Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Native VLAN mismatch detected?

Hi -

I've got an ADSL router that has 4 ethernet ports in under the default vlan1.

It looks like this:

interface FastEthernet0

description Uplink

no ip address

!

interface FastEthernet1

no ip address

shutdown

!

interface FastEthernet2

no ip address

shutdown

!

interface FastEthernet3

no ip address

shutdown

!

interface Vlan1

description Switch default vlan1 Network - all Ports

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

The Router works fine. When I plug my laptop into FastEthernet1 it gets a 192.168.0.x IP from the DHCP of the Router and can get on the internet etc. No issues.

The Router needs an uplink to a switch so some access points can use the internet. The switch port is in access mode and has the vlan ID of 50.

When I plug my Router into the switch I get errors on the switch about 'Native VLAN mismatch detected'.

Should my ADSL router be set to use VLAN 50 as well? Would that explain the error?

How do I change my interface vlan1 to be interface vlan 50?

Thanks.

19 REPLIES
Hall of Fame Super Bronze

Native VLAN mismatch detected?

It seems your router port is set to dynamic trunking.

Try settting your router port to 'switchport mode access' or disable negotiation in the switch port with the command 'switchport nonegotiate'.

Regards,

New Member

Native VLAN mismatch detected?

Would that be by default then that the Router ports are set to dynamic trunking?

So would I put 'switchport mode access' under here:

!

interface Vlan1

description Switch default vlan1 Network - all Ports

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

switchport mode access

!

Do I also need to set vlan1 to be vlan 50?

Or do I need to do both, or 1 or the other?

Hall of Fame Super Bronze

Native VLAN mismatch detected?

'switchport mode acess' under the physical router port which is connected to the switch.

Hall of Fame Super Gold

Native VLAN mismatch detected?

John

The easy part of answering your question is to confirm that yes if the router interface is in vlan 1 and the switch port is in vlan 50 that yes there is a vlan mismatch. The more complicated part of answering is trying to determine what is the best way to fix it - and that mostly depends on figuring how you want it to work.

Do you want your laptop to be in the same vlan as the AP and the devices connected to it? If so then you can create vlan 50 in the switch module that is part of your router. Then assign the router interfaces to vlan 50. Then remove the IP address from interface vlan 1 and configure interface vlan 50 and configure the IP address there.

If you want your laptop to be in a subnet separate from the AP and the devices connected to it, then you need to keep most of your router interfaces as they are. You need to create vlan 50 in the switch module that is part of your router, assign the particular router interface that connects to the AP to vlan 50, configure interface vlan 50 on your router, choose a subnet that will be used for the AP, assign an IP address from that subnet to the vlan 50 interface of your router, and implement the appropriate routing, address translation, etc that is needed for the AP and its subnet to access the Internet.

HTH

Rick

New Member

Re: Native VLAN mismatch detected?

Hi,

Thank you.

I'll detail my previous setup.

I had a basic home/consumer grade TPLINK ADSL router. This connected to a Cisco switch (port set in access mode, VLAN 50).

That cisco switch then has an Access Point in another port (and other switches with other Access Points) that has various SSIDS and networks - one of which allows users Guest internet via VLAN 50.

That all worked fine. I guess the TPLINK is a 'dumb' switch and knows nothing of tags.

However plugging my Cisco Router in caused the issues I have mentioned. I guess because the Cisco has the PVID set to 1.

Is it therefore as simple as changing vlan1 to be vlan 50 on my router or do I need to do anything else? I understand all the fastethernet ports will be in that vlan1 but if i change it to vlan50 will they all be under that the same?

Hall of Fame Super Gold

Re: Native VLAN mismatch detected?

John

Thank you for the additional information. I am a bit concerned about the part of your description that says that " (and other switches with other Access Points) that has various SSIDS and networks". If there were multiple networks in the previous environment I am not clear how they will work with your new router.

But in terms of the immediate question, I believe that if you do change the things in the router that currently refer to vlan 1 and make them refer to vlan 50 that it should resolve the reported error with vlan mismatch.

HTH

Rick

New Member

Re: Native VLAN mismatch detected?

Sorry yes I will try and clarify.

We have various Cisco switches.

They have 3 vlans configured - 1 for workstations, 1 for phones and 1 for Guest (vlan 50).

We have a couple of access points that patch into various Cisco switches.

The access points allow you to connet wireless to either the normal workstation network or a 'Guest' connection which puts the user on VLAN 50 and just gives them internet access through the ADSL router.

Normal 'workstations' don't use the ADSL router - they go out via a different method.

I've probably confused the matter here in trying to clarify it.

How do i change my vlan1 to refer to vlan50 instead?

Hall of Fame Super Gold

Native VLAN mismatch detected?

John

Since we do not know which router you have the syntax might be a bit different. But in general it might look something like this.

! remove the IP address from vlan 1

interface vlan 1

no ip address

! you might or might not need to explicitly create the new vlan

vlan 50

name guest_wireless

! create and configure the vlan interface

interface Vlan50

description Switch guest wireless and all Ports

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

! assign router interfaces to the new vlan
interface FastEthernet0

switchport access vlan 50
interface FastEthernet1

switchport access vlan 50
interface FastEthernet2

switchport access vlan 50
interface FastEthernet3

switchport access vlan 50

HTH

Rick

New Member

Native VLAN mismatch detected?

Thank you. It's an 887va.

It was mentioned earlier in the thread to use the commands:

'switchport mode access' or 'switchport nonegotiate' - are they required as well or not required in this situation?

Where would they go (if needed) in the above example just posted?

Hall of Fame Super Gold

Native VLAN mismatch detected?

John

I am not sure that either command is needed, but it would not hurt to put them under each of the physical interfaces (FastEther0, 1, 2, 3) if it would make you more comfortable.

I believe that switchport mode access is the default and is already in use, but try configuring it under FastEther0 as a test. If I am correct that it is the default then it will not show up in the output of show run even after you manually put it into the configuration. If it does show up in the output of show run then perhaps it is worth it to add the command to each of the physical interfaces.

I do not believe that negotiation is a problem in your situation. But if the port on the other switch is truly in access mode with vlan 50 then negotiation is not taking place and using the command to disable it would not hurt anything.

HTH

Rick

Hall of Fame Super Bronze

Re: Native VLAN mismatch detected?

Rick,

Default mode isn't access but dynamic. That's the reason the router port is trying to dynamically trunk.

By setting the 'switchport mode access' in the router port should eliminate the tagged vlan and that's the reason for the 'native vlan' mismatch. Access port do not use 'native vlan' in their frames, trunk ports do.

While your recommendation is sound, using the same VLAN on both devices - for this simple setup isn't needed.

He can remain with VLAN 1 on the router side while having VLAN 50 in their switch environment.

As he stated, it was working before with an unmanaged device - the reason was the unmanaged device did not trunk.

New Member

Native VLAN mismatch detected?

Thank you both. It looks like there is perhaps 2 ways (and maybe even more) to go about this then.

Edison - when you say trunk can you ckarify what the dynamic trunks are - what exactly can it do in that mode - i'm fairly sure as you say i so not need that default setup and need access port - i'd just be interested to here what the default does and why, and how you would use it.

Is there an easy way/command for me to prove the dynamic trunk is in place?

I think for my situation i'd be best trying the below (adding the bit in bold).

interface FastEthernet0

description Uplink

no ip address

switchport mode acesss

!

interface FastEthernet1

no ip address

shutdown

switchport mode access

!

interface FastEthernet2

no ip address

shutdown

switchport mode access

!

interface FastEthernet3

no ip address

shutdown

switchport mode access

!

interface Vlan1

description Switch default vlan1 Network - all Ports

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

If that does not work then i need to make it look like this (though not sure if the 'switchport mode access' is required or not if I do this?

interface FastEthernet0

description Uplink

no ip address

switchport mode acesss

switchport access vlan 50

!

interface FastEthernet1

no ip address

shutdown

switchport mode access

switchport access vlan 50

!

interface FastEthernet2

no ip address

shutdown

switchport mode access

switchport access vlan 50

!

interface FastEthernet3

no ip address

shutdown

switchport mode access

switchport access vlan 50

!

interface Vlan50

description Switch default vlan1 Network - all Ports

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

Many thanks for taking the time to help me out with this issue I look forward to hearing back.

Hall of Fame Super Bronze

Native VLAN mismatch detected?

John,

You can try the command 'show interface switchport' for port configuration at the router side.

Additionally, for the 2nd option to work, make sure to create VLAN 50 in the Vlan database.

New Member

Native VLAN mismatch detected?

Thank you.

Does the vlan database not auto update these days? if not what's the command you refer to?

Hall of Fame Super Bronze

Re: Native VLAN mismatch detected?

In some switches, it automatically creates the VLAN when a port is assigned to it.

However, I don't believe this behavior is present on route-switch modules.

As Best Practice, always create the VLAN manually.

Not sure what type of switch module do you have, but here is an example:

http://www.cisco.com/en/US/products/hw/modules/ps2797/products_configuration_example09186a0080810449.shtml

New Member

Native VLAN mismatch detected?

Hi,

I managed to try this.

I did the following. Create all of this:

interface FastEthernet0

description Uplink

no ip address

switchport mode acesss

switchport access vlan 50

!

interface FastEthernet1

no ip address

shutdown

switchport mode access

switchport access vlan 50

!

interface FastEthernet2

no ip address

shutdown

switchport mode access

switchport access vlan 50

!

interface FastEthernet3

no ip address

shutdown

switchport mode access

switchport access vlan 50

!

interface Vlan50

description Switch default vlan1 Network - all Ports

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

I also set my interface vlan 1 to 'no ip address, no ip nat inside and no ip virtual-reassembly in'. I did not shut it down. Just left it like that.

I then removed my 'dumb' TPLINK adsl router modem that uplinked to my cisco switch.

I plugged the Cisco 887 in.

And then Cisco switch port received a bpdu guard and disabled the port as errdisable status and showed as it had been shut down.

I'd really like to know why that happened.

To resolve I removed the bpdu guard settings from the switch port and then set the port to be active again (and shut, no shut).

Upon doing that everything was perfect.

I'd like to know why the switch port (on the switch) went into an error state though?

Thanks.

New Member

Native VLAN mismatch detected?

Also when I ran the 'switchport mode access and switchport access vlan xx' commands they both applied but in the show run it only shows the swithport access vlan xx  - is this correct? How come the other command does not show in the show run?

Thanks.

Hall of Fame Super Gold

Native VLAN mismatch detected?

John

You have asked 2 questions and here are my answers.

Why did the switch port go into error disabled? The switch port was configured with a feature called bpdu guard. Some switches do this on access ports by default and many switches allow it as an option. The point of bpdu guard is the assumption that an access port would connect to an end device/host and not to a switch. As such it should not receive a Spanning Tree BPDU. If the access port does receive a BPDU then that indicates a problem and the switch puts the interface into error disable. When you connected the 887 its port is a switch port and sends BPDUs which caused the error disable on the switch, until you removed bpdu guard from the port configuration.

Why did the command that you entered not show up in running config? In one of my previous responses I mentioned this, but now let me explain it. If show run did show every command the output would be very extensive. So Cisco has adopted the convention that, for the most part, show run does not include commands that are at their default setting or default value. So since switchport mode access is the default setting for these switch ports then it does not show up in the output of show run.

HTH

Rick

New Member

Re: Native VLAN mismatch detected?

Thank you. I consider this issue resolved now.

15747
Views
5
Helpful
19
Replies
CreatePlease to create content