Cisco VLAN Configuration

Posted on 2009-04-27
Last Modified: 2012-05-06
Dear All,

   I have core switch 4500 with 10 VLANs configured, as Vlan 2, 3,4,etc,  a fiber link is going from the core switch to each location, some ports from the core switch 4500 is connected to 2 sites ( Diffrenet Vlans ), cisco 2950 switches are configured as client mode in all the location,  this setup was there for two years, my problem is that in one day I had a network slowness and some Vlans were down ( Trunk light was off) and when i restared the swicth the truck was on again,  in my core switch I have configured the Trunk as below

interface GigabitEthernet3/1
 switchport access vlan 5
 switchport trunk encapsulation dot1q
 switchport mode trunk

I think I have problem with the second line ( switchport access vlan 5 ) as it should not be there)
How to change the configuration in the core switch and have it replicated to other swicthes as I have done the same command  (switchport access vlan ) on all he 2950 trunks. also how to use Vlan allow command.

Kindly assist.
Question by:ITMaster1979
    LVL 15

    Accepted Solution

    First of all  "switchport access vlan 5" will place the link in vlan 5 if trunking fails. But as long as trunking is up it does no harm. A simple "no switchport access vlan 5"  will remove it.

    Now the "switchport trunk allowed vlan 2,3,4,5" or "switchport trunk allowed vlan 2-5" are pretty self explanitory they will only trunk VLANs that are in the list. Just be carefull and check your configs after especially if you are making changes to a current allow using the "switchport trunk allowed vlan add" or "switchport trunk allowed vlan remove"

    Now your asking how you can propagate these changes. I don't know how or if that can be done. I honestly have never heard of changes like this being automatically forced to other switches. You just have to configure both sides of the trunk the same.
    LVL 79

    Assisted Solution

    Agree with above.
    You should remove the switchport access line with a simple "no"
    Then start with the farthest switch, change it, then change the one it is connected to and so on.
    Else you can use something like Kiwi Cattools to create a simple script to make the changes, then push on a scheduled job. Even with the automated tools, you would make sure the farthest ones get changed first.

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Join & Write a Comment

    Suggested Solutions

    Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
    We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now