Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX-515 interface errors

We have a physical interface that has 2 vlans on it. On show interface, there is the following:

21450335 invalid VLAN ID errors, 61212 native VLAN errors

The invalid VLAN ID errors are incrementing by about 120 a minute....does anyone have any ideas what causes them? There's nothing in the logs. Is it a config problem on a host?

Thanks

J

4 REPLIES

Re: PIX-515 interface errors

hello J,

Can you post us the configs please? probably there are some mismatches on the native vlan configured on the switch and the PIX firewalls... usually on a well-configured PIX, u will not get such errors... First, make the switch with plain configs (only configure trunk) and see if u get these errors...

Raj

New Member

Re: PIX-515 interface errors

Many thanks Raj for your response.

Well here is a section of the config:

interface ethernet1 100full

interface ethernet1 vlan30 physical

interface ethernet1 vlan1 logical

nameif ethernet1 A security100

nameif vlan1 B security85

ip address A 192.168.1.0 255.255.255.0

ip address B 192.168.2.0 255.255.255.0

Unfortunately this is a live environment so I can't play around with it.

Any idea what the errors indicate?

Thanks,

J

Bronze

Re: PIX-515 interface errors

Well, the pix considers the physical interface the 'native' vlan - are you sure the native vlan configured on the trunk is vlan 30?

I'm assuming that the 192.168.1.0 network is working?

Also - can you send us the configuration for that portion of the switch (the trunk?)

--Jason

New Member

Re: PIX-515 interface errors

Hi Jason,

Many thanks for your response.

The native vlan on the trunk port is 1 (default). Do you think that's where the problem lies - for VLAN ID errors and native ID errors?

interface FastEthernet1/0/1

switchport trunk encapsulation dot1q

switchport mode trunk

no logging event link-status

duplex full

speed 100

no snmp trap link-status

no mdix auto

end

Thank you,

J

132
Views
0
Helpful
4
Replies