cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dlbdlb
New Contributor

Can't get network access when native vlan is 1

Jump to solution

I have a NetVanta 1224ST configured with 3 vlans. 1 for servers 101 for users 102 for phones. Our servers are directly connected to an HP ProCurve and untagged on vlan 1. The 1224ST is connect via port 24 to port A1 on the HP. All ports on the 1224ST are set to switchport mode trunk. All are native to 101 except port 24, it doesn't have a native. I'm trying to set port 1 to native vlan 1 but when I do so, I have no access to the LAN. VLAN 1 and 102 are currently set to 'no ip address' and 'shutdown'. When I give them an ip address and do no shutdown, vlan 101 shuts down. Can I only have one vlan with an ip address? And what am I doing wrong to set port 1 to default to the server vlan?

dlb

Labels (2)
0 Kudos
1 Solution

Accepted Solutions
Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

The magic words in your last post are "without the phone"....   If you want to plug a PC, server or printer directly into the switch, that port must be configured for "mode access".

When the PC is connected to the phone, the phone is acting as a switch and the phone is tagging the data.

View solution in original post

0 Kudos
14 Replies
Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

The 1224ST is a Layer 2 switch so there will only be 1 VLAN interface with an IP address active. This is the IP address used to manage the switch.

If your 3 VLANs are on different subnets you will need a layer 3 switch or a router to route traffic between the VLANs/subnets. VLAN 101 is 10.10.1.0/24. What are the subnets for VLAN 1 and VLAN 102?

The native VLAN on port eth 0/24 is 1, it does not show up in the config since it is the default.

Reference Configuring InterVLAN Routing in AOS - Quick Configuration Guide for a good explanation of VLANs & how to route between them.

https://supportforums.adtran.com/servlet/JiveServlet/downloadBody/2281-102-1-2410/Configuring%20Inte...

dlbdlb
New Contributor

Re: Can't get network access when native vlan is 1

Jump to solution

VLAN 1 is 10.1.10.0/24

VLAN 102 is 10.10.2.0/24

I do have a router connected to the HP Switch. It's actually a SonicWALL NSA 2400. When I'm native to vlan 101, I can access hosts on all three vlans. But for some reason, when I'm native to vlan 1, I can't see the router. If I plug into a port on the HP switch, I can attach to vlan 1, can see the router and get an IP address from the DHCP server.

dlb

Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

Adtran treats VLAN 1 as the native VLAN on its switches. Even if you assign another VLAN (ie 101, 102) to a switchport, you should leave VLAN 1 as the native VLAN unless you have a very specific reason for changing it.

When you configure an interface as a trunk, it allows traffic from all VLANs (if you configure it). It will not tag traffic. You wrote that the servers on the HP are not tagged. When the traffic from the servers traverses the trunk, on what VLAN do you want that traffic to appear?

New Member is correct, you need an L3 switch or a network router to route traffic between VLANs.

dlbdlb
New Contributor

Re: Can't get network access when native vlan is 1

Jump to solution

Sorry for the late response. Got stuck in some meetings yesterday.

If I attach a server to the switch, I'd like it to traverse vlan 1. If I have a user attached to the switch I want them to traverse vlan 101.

HP switches are a little different than most. You can't set them to trunk mode like you do on Adtran's. With HP you have three options for each vlan: No, Tagged or Untagged. Since my servers are vlan unaware, I have them in ports assigned as untagged for vlan 1. Same thing for any user pc attached, they are untagged for vlan 101.

When I try setting port 1 as an access port for vlan 1, I still can't get it to see the lan. I'm at a loss.

Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

Tagged ports are VLAN ports. VLANs work by adding tag info to the data packet.

I've not configured an HP switch for several years. I have configured quite a few N-TRON industrial switches to work with Adtran VLANs. N-TRON provides similary options.

If HP is allowing you to specify tagged or untagged, then they probably allow you to specify a default or private ID for each port. If you tag the data coming in on a port with ID #1, then it will reside on VLAN 1. If you tag the data coming in on a port with ID #101 then it will reside on VLAN 101.

Any ports that are on the same VLAN can communicate across one or more switches.

Untagged ports on the HP switch are probably the same as Adtran trunks. A trunk port allows all traffic to pass through the port. Untagged ports typically behave the same way UNLESS they remove the tags from the data packets. You may have to investigate your HP documentation further.

You can conduct a simple test. Set up VLAN 101 on a port on the HP switch and on a port on the Adtran switch. Configure a trunk port on the Adtran switch and connect it via a patch cable to an untagged port on the HP switch. See if data traverses the two switches and devices connected to VLAN 101 on each switch can communicate. If data crosses the connection then you've successfull set up a trunk.

To test further, set up VLAN 1 on a port on the HP switch and on a port on the Adtran switch. Leave VLAN 101 configured. Connected devices to these two ports and see if they can communicate. If they can then you can be assured that you have a trunk connection between the HP and the Adtran.

In order to allow traffic to pass from VLAN to VLAN, you will need a level 3 (L3) switch or a router. I can't help you with the Sonic Wall.

Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

One thing that I just noticed is that you have all of your ports on the 1224ST set to mode trunk. If you are connected devices, PCs, servers, printers, etc. to those ports then they should be set to mode access. Further, the access should be assigned to the VLAN that you want them to use.

When data leaves a PC or server, it is not tagged. The switch tags the data with the VLAN ID assigned to the port. If the port is set to mode trunk, the data will not be tagged and it will probably die somewhere in route.

dlbdlb
New Contributor

Re: Can't get network access when native vlan is 1

Jump to solution

I wasn't the one who setup the switch. But I was told they were all setup as trunk ports because each user PC first connects to an IP phone and the IP Phone to the Adtran switch. Is there a way to set them as access ports and still have both vlan 101 and 102 flow across the same cable?

dlb

Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

I'm not sure what type of IP phones that you have. However, IP phones usually do tag data with VLAN and class of service info. Often, an IP phone will boot from a TFTP server over VLAN 1 and then switch VLANs. In that case, yes, the ports must be trunks because you do not want them tagging the data or rejecting it because it is on the wrong VLAN.

If you want the IP phones on one VLAN and the PCs on a separate VLAN but the PC data passes through the phone, you need to research the configuration of the phone. Is it tagging the PC data and if so, how does it know what VLAN ID to use for PC data.

Sincerely,

Bradley Rinehart

This document contains information intended for the persons to which it was originally addressed. Some of this information may be confidential. If you received this document in error, please telephone me at the number listed above and then immediately delete the document.

dlbdlb
New Contributor

Re: Can't get network access when native vlan is 1

Jump to solution

We have Avaya 5610SW's and I have no problem with them seeing the call router and the PCs seeing the network. They are set to be native on vlan 101 so that the pc's which are vlan unaware will see the dhcp server and get an ip. The phones see the dhcp server and are told to go to vlan 102 to get an ip. All that works great. But if plug a PC (without a phone) to a port and make it native to vlan 1, I can't see anything on the lan. Even if I switch it to access mode.

dlb

Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

The magic words in your last post are "without the phone"....   If you want to plug a PC, server or printer directly into the switch, that port must be configured for "mode access".

When the PC is connected to the phone, the phone is acting as a switch and the phone is tagging the data.

0 Kudos
dlbdlb
New Contributor

Re: Can't get network access when native vlan is 1

Jump to solution

Right. And I was trying it in access mode with no luck. But I did figure it out. Obviously it wasn't a problem with the Adtran. The 1224st was connected to the hp switch on a port that was tagged on all 3 vlans. When I untagged vlan 1 I got it to work.

Thanks for your help bc and mk.

dlb

Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

OK, sounds good.

Can you mark the correct answers please?

Message was edited by: adtran-support - removed private contact information

dlbdlb
New Contributor

Re: Can't get network access when native vlan is 1

Jump to solution

I thought I did mark the correct answer. Should I pick a different correct answer?

dlb

Anonymous
Not applicable

Re: Can't get network access when native vlan is 1

Jump to solution

Oops, sorry. I didn't refresh the page in the browser.

My mistake.

Brad