07-09-2009 07:49 AM - edited 03-06-2019 06:40 AM
Is it possible to have multiple vlans in single port? Current configuration what i have is "switchport access vlan2" which means if a vlan3 users wanted to connect on this same port, I will have change the configuration as "switchport access vlan3" every time & vice versa. This is required for me to have this achieve in the conference room network ports in my office where multiple users from various vlan's often connects & every time I will have to change the port settings manually
07-09-2009 07:56 AM
Yes and no....you can have two vlans on one port but only one for Data and the other for VoIP, but you can't have two differnt VLAN's for data or even two different VLAN's for VoIP.
Do all your people have static IP addresses? Also are they in different VLAN for security reasons?
Mike
07-09-2009 08:20 AM
Multiple vlans YES, because for security reason as vlan 2 uses should access all vlans & vlan 3 should access only internet.
All users will get IP address from DHCP server using ip helper-address.
07-09-2009 09:15 AM
Some of the latest port security stuff supports access port VLAN assignment based on user authenication (non-authenicated users get a guest VLAN).
07-09-2009 02:44 PM
How about configuring the ports as Dot1Q Trunk and specifying what VLANs are allowed?
07-09-2009 05:45 PM
Leo,
That was really a good thought. Lemme try this morning & will come back with the test result :-)
07-10-2009 09:37 AM
Unfortunately it never worked & ended up with unsuccessful result :-(
07-10-2009 07:16 PM
what switch are you using?
Pronoy
07-11-2009 05:14 AM
I use WS-C2960-48TT-L & the IOS is
c2960-lanbase-mz.122-35.SE5.bin
07-11-2009 04:52 PM
Ok, now you getting my curiosity. Any switch can do Dot1Q. Can you elaborate why it's not working?
07-11-2009 07:24 PM
"switcport trunk encapsulation dot1q" & is found in my 3650 but in 2960 "switchport mode trunk" is alone found. Could that be a limitation in 2960 switch?
07-11-2009 11:22 PM
Ahhhh ... The 2950 and 2960 switch will only support Dot1Q encapsulation. This is why the command "switchport trunk encapsulation dot1q" doesn't exist on these two models.
If you enter the command "sh interface
07-12-2009 06:09 AM
Leo,
I found a better way to acheive this by implementing VMPS. But I really appreciate for your continuious suggestion :-)/
07-18-2009 07:33 AM
However, VMPS demands a CatOS device somewhere and is an old feature which Cisco is not supporting going forward (as CatOS is deprecated).
See also this article:
http://www.networkworld.com/community/node/42923?source=NWWNLE_nlt_daily_am_2009-06-24
The way forward will be to look into NAC.
HTH
07-19-2009 06:03 AM
Just out of curiosity: do your users bring laptops to the conference room and have to connect into your switch?
Are the clients assigned to a VLAN in the operating system?
Please describe your scenario more for the sake of wisdom. I'd like to know what to think about if I have to approach such a situation in the future.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide