Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
548
Views
3
Helpful
3
Replies

VLAN migration on layer 2 help

nishxx7x
Visitor

‎03-24-2026 09:57 AM

We have Access switches configured as Layer 2.  Issue is migrating away from default VLAN1, some switches have default VLAN 1 on the ports, some are setup with VLAN 1 as management interface IP and some are using both.  The default gateway is forwarded to core switch and to firewall were this VLAN 1 is sitting.

We are planning to migrate legacy switch to new C9200/C9300 and trying to move away from Vlan1.  Need help, what is best way to do this in phase approach as we can't do all switches at same time, also access points are on VLAN 1 as well.

Labels:
0 Helpful
3 Replies 3

M02@rt37
VIP
VIP

‎03-24-2026 10:03 AM - edited ‎03-24-2026 10:03 AM

Hello @nishxx7x 

One approach is to introduce new vlan (users, AP, management) across core and access while keeping vlan1 temporarily, then migrate gradually... First create SVIs and Gw on the core/firewall for new vlan, trunk them to all switches, then move management IP off vlan1 to a dedicated vlan (...99), then migrate access ports and APs one by one to their new vlan ensuring DHCP and routing are ready.

During the transition vlan1 stay active for legacy devices, and once everything is moved you then emove vlan1 from trunks and access ports to fully decommission it without service disrupton !!!

 

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Mark Elsen
Hall of Fame
Hall of Fame

‎03-24-2026 10:07 AM

 

  - @nishxx7x                     You can create other vlans for user and application purposes 
                                           but do not delete vlan1 on switches ;
                                           It’s used for control-plane protocols (like CDP, VTP, sometimes STP)

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎03-24-2026 11:54 AM

There are a couple of techniques that can be used to assist in similar migrations.

The first technique, somewhat common, is to run two subnets on the same VLAN.  This allows you to reassign some IPs so when it comes time to place the two subnets into their own VLANs, the port to VLAN reassignments are minimal and everything has already been assigned IPs as desired.

The other technique, I believe uncommon, would be to connect two logical VLANs, into a single L2 domain.  This would usually allow port VLAN reassignments without changing IPs.

The two techniques could be used at the same time.

Both techniques require a good understanding of them to be used well and ideally they are only used temporarily for a transition.

The last technique is figuring out what needs to be changed, how to do it as quickly as possible, and then just do it during a scheduled outage.

Customers Also Viewed These Support Documents