Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 315
  • Last Modified:

I accidentally trunked an access port.

I was configuring an AP and trunked interface 46 instead of interface 45 on a cisco switch.

I received a call from the building across the street saying there network went down.
What happens if you trunk an access port?

Was changed to
interface FastEthernet0/46
 description ap-lobby
 switchport access vlan 999
 switchport trunk encapsulation dot1q - ******Command I added on accident ****
 switchport mode trunk - **** Command I added on accident ****
 speed 100
 duplex full

When I removed the two commands above their IP Phone and Desktops seem to be back online but for some reason two users are still not getting a DHCP address and nervous I screwed something up badly. VLAN 999 I believe connection between several buildings in the city , a Metro Ethernet connection I think.  New to company so learning the topology of our network.
0
Tim OBrien
Asked:
Tim OBrien
3 Solutions
 
DarinTCHSenior CyberSecurity EngineerCommented:
well depending on your switch and OS you can sometimes rollback a cisco config....

so you changed to way traffic is tagged

https://learningnetwork.cisco.com/thread/42201
0
 
Tim OBrienSystems EngineerAuthor Commented:
I have an understanding of access and trunk ports.  What I don't understand is the effect it would have on the Network if I made this change. As the Interface I changed was connected to the switch at the other building and curious if it could have somehow filtered to other building as well. I believe the effect was only between the two building but not 100% sure. I am confused as to why there are still some desktops which I can't back online for some reason.

I do have the backup configs but not ready to apply then as the change I made might not have been severe enough, this is why I posted this question to get an understand of what my change may have done, could it have been severe?
0
 
Faruk Onder YerliOwnerCommented:
Hi Tim;

Your problem looks like 3 different option and none of them are related with switch.

One them, VLAN999 has more than one DHCP server that they can receiving IP from another server.  

Second of them  it takes IP address from another server in old trunk configuration and there is IP confilct between both computer.

Third of them looks ARP problem. both computer needs to clean arp table.

To solve first problem you have to listen Vlan999 packets, rest of them can be solved itself after reboot machine,
0
 
DarinTCHSenior CyberSecurity EngineerCommented:
and yes a config change can replicate throughout a network
sometimes we have no idea why...
it will end up being a loop somewhere usually
but since it is just DHCP....
you could always try simple things like forcing a renew...
and flushing things like cache...DNS and even ARP
not sure if i think its the ARP.....
but it would not hurt to flush it
is there still connectivity - can  you ping or see these devices?
are they getting an APIPA address 169- self assigned?
have you tried static addresses?
0
 
Otto_NCommented:
To explain what happened - When you configured the port for trunking, you changed the untagged vlan (which used to be VLAN999 in your environment) to VLAN 1 (the default untagged VLAN for 802.1Q trunking).  Effectively you connected the external LAN (of the building across the street, and perhaps further along as well) to your local VLAN 1 (just as if you've issued a "switchport access vlan 1" on the port).

This will explain why their network went down, and if PC's rebooted during this time, they might have picked up their configs via a DHCP server for VLAN 1 - A simple reboot on their side (or renewal of their DHCP address) should fix the problem.

You can rest assured that no config change you did will change settings in the other network.  Once you remove the incorrect config, the network should be restored completely, and any host issues should be resolved, at worst, by a reboot.
0

Featured Post

IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now