Connection Lost When Access VLAN is Removed from Trunk Port

sleepless swan · ‎04-18-2023

I have a port which I've configured to allow multiple VLANs. This port connects the switch to the server and hopefully the VMs inside it. I noticed that that port had access and not trunk like so:

interface FastEthernet0/1

switchport access vlan 10

switchport trunk allowed vlan 10,20,30

I believe that is incorrect because all the tutorials I've seen have it configured like this:

interface FastEthernet0/1

switchport trunk allowed vlan 10,20,30

switchport mode trunk

but once I do that and remove the 'switchport access' I lose connectivity to the server. Also, whenever I try to issue the 'switchport mode trunk/ I must use the 'switchport trunk encapsulation dot1q' or else it won't become a trunk port. So the configuration looks like this now:

interface FastEtherenet0/1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 10,20,30

switchport mode trunk

Do I really have to use switchport access with trunk? If not, how could I possibly fix it?

alexanderchance · ‎04-19-2023

When your switchport is configured as you first mention, could you try "show interface FastEthernet0/1 switchport"? There you can see which mode the switchport is operating in. It should say "static access" because when you issue the "switchport mode trunk" command you change the operational mode to trunk.

MHM Cisco World · ‎04-19-2023

the switchport have two Mode
this can help you to check the real status of switchport
#sh interfaces gig 1/0/32 switchport
Name: Gi1/0/32
Switchport: Enabled
Administrative Mode: .....<<- Admin Mode this what you config
Operational Mode: .....<<- this what SW really use
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: 8,170
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Flavio Miranda · ‎04-19-2023

Hi,

It seems pretty clear what is going on there. The communication works when you use access because you are not tagging the packets then the server can understand and reply accordingly.

The commnad "shitchport mode trunk" works well between two cisco switches as they can recognise and negociate properly the protocol and do trunk each other. But, between switch and router , depending the router model and version, you need to use the command "encapsulation dot1q" in order the other side be aware that the communication will be using trunk.

Not all Servers understand trunking and you need to use Access port instead. But, if you configured "encapsulation dot1q" and you are able to stablish communication with the server, then, it understand 802.1Q protocol .

Take a look on the server datasheet to make sure what is the best way to connect it to the network and what possibilities you have.

But answering your last question, no you dont need or have to use trunk and access on the same port. What is happening there is that the access is possibiliting the communication and the trunk configuration is ignored.

sleepless swan · ‎04-19-2023

I'm using a L3 switch that is connected to the server with no router. I cleared the trunk configs on side port and add/removed management VLAN from server until it finally worked without access.

Thanks!

Flavio Miranda · ‎04-19-2023

Great, which means you server does support trunk.