Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VLANs Without 802.1Q Tagging

We're working with an IDS vendor that cannot analyze 802.1Q tagged packets. Currently we have a Catalyst 37xx Stack with several VLAN's using 802.1Q tagging to trunk to a 2821 with several Ethernet subinterfaces.

Can we remove 802.1Q tagging and still trunk to the subinterfaces?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: VLANs Without 802.1Q Tagging

That's correct.

3 REPLIES

Re: VLANs Without 802.1Q Tagging

I am afraid that's not possible. Without the vlan tag the router wouldn't be able to differentiate which VLAN the traffic belongs to. I don't know if making the switch handle all layer 3 traffic forwarding and making the port connected to 2811 an access port would meet your IDS requirement. As you are probably aware all traffic sent out on the access port wouldn't be tagged.

HTH

Sundar

New Member

Re: VLANs Without 802.1Q Tagging

So my best bet here if we want to eliminate 802.1Q is to put the router on it's own VLAN and then have the switch handle all VLAN routing?

Re: VLANs Without 802.1Q Tagging

That's correct.

175
Views
0
Helpful
3
Replies