cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
29839
Views
18
Helpful
6
Replies

Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.

gabriel.bostan
Level 1
Level 1

Hi guys,

Im trying to simulate a switch in Gns3 and i use 16ESW module in a cisco 3700 router.

Can you please tell why im getting this record after i try to filter which vlans pass through my trunk port:

Router(config-if)#switchport trunk allowed vlan 2,3,4

Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.

Tnx,

Gabriel

1 Accepted Solution

Accepted Solutions

Peter Paluch
Cisco Employee
Cisco Employee

Hello Gabriel,

On older switching platforms and modules, the VLANs 1, 1002-1005 were basically untouchable - meaning that apart from being the 5 built-in VLANs that existed even if no other VLANs were created, you could not even manually prune them off the trunks. These VLANs simply had to be allowed everywhere.

Newer switching platforms allow you to prune these VLANs from trunks, although for backward compatibility, neither of these VLANs can be deleted. On recent switches, you can even prune the VLAN1 from trunks. This feature is called VLAN1 Minimization and causes the user data traffic to be pruned off the trunks while the inter-switch protocols carried in VLAN1 (CDP, VTP, etc.) will still be allowed.

The resume: don't worry about this too much, as this is related to a particular IOS and platform limitations. Always start only by allowing only the VLANs you're interested in. If the switch requires to have additional VLANs allowed along as well, it will tell you.

Best regards,

Peter

View solution in original post

6 Replies 6

Peter Paluch
Cisco Employee
Cisco Employee

Hello Gabriel,

On older switching platforms and modules, the VLANs 1, 1002-1005 were basically untouchable - meaning that apart from being the 5 built-in VLANs that existed even if no other VLANs were created, you could not even manually prune them off the trunks. These VLANs simply had to be allowed everywhere.

Newer switching platforms allow you to prune these VLANs from trunks, although for backward compatibility, neither of these VLANs can be deleted. On recent switches, you can even prune the VLAN1 from trunks. This feature is called VLAN1 Minimization and causes the user data traffic to be pruned off the trunks while the inter-switch protocols carried in VLAN1 (CDP, VTP, etc.) will still be allowed.

The resume: don't worry about this too much, as this is related to a particular IOS and platform limitations. Always start only by allowing only the VLANs you're interested in. If the switch requires to have additional VLANs allowed along as well, it will tell you.

Best regards,

Peter

ok, greetings for helping me out.

Router(config-if)#do sh run int fa1/8

Building configuration...

Current configuration : 114 bytes

!

interface FastEthernet1/8

switchport trunk allowed vlan 1-4,23,66,75,467,1002-1005

switchport mode trunk

end

sahar.co67
Level 1
Level 1

İ cant understand how is the problem resolving?

Sent from Cisco Technical Support iPhone App

gabriel.bostan
Level 1
Level 1

if dont put near other vlans ex: 10,20,30,200 also 1-2, 1002-1005 you will get the message from ios:

Command rejected: Bad VLAN allowed list. You have to include all default vlans, e.g. 1-2,1002-1005.

You mean that for example i create vlans 10 , 20 then i should use this vlans(10,20) near the 1-2,1002,1005? Am i understand right?

Sent from Cisco Technical Support iPhone App

correct, just add always vlans 1-2,1002-1005 beside your desired vlans.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco