VLANS and Cisco Switches

djshaunvt · July 20, 2020, 5:45pm

Hi All.

Has anyone used VLANS on a cloudcore for example and then cisco switches via trunk port down the line.

All is working with regards to VLANS but how do you manage the remote cisco switch ?

I setup an IP attached to VLAN 1 on the Cloudcore (192.168.100.1 /24) device then on the Cisco switch interface VLAN 1 - IP address 192.168.100.2 255.255.255.0 IP default gateway 192.168.100.1

On port 24 of the cisco switch
interface fastethernet 0/24
interface mode trunk

I have other vlans with DHCP pools on each VLAN interface of the cloud core and they carry through to ports on the switches just fine/

I just want to be able to manage the Cisco switch 192.168.100.2 remotely or cant this be done using VLAN ID 1 on the cloudcore

If i create a manegment VLAN other than VLAN id 1 i can manage the cisco switch remotely..

Thanks

pe1chl · July 20, 2020, 6:25pm

You need to add VLANs to the Cisco switch and configure an IP address on at least one of them
Then you can manage it via that address (does not need to be on VLAN 1)

djshaunvt · July 20, 2020, 6:35pm

Thanks for the reply…

It does work with other VLAN IDs..

Im trying to figure out why using VLAN ID 1 doesnt work.. Any specific reason ?

Thanks

erlinden · July 20, 2020, 7:09pm

Because you didn’t add it untagged to the trunk?
Really difficult without configuration, can you please show yours (/export hide-sensitive file=router)?

pe1chl · July 20, 2020, 7:39pm

Of course you need to decide whether you will be doing it tagged or untagged and setting BOTH ends correctly.
(native vlan on the cisco)
Probably using tagged is best. But then you need to configure it tagged at the MikroTik side as well.

djshaunvt · July 20, 2020, 7:53pm

Yes that is correct its tagged as VLAN id 1 on the Cloudcore as well as on the Cisco (Trunk VLAN allowed 1,100,101) but just cant seem to see the switches IP address even though interface VLAN one has an IP address and its not shutdown.. Very weird

djshaunvt · July 20, 2020, 7:56pm

After some searching I might just have found my answer:

native vlan means that device will never put/insert tag (VLAN ID, in you case “VLAN ID:2”) on Ethernet frame when it leaves port and also when Ethernet frame without tag go into that port device will put/insert tag defined by native vlan ( in you case VLAN ID:2). Of course native vlan relates to trunk port.

To maintain the tagging on the native VLAN and drop untagged traffic, use the vlan dot1q tag native command. The switch will tag the traffic received on the native VLAN and admit only 802.1Q-tagged frames, dropping any untagged traffic, including untagged traffic in the native VLAN.