Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
62761
Views
105
Helpful
18
Replies

Management and Native VLAN Best Practices

rtmiles24
Level 1
Level 1

‎11-05-2015 11:58 AM - edited ‎03-08-2019 02:35 AM

Currently our network has a Native VLAN of X set on the trunk links.

We have a management VLAN of Y for all our management traffic.

I have read 2 separate recommendations regarding how to handle these VLAN's.

The first recommends using the Native VLAN as the Management VLAN.

The second recommends keeping these VLAN's separate as I currently have it designed.

Both recommendations came from reputable sources.

What is the best practice, and just as importantly, why is it better than the other option?

Thanks in advance.

2 people had this problem
Labels:
18 Replies 18

olefriisheesgaard
Level 1
Level 1
In response to krunal.dave

‎06-26-2019 12:25 PM - edited ‎06-26-2019 12:49 PM

Hi

Sorry for interrupt :-)

But I have a simmilar question.

Have backbone/trunk with VLAN 10(Management) 20(IP phones) 30(Internet access) 990(Native).

Connecting to Standalone AP1242AG AccessPoint SSID1 is member of VLAN20, SSID2 is member of VLAN30.

I want to use VLAN10 as management on the AP.

So what should I do regarding BVI1 interface on the AP ???

Is it possible to assign ip addresses beloging to VLAN10 to BVI1, and do management that way ?? And what about native VLAN ??

Or is it just to put VLAN10 on AP an mark it as native ???

BR

OFH

Denmark

0 Helpful

weylin.piegorsch
Level 1
Level 1
In response to krunal.dave

‎09-12-2020 02:36 AM - edited ‎09-12-2020 02:36 AM

Yep.  This is an unfortunate case where Cisco's best practice recommendation should not be followed.  You MUST use the native VLAN for LWAP management.

RLANs need to be trunked, the VLAN that carries LWAPP/CAPWAP and carries LWAP management must be untagged.  This is fine if there's no RLANs, just make it an access port, but otherwise you need to use the native VLAN to carry WLANs over LWAPP/CAPWAP and to carry LWAP management data.

0 Helpful

lauriusndipwashimwe
Level 1
Level 1
In response to Jon Marshall

‎11-04-2019 08:42 AM

my question is what why do we need to change the default PVID value 1 to something unused?
or why don't we need place any device or port in the native vlan
what is really the advantage of this practises
0 Helpful

Gilbert Wong
Level 1
Level 1
In response to Joel

‎08-03-2021 12:32 AM

Thanks for your answer! But you did not explain the reasons. Could you plz add the reasons?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card