Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
450
Views
0
Helpful
4
Replies

Trunks

mattbashahara
Level 1
Level 1

‎02-10-2008 02:25 PM - edited ‎03-05-2019 09:03 PM

I have setup a port on a 2960 switch that is attaced to my firewall. Everything works fine. My desktop can still see the firewall and get to the internet until I change the mode and vlan of the switch port my desktop is connected to. Then I cannot see the firewall or get to the internet. The client and the firewall are on the same subnet.

My understanding was that trunked ports allowed vlan traffic from any vlan.

What am I missing?

Thanks

Labels:
0 Helpful
4 Replies 4

Edison Ortiz
Hall of Fame
Hall of Fame

‎02-10-2008 02:52 PM

Trunk ports allows you to carry multiple Vlan information on a single link. If the firewall and your desktop are not 'trunk aware', there is not need to configure trunking on those switchports.

When configuring trunking the default Vlan changes to Vlan 1, if that's not your access-vlan, then that's the reason you are no longer able to reach either device.

You can change your native Vlan to match your access-vlan with the command switchport trunk native vlan

HTH,

__

Edison.

0 Helpful

mattbashahara
Level 1
Level 1
In response to Edison Ortiz

‎02-10-2008 07:35 PM

Hi Edison

Sorry for not being clearer. I have the port to the firewall configured as a trunk (I am going to pass multiple vlans to it) not the port to the desktop. I thought that even thought I changed the desktop to access vlan 34 that it could still access the firewall since the firewall was on a trunk port even thought the native vlan for the trunk was vlan 1

Thanks for the help

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to mattbashahara

‎02-10-2008 08:45 PM

You need to verify the trunking configuration between the switch and the firewall. I haven't played much with firewall these days but if you can post the config, I can (or someone else on this board) figure out what's wrong with it.

The switchport is rather easy

interface fx/x

switchport trunk encapsulation do1tq

switchport mode trunk

That's what you entered at the switch, right?

Also, can the workstation ping other devices on Vlan34?

Are you planning to route between Vlans?

What device are you planning to use for routing between Vlans? Remember, the Firewall can't route between Vlans, it forwards traffic from one interface to another after inspection.

__

Edison.

0 Helpful

aijaz802
Level 1
Level 1
In response to mattbashahara

‎02-10-2008 11:19 PM

Hi,

What type/make of firewall is this? Is it aware of dot1q/ISL trunk protocol.

I think you should have a Layer 3 device to allow inter vlan routing and to reach firewall from multiple vlan PCs.

In the first instance it worked becoz the firewall port and desktop port all are in default access vlan 1. When u changed the desktop vlan from default to vlan34 it wont work, even though u kept the desktop n firewall IP in same subnet.

Rate if it helps...

Regards,

*aijaz*

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card