Cisco VLAN Configuration

Posted on 2009-04-27
Medium Priority
Last Modified: 2012-05-06
Dear All,

   I have core switch 4500 with 10 VLANs configured, as Vlan 2, 3,4,etc,  a fiber link is going from the core switch to each location, some ports from the core switch 4500 is connected to 2 sites ( Diffrenet Vlans ), cisco 2950 switches are configured as client mode in all the location,  this setup was there for two years, my problem is that in one day I had a network slowness and some Vlans were down ( Trunk light was off) and when i restared the swicth the truck was on again,  in my core switch I have configured the Trunk as below

interface GigabitEthernet3/1
 switchport access vlan 5
 switchport trunk encapsulation dot1q
 switchport mode trunk

I think I have problem with the second line ( switchport access vlan 5 ) as it should not be there)
How to change the configuration in the core switch and have it replicated to other swicthes as I have done the same command  (switchport access vlan ) on all he 2950 trunks. also how to use Vlan allow command.

Kindly assist.
Question by:ITMaster1979
LVL 15

Accepted Solution

bkepford earned 1000 total points
ID: 24242998
First of all  "switchport access vlan 5" will place the link in vlan 5 if trunking fails. But as long as trunking is up it does no harm. A simple "no switchport access vlan 5"  will remove it.

Now the "switchport trunk allowed vlan 2,3,4,5" or "switchport trunk allowed vlan 2-5" are pretty self explanitory they will only trunk VLANs that are in the list. Just be carefull and check your configs after especially if you are making changes to a current allow using the "switchport trunk allowed vlan add" or "switchport trunk allowed vlan remove"

Now your asking how you can propagate these changes. I don't know how or if that can be done. I honestly have never heard of changes like this being automatically forced to other switches. You just have to configure both sides of the trunk the same.
LVL 79

Assisted Solution

lrmoore earned 1000 total points
ID: 24246049
Agree with above.
You should remove the switchport access line with a simple "no"
Then start with the farthest switch, change it, then change the one it is connected to and so on.
Else you can use something like Kiwi Cattools to create a simple script to make the changes, then push on a scheduled job. Even with the automated tools, you would make sure the farthest ones get changed first.

Featured Post

Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question