Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

Confused about native VLAN

I have a Cisco 3750 switch with the following VLAN's

2 - Engineers

3 - Automation Dept

4 - AN Other Company

5 - Guest Access

I have an 1131ag connected to the 3750 and I have setup a dot1q trunk on the swithchport that connects to the AP.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a0080665ceb.shtml

The above guide stresses I must configure a native VLAN but I dont understand why. All traffic on the link between the AP and the 3750 will be tagged surely, where will untagged frames come from. All of the VLANS I mentioned will have an SSID on the access point. If i must configure a native VLAN can it be one that has an SSID on the AP or does it have to be a seperate VLAN. also, the guide seems to show that you set up subinterfaces on the radio interface and set the encapsulation as dot1q. why would i need to set up dot1q on the radio interface? think i'm missing the point - please could someone explain. thanks i'm tearing my hair out here!

3 REPLIES

Re: Confused about native VLAN

You need to set up VLAN 1 on the AP as the native VLAN and a corresponding VLAN 1 on the switch. The AP useS VLAN 1 for management traffic, no VLAN 1, no AP management. No need to associate an SSID with VLAN 1 as it's purely to manage the AP.

New Member

Re: Confused about native VLAN

ok i'll give that a go now. I don't have any member ports on VLAN1 on the switch but I'll set the dot1q trunk to have have VLAN1 as the native VLAN. was a bit confused as to why i needed to have vlan1 on the trunk if no other ports are a member of that vlan. I was taught on CCNA not to use VLAN1, but I suppose if there's no member ports on the switch then it can't be a security issue.

I'll report back! thanks!

New Member

Re: Confused about native VLAN

Cisco best practices recommend setting up your native vlan on your network other than vlan1, which is the default native vlan. If you don't define explicitly a native vlan it will default to vlan1. Native VLans are always untagged.

If configured correctly the primary purpose of your native vlan in a multi vlan environment is to carry traffic between trunk ports. Unless you setup multiple cables (i.e. Fiber)between your switches and each cable is configured for a particular vlan - in order for data to travel over your trunk links it has to be carried on the native vlan and then separated out at the other side.

Dot1q and/or Inner-Switch Link (ISL) is the protocol that encapsulates packets on trunked ports.

In order for vlan 2, 3, 4 and 5 to traverse across your network the link between your switch(s) and APs must be configured as trunk ports.

154
Views
0
Helpful
3
Replies
CreatePlease to create content