Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
413
Views
0
Helpful
3
Replies

Confused about native VLAN

davehedgehog
Level 1
Level 1

‎07-20-2007 02:32 AM - edited ‎07-03-2021 02:22 PM

I have a Cisco 3750 switch with the following VLAN's

2 - Engineers

3 - Automation Dept

4 - AN Other Company

5 - Guest Access

I have an 1131ag connected to the 3750 and I have setup a dot1q trunk on the swithchport that connects to the AP.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a0080665ceb.shtml

The above guide stresses I must configure a native VLAN but I dont understand why. All traffic on the link between the AP and the 3750 will be tagged surely, where will untagged frames come from. All of the VLANS I mentioned will have an SSID on the access point. If i must configure a native VLAN can it be one that has an SSID on the AP or does it have to be a seperate VLAN. also, the guide seems to show that you set up subinterfaces on the radio interface and set the encapsulation as dot1q. why would i need to set up dot1q on the radio interface? think i'm missing the point - please could someone explain. thanks i'm tearing my hair out here!

Labels:
0 Helpful
3 Replies 3

andrew.brazier
Level 4
Level 4

‎07-20-2007 04:02 AM

You need to set up VLAN 1 on the AP as the native VLAN and a corresponding VLAN 1 on the switch. The AP useS VLAN 1 for management traffic, no VLAN 1, no AP management. No need to associate an SSID with VLAN 1 as it's purely to manage the AP.

0 Helpful

davehedgehog
Level 1
Level 1
In response to andrew.brazier

‎07-20-2007 04:18 AM

ok i'll give that a go now. I don't have any member ports on VLAN1 on the switch but I'll set the dot1q trunk to have have VLAN1 as the native VLAN. was a bit confused as to why i needed to have vlan1 on the trunk if no other ports are a member of that vlan. I was taught on CCNA not to use VLAN1, but I suppose if there's no member ports on the switch then it can't be a security issue.

I'll report back! thanks!

0 Helpful

rtford31
Level 1
Level 1

‎07-27-2007 12:31 AM

Cisco best practices recommend setting up your native vlan on your network other than vlan1, which is the default native vlan. If you don't define explicitly a native vlan it will default to vlan1. Native VLans are always untagged.

If configured correctly the primary purpose of your native vlan in a multi vlan environment is to carry traffic between trunk ports. Unless you setup multiple cables (i.e. Fiber)between your switches and each cable is configured for a particular vlan - in order for data to travel over your trunk links it has to be carried on the native vlan and then separated out at the other side.

Dot1q and/or Inner-Switch Link (ISL) is the protocol that encapsulates packets on trunked ports.

In order for vlan 2, 3, 4 and 5 to traverse across your network the link between your switch(s) and APs must be configured as trunk ports.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card