Solved: layer 3 untagged with trunk connectivity

david_kamal2000@yahoo.com · ‎11-13-2018

Hi,

i have core switch connected to firewall

the interface in core configuration is

interface Ethernet103/1/24
description PA-VM2 -VSwitch2
switchport
switchport mode trunk
no shutdown

interface Vlan3
no ip redirects
ip address 10.153.16.9/21
description Gateway_Of_Server_Zone
no shutdown

and from fw it is untagged interface L3 with ip 10.153.16.8

is that is possible? how they communicate in the switch port is not layer 3?

Seb Rupik · ‎11-14-2018

This would not work as you want.

On a trunk port (eth103/1/4) the default native VLAN is 1 . Any un-tagged traffic arriving on this swithport will be tagged with VLAN1, therefore it will not reach your VLAN3 SVI.

To fix this either create a sub-interface on the firewall and correctly tag the traffic, or change the the native VLAN config on the switch:

!
int Eth103/1/4
  switchport trunk native vlan 3
!

cheers,

Seb.

View solution in original post

Seb Rupik · ‎11-14-2018

This would not work as you want.

On a trunk port (eth103/1/4) the default native VLAN is 1 . Any un-tagged traffic arriving on this swithport will be tagged with VLAN1, therefore it will not reach your VLAN3 SVI.

To fix this either create a sub-interface on the firewall and correctly tag the traffic, or change the the native VLAN config on the switch:

!
int Eth103/1/4
  switchport trunk native vlan 3
!

cheers,

Seb.