Can't switch vlan1 administration port

Brahim O · ‎09-17-2022

Hi guys,

I have a strange issue and after spending hours on googling and getting head ach, it would be apreciated if you could give me a hand please.

I using a lab on packet tracer, i have 3 vlans :

	Network Address	Slash	Mask	Usable Range	Broadcast
VLAN-X > 7	192.168.1.0	/26	255.255.255.192 0.0.0.63	192.168.1.1 - 192.168.1.62	192.168.1.63
VLAN-Y > 15	192.168.1.64	/26	255.255.255.192	192.168.1.65 - 192.168.1.126	192.168.1.127
VLAN-Z > 22	192.168.1.128	/26	255.255.255.192	192.168.1.129 - 192.168.1.190	192.168.1.191

I can ping from each vlan wihtout any issue. I set IP config + default gateway on my vlan 1 interfaces on my switches :

Swiytch 1 :

interface Vlan1

ip address 192.168.1.130 255.255.255.192

ip default-gateway 192.168.1.129

Switch 2 :

interface Vlan1

ip address 192.168.1.131 255.255.255.192

ip default-gateway 192.168.1.129

My 2 vlan1 interfaces are able to reach each other, but i cant ping my gateway! I'am wondering what's wrong in there ?

Here is my Router configuration :

Building configuration...

Current configuration : 2259 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname ROUTER1
!
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
ip cef
no ipv6 cef
!
!
license udi pid CISCO2911/K9 sn FTX15247MF6-
!
!
ip ssh version 2
no ip domain-lookup
ip domain-name span.com
!
!
spanning-tree mode rapid-pvst
spanning-tree portfast default
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.7
encapsulation dot1Q 7
ip address 192.168.1.1 255.255.255.192
!
interface GigabitEthernet0/0.15
encapsulation dot1Q 15
ip address 192.168.1.65 255.255.255.192
!
interface GigabitEthernet0/0.22
encapsulation dot1Q 22
ip address 192.168.1.129 255.255.255.192
!
interface GigabitEthernet0/1
ip address 192.168.1.193 255.255.255.192
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
router-id 7.7.7.7
log-adjacency-changes
network 192.168.1.0 0.0.0.63 area 10
network 192.168.1.64 0.0.0.63 area 10
network 192.168.1.128 0.0.0.63 area 10
network 192.168.1.192 0.0.0.63 area 10
!
ip classless
!
ip flow-export version 9
!
!
end

What did i missed please ? Thank you.

Brahim O · ‎09-17-2022

balaji.bandi · ‎09-18-2022

The high level you need to switch to switch port-channel config with trunk mode - so all the vlan allowed.

on the switch connected to Router 2911 (what config is applied ?) Trunk ?

interface gi0/2
switchport trunk encapsulation dot1q
switchport mode trunk

no shutdown

For good practice, I would change as below :

Swiytch 1 :

vlan 7,15,22

no interface Vlan1

interface Vlan22

ip address 192.168.1.130 255.255.255.192

no shutdown

ip default-gateway 192.168.1.129

Switch 2 :

vlan 7,15,22

no interface Vlan1

interface Vlan22

ip address 192.168.1.131 255.255.255.192

no shutdown

ip default-gateway 192.168.1.129

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Brahim O · ‎09-18-2022

Hi Balaji ! Thank your for your support

Well, here is my gi0/2 interface config on my switch COMM1 :

interface GigabitEthernet0/2

switchport mode trunk

interface Vlan1

ip address 192.168.1.130 255.255.255.192

ip default-gateway 192.168.1.129

I tried to modify the SW config like mentionned but no chance! Seems that the command does not exist on packet tracer ?

Could you please explain me in details your second advice regarding best practices ? I did not catch the first line : vlan 7,15,22 ? Do i have to execute the routine for all vlans ?

vlan 7,15,22

no interface Vlan1

interface Vlan22

ip address 192.168.1.130 255.255.255.192

no shutdown

ip default-gateway 192.168.1.129

Thank you very much

balaji.bandi · ‎09-19-2022

as suggested if you make native VLAN as 22, you do not need to modify anything other stuff. but the switch act just like Layer2

You need to have VLAN in place for others to work. VLAN 7,15,22 (this means you creating VLAN on switch) - by default only VLAN 1 come with Cisco switches.

i was suggesting we do not use vlan 1 as default, so we suggest using different VLAN as best practice.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Brahim O · ‎09-19-2022

Hi Balaji,

After getting some white hair, i finally reconfigured my vlan1 like following on my switches! I dont use the vlan1 anymore. Juste configured vlan22 with the correct ip configuration + GW and now i'am able to reach my swicthes from vlan 22.

Test ping after reconfiguration :

Thank you for putting me on the right direction !

My issue is solved. Let's continue on my lab now to the next challenge

Regards

balaji.bandi · ‎09-20-2022

Glad suggestion worked and thank you for confirming all working, we close as solution now. that will be helpfull for other community members.,

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

paul driver · ‎09-18-2022

Hello
The ROAS has vlan 22 as your mgt vlan however its being tagged for vlan 22 but your other switches mgt addressing is in vlan 1 (untagged) for the same subnet, make the following changes on the rtr and and test again>

interface GigabitEthernet0/0.22
encapsulation dot1Q 22 native

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Brahim O · ‎09-18-2022

Hi Paul ! Thanks a lot for your reply.

When i apply your recommendation, in fact i can ping the default gateway 192.168.1.129 from the switch but none of my other PC can join each other ! It's seems its break the routing between vlans.

Thank you