VLAN 1 admin down

Unanswered Question
Oct 26th, 2009
User Badges:

Hi,

We have a switch at remote location. Which is just out of box and showing as VLAN 1 as admin down. Is this correct? We have connected hosts to that switch and those hosts are working fine. Does VLAN1 admin down hamper any swicth operation. It is just an edge switch with hosts connected to it nothing more.

Please share the experience.

Any link on Cisco.com which can help me.

( Otherwise we may have to actually configure the swicth by connecting the console it's a big practical problem to do it remotely)

Thanks in advance.

Subodh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Mon, 10/26/2009 - 14:12
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Subodh


The vlan 1 L3 interface is used for managing the switch if the switch is purely a L2 switch or being used as a L2 switch. So the fact that vlan 1 interface is down will not stop the devices connected to the switch from working but it will stop you being able to remotely connect to it unless you either


a) configure vlan 1 interface wih an IP address and bring it up


or


b) configure another L3 vlan interface with an IP address and bring it up.


Note the above applies to a switch operating primarily at L2 ie. it is not routing between vlans.


Jon

Giuseppe Larosa Mon, 10/26/2009 - 14:23
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Subodh,


>> Does VLAN1 admin down hamper any swicth operation.


No, this just can be a problem ony for managing the device


Layer2 only LAN switches like C2950 can have only one SVI L3 Vlan interface active at any given time.

This is because it is used just to manage it.


Check if at least one interface Vlan X is up/up.

A C2950 behaves in this way: if you define a second SVI and you put it up/up the previously used SVI is shut down.

I remember I tested this in lab.



So if you can telnet/SSH to device this is wanted and not an issue.

Be also aware that all L2 security best practices recommend to do not use Vlan1 at all.


Hope to help

Giuseppe


Actions

This Discussion