trunking vlan issue - Page 2

macboy276 · ‎12-04-2013

Hi Everybody,

I have pasted the whole configuration of my cisco 3760 switch.

I have having a issue with vlan trunking

on ethernet port 1/0/1 i have configured switch mode trunk.

i have used the following command

switchport trunk encapsulation dot1q

switchport trunk nativ vlan 8

switchport trunk allowed vlan 1-10

If i use nativ vlan command then i get communication with the only described vlan. I want to be able to communicate with vlan 2 and 8.

switchport trunk nativ vlan 8 ( in this case if my laptop is configured with static ip address of vlan 3 it will not work) it will only work if laptop is configured with static ip from vlan 8

switchport trunk nativ vlan 2 ( in this case if my laptop is configured with static ip address of vlan 8 it will not work)it will only work if laptop is configured with static ip from vlan 2

i want to trunk in a way that i can access both vlan depending upon laptop configuration

version 12.2

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime localtime show-timezone

service timestamps log datetime localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname ABCD2013SW01

!

logging buffered 64000 debugging

no logging console

enable secret 5 ----------------------

enable password 7 -------------------

!

username badmin privilege 15 secret 5 $1$3xoh$Hpp2jaldsfjladsfj

username muadminas privilege 15 secret 5 $1$YJb6$sCdareljlkje9ff

aaa new-model

aaa authentication login CON local

aaa authentication login VTY local

aaa authentication enable default enable

aaa authorization exec default local

!

aaa session-id common

clock timezone CET -5

clock summer-time EDT recurring

switch 1 provision ws-c3750g-24ts-1u

vtp mode transparent

ip subnet-zero

no ip source-route

ip routing

ip icmp rate-limit unreachable 1000

ip domain-name xxxxxx.xxx

ip name-server 192.168.1.2

ip name-server 192.168.1.3

!

ip dhcp-server 192.168.1.3

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

--More-- !

vlan internal allocation policy ascending

!

vlan 2

name inside

!

vlan 8

name Internal_LAN

!

interface Null0

no ip unreachables

!

interface GigabitEthernet1/0/1

description **LAN**

switchport trunk encapsulation dot1q

switchport trunk nativ vlan 8

switchport trunk allowed vlan 1-10

switchport mode trunk

no logging event link-status

spanning-tree portfast

!

interface GigabitEthernet1/0/2

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/3

description *** User Port ***

switchport access vlan 8

switchport mode access

no logging event link-status

spanning-tree portfast

!

interface GigabitEthernet1/0/4

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/5

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/6

description *** User Port ***

switchport access vlan 2

switchport mode access

--More-- !

interface GigabitEthernet1/0/7

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/8

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/9

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/10

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/11

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/12

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/13

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/14

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/15

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/16

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/17

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/18

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/19

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/20

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/21

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/22

description *** User Port ***

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet1/0/23

description *** User Port ***

switchport access vlan 8

switchport mode access

!

interface GigabitEthernet1/0/24

description *** User Port ***

switchport access vlan 8

switchport mode access

!

interface GigabitEthernet1/0/25

description **UPLINK**

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1-10

switchport mode trunk

!

interface GigabitEthernet1/0/26

description **UPLINK**

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1-10

switchport mode trunk

!

interface GigabitEthernet1/0/27

description **UPLINK**

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1-10

switchport mode trunk

!

interface GigabitEthernet1/0/28

description **UPLINK**

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1-10

switchport mode trunk

!

interface Vlan1

no ip address

no ip redirects

ip directed-broadcast

no ip proxy-arp

shutdown

!

interface Vlan2

description ** Management **

ip address 192.168.1.92 255.255.255.0

no ip redirects

ip directed-broadcast

no ip proxy-arp

!

interface Vlan8

description ** Internal_LAN **

ip address 172.168.1.92 255.255.255.0

ip helper-address 192.168.1.3

no ip redirects

ip directed-broadcast

no ip proxy-arp

!

ip default-gateway 192.168.1.1

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip http server

ip http authentication local

!

access-list 97 remark ** NTP-ACCESS **

access-list 97 remark ** NTP-Server

access-list 97 permit 192.168.1.3

access-list 97 deny any log

access-list 98 remark ** SNMP-ny any log

access-list 98 remark ** SNMP-ACCESS **

access-list 98 permit 192.168.1.60

access-list 98 deny any log

access-list 99 remark ** VTY_ACCESS **

access-list 99 deny any log

access-list 99 permit 192.168.1.0 0.0.0.255

snmp-server community abiYHORHAEN RO

snmp-server chassis-id ABCD2013SW01

radius-server source-ports 1645-1646

!

control-plane

!

banner exec ^CCCCCCCCC

VMWAFAR TECHNOLOGY

you are now connected to: $(hostname).$(domain)

^C

banner login ^CCCCCCCCC

********************************************************************

** banner **

**********************WARNING***************************************

*secure *

********************************************************************

^C

!

line con 0

exec-timeout 30 0

login authentication CON

history size 30

transport output none

stopbits 1

line vty 0 4

access-class 99 in

exec-timeout 30 0

password 7 091D5EADKRCR130700

logging synchronous

login authentication VTY

length 0

history size 30

transport preferred none

transport output none

line vty 5 15

access-class 99 in

exec-timeout 30 0

password 7 091D5E080138934450

logging synchronous

login authentication VTY

length 0

history size 30

transport preferred none

transport output none

!

ntp clock-period 36028917

ntp access-group peer 97

ntp server 192.168.1.7 prefer

end

Jan Hrnko · ‎12-04-2013

Hi,

alright, I was asking about that because you posted this before:

vlans in spanning tree forwarding state and not pruned

so it was just blank?

I'm just wondering if it has to do something with that portfast command.

Port Vlans in spanning tree forwarding state and not pruned

Gi1/0/1 2,8

But everything look ok right now so maybe you could try that wireshark sniff with ping or traceroute in promiscuous mode, to see if you receive any response.

Best regards,

Jan

macboy276 · ‎12-04-2013

I will wireshark too. Here is another thing

show vtp status

VTP Version : 2

Configuration Revision : 0

Maximum VLANs supported locally : 1005

Number of existing VLANs : 7

VTP Operating Mode : Transparent

VTP Domain Name :

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0xF3 0x57 0x0D 0x97 0x1F 0x75 0xF4 0xD1

Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

macboy276 · ‎12-06-2013

I guess i did not mention earlier that i am trunking this switch with CISCO ASA 5505 Firewall. i have seen some people are complaining about this kind of senerio. i am attaching the ping and tracert wireshark report.