<\/use><\/svg><\/div><\/a><\/div><\/p>","upvoteCount":4,"datePublished":"2021-01-14T12:52:24.000Z","url":"https://community.spiceworks.com/t/draytek-router-cisco-native-vlan-question/787403/1","author":{"@type":"Person","name":"wddossett","url":"https://community.spiceworks.com/u/wddossett"}},{"@type":"Answer","text":"
never mind… it was on the cisco end, I hadn’t allowed<\/p>\n
cisco-p(config-if)#switchport<\/span> trunk native vlan 10<\/p>\ncisco-p(config-if)#switchport<\/span> access vlan 10<\/p>\nso the port is:<\/p>\n
Negotiation of Trunking: On
I think that is correct, works anyway… I seem to remember I need that access mode vlan set, but happy for anyone to tell me not. It came to me as I remember I had quite a time with getting the native vlan out of my ether channel until I realized you have to specifically allow native vlans out… and no lectures about using native vlan and vlan jumping etc as this is my home network and I need native vlan to carry untagged traffic to some devices that understand vlans, but need to pass some untagged traffic on to devices that don’t.<\/p>","upvoteCount":0,"datePublished":"2021-01-14T13:14:55.000Z","url":"https://community.spiceworks.com/t/draytek-router-cisco-native-vlan-question/787403/2","author":{"@type":"Person","name":"wddossett","url":"https://community.spiceworks.com/u/wddossett"}},{"@type":"Answer","text":"
Strange config on the draytek - you are using the LAN1 subnet on Port 1 as both the native and also tagging it with vlan 10. Really you should just have it enabled on 1 otherwise it is possible to create a loop.<\/p>\n
On the cisco end you have set it to native vlan 10 - so any untagged traffic comes into vlan 10 - this is how it is working and not the tagged vlan 10. The command \" switchport access vlan 10\" has no effect as the port is in trunk mode.<\/p>","upvoteCount":0,"datePublished":"2021-01-14T19:46:45.000Z","url":"https://community.spiceworks.com/t/draytek-router-cisco-native-vlan-question/787403/3","author":{"@type":"Person","name":"matt7863","url":"https://community.spiceworks.com/u/matt7863"}},{"@type":"Answer","text":"
Hi Matt, I think you helped me with this originally … I needed to use a native vlan to go to my draytek WAPs so it could pass it thru to my sonos connect… which worked well…<\/p>\n
I just noticed the VLAN2 with tagged and untagged the other day and was like, um, that doesn’t look right, but it was working - though I have had some weird stuff on the network which is why I was poking around… so I tried just deleting it and everything stopped working, so then I went to look at the cisco and sure enough native wasn’t allowed on the trunk. I have learned the hard way that you have to allow native vlan on trunk ports explicitly … just allowing all vlans doesn’t allow native vlan. I am working with some Brocade Turbo Iron 10Gb switches which are etherchanneled into the Cicso and between Brocade and their implementation which is set the port to dual-mode and cisco allowing native on trunk - well, like I said, I learned the hard way over several days! I didn’t think I needed the switchport access vlan10 as native is allowed, so I can remove those now and backup my configs!<\/p>","upvoteCount":0,"datePublished":"2021-01-14T19:59:42.000Z","url":"https://community.spiceworks.com/t/draytek-router-cisco-native-vlan-question/787403/4","author":{"@type":"Person","name":"wddossett","url":"https://community.spiceworks.com/u/wddossett"}}]}}
wddossett
January 14, 2021, 12:52pm
1
I have a drayteck 2120 series router incoming from internet. This connects to my cisco 2960 which has a guest vlan 15 on it and a native vlan 10. I set this up a while back and looking at it now, I don’t under stand why I have to tag it this way… as vlan 10 is native on the cisco, I would think I would not tag it on the router, and I’m actuallly surprised it works this way, but, it does not work if I disable vlan2 and the tagging…
4 Spice ups
wddossett
January 14, 2021, 1:14pm
2
never mind… it was on the cisco end, I hadn’t allowed
cisco-p(config-if)#switchport trunk native vlan 10
cisco-p(config-if)#switchport access vlan 10
so the port is:
Negotiation of Trunking: On
I think that is correct, works anyway… I seem to remember I need that access mode vlan set, but happy for anyone to tell me not. It came to me as I remember I had quite a time with getting the native vlan out of my ether channel until I realized you have to specifically allow native vlans out… and no lectures about using native vlan and vlan jumping etc as this is my home network and I need native vlan to carry untagged traffic to some devices that understand vlans, but need to pass some untagged traffic on to devices that don’t.
matt7863
January 14, 2021, 7:46pm
3
Strange config on the draytek - you are using the LAN1 subnet on Port 1 as both the native and also tagging it with vlan 10. Really you should just have it enabled on 1 otherwise it is possible to create a loop.
On the cisco end you have set it to native vlan 10 - so any untagged traffic comes into vlan 10 - this is how it is working and not the tagged vlan 10. The command " switchport access vlan 10" has no effect as the port is in trunk mode.
wddossett
January 14, 2021, 7:59pm
4
Hi Matt, I think you helped me with this originally … I needed to use a native vlan to go to my draytek WAPs so it could pass it thru to my sonos connect… which worked well…
I just noticed the VLAN2 with tagged and untagged the other day and was like, um, that doesn’t look right, but it was working - though I have had some weird stuff on the network which is why I was poking around… so I tried just deleting it and everything stopped working, so then I went to look at the cisco and sure enough native wasn’t allowed on the trunk. I have learned the hard way that you have to allow native vlan on trunk ports explicitly … just allowing all vlans doesn’t allow native vlan. I am working with some Brocade Turbo Iron 10Gb switches which are etherchanneled into the Cicso and between Brocade and their implementation which is set the port to dual-mode and cisco allowing native on trunk - well, like I said, I learned the hard way over several days! I didn’t think I needed the switchport access vlan10 as native is allowed, so I can remove those now and backup my configs!
![\"Screen_Shot_2021-01-14_at_6.49.51_AM.png\"](\"https://us1.discourse-cdn.com/spiceworks/original/4X/1/7/d/17d629915decfddd9599d5b929d907362875e515.png\")