Hi, okay I understand and I know what is native vlan now. One different example if I have backbon switching network and in two end switches are configured between them for native vlan 10 for example and trunk. And now I send tagged frame with vlan 10 from somewhere before these two switches in the end of my network, when switch Y receive my tagged frame with vlan 10, the switch Y remove the tag 10 from frame and forward it to switch Z untagged because switch Y put the frame in native vlan 10, because the trunk line is configured with native vlan 10? And now example with one end switch and with one Access point type Lightweight. The switch Z and Acces point are configured for the same native vlan 10 and trunk, AP for example give to clients vlans 20 and 30 but the AP management ip address is in vlan 10. Now if I connect to network from administration pc in vlan 10 and try to connect to this AP when my frame received form switch Z, switch Z will remove vlan 10 tag and it will put it in native vlan 10 untagged and will forward the frame to the AP management ip address? Am I right? If I am right why For management AP we need to use the native vlan and untagged frame to do the remote session to the AP? Or just because we not want to management vlan of AP to forward after AP or management of AP just not understand of tagged vlans frames? I am complicated, because today for management all switches in layer two I used one vlan for management and it was enough to put IP addresses from the management vlan for example 10 in all switches in interface vlan 10 inside the switches with out using native vlan, and all frames with which they work in this case only in trunk and with tagged frames.

Hi,

Q: when switch Y receive my tagged frame with vlan 10, the switch Y remove the tag 10 from frame and forward it to switch Z untagged because switch Y put the frame in native vlan 10, because the trunk line is configured with native vlan 10? 

Ans: Yes, Switch Y will remove the tag before put on the trunk port.

Q: Now if I connect to network from administration pc in vlan 10 and try to connect to this AP when my frame received form switch Z, switch Z will remove vlan 10 tag and it will put it in native vlan 10 untagged and will forward the frame to the AP management ip address? Am I right? 

Ans:  Yes, it will forward the packet to AP management interface. 

Q: Why For management AP we need to use the native vlan and untagged frame to do the remote session to the AP? 

Ans: this is not correct for always. If you want to make it tag then you can do it but you must configure same tag VLAN as management VLAN in the AP before connect to the switch port. Otherwise, your AP will not connect to the right VLAN and will connect to the WLC.

More information: https://www.cisco.com/c/en/us/support/docs/wireless/aironet-1100-series/46141-vlanswireless.html#new2

Regards,

Deepak Kumar