.

Hi guys,

Im trying to simulate a switch in Gns3 and i use 16ESW module in a cisco 3700 router.

Can you please tell why im getting this record after i try to filter which vlans pass through my trunk port:

Router(config-if)#switchport trunk allowed vlan 2,3,4

Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.

Tnx,

Gabriel

1 ACCEPTED SOLUTION

Accepted Solutions
Peter Paluch
Hall of Fame Cisco Employee

Hello Gabriel,

On older switching platforms and modules, the VLANs 1, 1002-1005 were basically untouchable - meaning that apart from being the 5 built-in VLANs that existed even if no other VLANs were created, you could not even manually prune them off the trunks. These VLANs simply had to be allowed everywhere.

Newer switching platforms allow you to prune these VLANs from trunks, although for backward compatibility, neither of these VLANs can be deleted. On recent switches, you can even prune the VLAN1 from trunks. This feature is called VLAN1 Minimization and causes the user data traffic to be pruned off the trunks while the inter-switch protocols carried in VLAN1 (CDP, VTP, etc.) will still be allowed.

The resume: don't worry about this too much, as this is related to a particular IOS and platform limitations. Always start only by allowing only the VLANs you're interested in. If the switch requires to have additional VLANs allowed along as well, it will tell you.

Best regards,

Peter

View solution in original post

6 REPLIES 6
Peter Paluch
Hall of Fame Cisco Employee

Hello Gabriel,

On older switching platforms and modules, the VLANs 1, 1002-1005 were basically untouchable - meaning that apart from being the 5 built-in VLANs that existed even if no other VLANs were created, you could not even manually prune them off the trunks. These VLANs simply had to be allowed everywhere.

Newer switching platforms allow you to prune these VLANs from trunks, although for backward compatibility, neither of these VLANs can be deleted. On recent switches, you can even prune the VLAN1 from trunks. This feature is called VLAN1 Minimization and causes the user data traffic to be pruned off the trunks while the inter-switch protocols carried in VLAN1 (CDP, VTP, etc.) will still be allowed.

The resume: don't worry about this too much, as this is related to a particular IOS and platform limitations. Always start only by allowing only the VLANs you're interested in. If the switch requires to have additional VLANs allowed along as well, it will tell you.

Best regards,

Peter

View solution in original post

ok, greetings for helping me out.

Router(config-if)#do sh run int fa1/8

Building configuration...

Current configuration : 114 bytes

!

interface FastEthernet1/8

switchport trunk allowed vlan 1-4,23,66,75,467,1002-1005

switchport mode trunk

end

sahar.co67
Beginner

İ cant understand how is the problem resolving?

Sent from Cisco Technical Support iPhone App

gabriel.bostan
Beginner

if dont put near other vlans ex: 10,20,30,200 also 1-2, 1002-1005 you will get the message from ios:

Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.

You mean that for example i create vlans 10 , 20 then i should use this vlans(10,20) near the 1-2,1002,1005? Am i understand right?

Sent from Cisco Technical Support iPhone App

correct, just add always vlans 1-2,1002-1005 beside your desired vlans.