Scribd
Upload
4 views3 pages

Nondefault Native VLAN

Uploaded by

chikymosera
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
4 views3 pages

Nondefault Native VLAN

Uploaded by

chikymosera
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Nondefault Native VLAN

Lab Summary
Change the native VLAN on a trunk interface from the default 1 to 999 and allow
VLAN 10, 11 and 100.

Figure 1 Lab Topology

Lab Configuration

Start Packet Tracer File: Nondefault Native VLAN

Switch-1:

Click on switch-1 icon and select CLI folder. Hit <enter> key for user mode prompt.
Step 1: Enter global configuration mode.
switch-1> enable
Password: cisconet
switch-1# configure terminal

Step 2: Enable static trunking on switch-1 interface Fa3/1 and turn off DTP frames.
switch-1(config)# interface fastethernet3/1
switch-1(config-if)# switchport mode trunk
switch-1(config-if)# switchport nonegotiate

Step 3: Change the default native VLAN 1 to nondefault native VLAN 999.
switch-1(config-if)# switchport trunk native vlan 999

Step 4: Allow only VLAN 10, VLAN 11 and VLAN 100 across the trunk interface.
switch-1(config-if)# switchport trunk allowed vlan 10-11,100
switch-1(config-if)# end
switch-1# copy running-config startup-config
Switch-2:

Click on switch-2 icon and select CLI folder. Hit <enter> key for user mode prompt.

Step 5: Enter global configuration mode.


switch-2> enable
Password: cisconet
switch-2# configure terminal

Step 6: Enable static trunking on switch-2 interface Fa3/1 and turn off DTP frames.
switch-2(config)# interface fastethernet3/1
switch-2(config-if)# switchport mode trunk
switch-2(config-if)# switchport nonegotiate

Step 7: Change the default native VLAN 1 to nondefault native VLAN 999.
switch-2(config-if)# switchport trunk native vlan 999

Step 8: Allow only VLAN 10, VLAN 11 and VLAN 100 across the trunk interface.
switch-2(config-if)# switchport trunk allowed vlan 10-11,100
switch-2(config-if)# end
switch-2# copy running-config startup-config

Step 9: Verify Lab


Verify the trunk is operational, native VLAN is 999 and VLAN 10,11,100 are allowed
across the trunk.

switch-1# show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa3/1 on 802.1q trunking 999

Port Vlans allowed on trunk


Fa3/1 10-11,100

Port Vlans allowed and active in management domain


Fa3/1 10,11,100

Port Vlans in spanning tree forwarding state and not pruned


Fa3/1 10,11,100
switch-2# show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa3/1 on 802.1q trunking 999

Port Vlans allowed on trunk


Fa3/1 10-11,100

Port Vlans allowed and active in management domain


Fa3/1 10,11,100

Port Vlans in spanning tree forwarding state and not pruned


Fa3/1 10,11,100

Lab Notes
The native VLAN is assigned to the default VLAN 1 by default. Cisco recommends
you assign the native VLAN to any other available VLAN for security purposes. The
native VLAN number must match between neighbor switch interfaces to prevent
VLAN hopping.

You might also like