Configure trunk port between 2 SG500 switches

Hi all,
I'm trying to do what seems to be a simple task but cannot get it to work.  I've very familiar with the Cisco commands on 2900 all the way up to 6500 series switches.  The SG500 has me stumped.  I have 3 switches, sw1, sw2, sw3.  sw1 and sw2 are stacked.  sw3 is standalone and in a different part of the building, maybe 25ft away.  All I want to do is set up a trunk port between the stack and the standalone.  In going by past experience, I would set the port as :
- switchport mode trunk
- switchport trunk allowed vlan 2,3,4
The SG makes me specify tagged or untagged - which is fine.  So any vlan I want to move across the trunk i tag, obviously.  I do everything as I've done for years and it doesn't work.  VLAN1 is untagged, all VLANs I want to flow are allowed and tagged. 
I'm quickly realizing I should have bucked up and just bought what I'm used to but I didn't have a choice in the matter.
Any help would be great!
Shawn

Hi Shawn, something is the matter if the switch is asking you for tagged or untagged. The only reason it should be requesting a tag or untag statement is from a general port mode.
The command syntax for the function is exactly the same as an IOS switch
switchport mode trunk
switchport trunk allowed vlan add 2,3,4
Just like a Catalyst, if you use switchport trunk allowed vlan x,x,x it won't take the command as insufficient privilege or whatever the error it gives, suffice it say it doesn't really do anything without the add(or remove).
-Tom
Please mark answered for helpful posts

Similar Messages

  • Can I use straight cable to connect trunk ports between 2 switches?

    Hi,
    Am I able to use straight instead of cross cable to connect trunk ports between 2 switches??
    thanks!

    Hi Devang,
    When a 10/100 Fast Ethernet interface is enabled, one end of the link must perform media dependent interface (MDI) crossover (MDIX), so that the transmitter on one end of the data link is connected to the receiver on the other end of the data link (a crossover cable is typically used).
    The Auto-MDIX feature eliminates the need for crossover cabling by performing an internal crossover when a straight cable is detected during the auto-negotiation phase.
    HTH, if yes please rate the post.
    Ankur

  • Configuring a port on a 2950 switch

    I have inherited a couple of Cat-2950 switches and noticed the following config on ports:
    interface GigabitEthernet0/1
    description blade1
    switchport access vlan 65
    switchport trunk native vlan 2
    switchport trunk allowed vlan 2-4094
    switchport mode access
    spanning-tree portfast trunk
    spanning-tree bpdufilter enable
    when I do a show port, the port is in static access mode, not the trunk mode. Can anybody please shed the light on why configure the trunking native vlan and trunk allowed vlan if the port is in access mode?
    thanks.

    Probably those could be configs that the previous owner forgot to take out, (first a trunk port, which was reconfigured as a access port).
    Unless
    switchport mode trunk
    switchport trunk encap dot1q, this will not become a trunk.

  • How to check trunk port on 3548 xl switch

    Hi all,
    i have 3548 xl switch  i know on other switches i can use command
    sh int trunk  but on this switch it  does not work.
    do anyone knows which command we can use  to check trunk ports other then this
    sh int fa switchport???????????
    thanks
    mahesh

    Hi all,
    i have 3548 xl switch  i know on other switches i can use command
    sh int trunk  but on this switch it  does not work.
    do anyone knows which command we can use  to check trunk ports other then this
    sh int fa switchport???????????
    thanks
    mahesh
    Hi Mahesh,
    What error it shows when you issue show interface trunk on switches ..
    Ganesh.H

  • Configure trunk ( dot1q)between Linxux server and a cisco 6500

    Want to know the proper way to configure a trunk on a cisco cat os switch... I'm ruunning a Linux server with the monitoring utility Nagios and I need it to access all my VLANS.
    Ex:
    Running
    On my Linux Server 2 network Interfaces on 10.30.32.11 and 10.30.33.11
    My switch has vlans 31,32,33,34,44,54,64
    Say the the linux server plugs into 6/20 6/21
    Do I first assign each port to a vlan ?
    And then do
    Set trunk 6/20 on dot1q 31-64
    Set trunk 6/21 on dot1q 31-64

    Does the NIC on the server support trunking? You do not need to assign the ports to every VLAN but just one which will be your Native VLAN(Vlan 1 by default).

  • TRUNK PORTS (HELP URGENT)

    Dear all
    Last night I configured the trunk ports between all my switches, Its a redundant circuit. I did the last one that plugs back into the core switch and it took all of my building out, I could not get to any other switch, For some reason spanning tree blocked the trunk ports that I set up on the last switch !!!!
    When setting up trunks between switches I presume you have to set 2 trunks per switch ? i.e 1 trunk to previous switch and another to the next switch !!!!
    I have never been so scared !!!!

    here are the configs,
    here is the backbone
    version 12.1
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    hostname TK-BACKBONE-3550
    enable secret xxxx
    enable password xxx
    ip subnet-zero
    spanning-tree mode pvst
    spanning-tree extend system-id
    interface GigabitEthernet0/1
    switchport mode dynamic desirable
    interface GigabitEthernet0/2
    switchport mode dynamic desirable
    interface GigabitEthernet0/3
    switchport mode dynamic desirable
    interface GigabitEthernet0/4
    switchport mode dynamic desirable
    interface GigabitEthernet0/5
    switchport mode dynamic desirable
    interface GigabitEthernet0/6
    switchport mode dynamic desirable
    interface GigabitEthernet0/7
    switchport trunk encapsulation dot1q
    switchport mode dynamic desirable
    interface GigabitEthernet0/8
    switchport mode dynamic desirable
    interface GigabitEthernet0/9
    switchport mode dynamic desirable
    interface GigabitEthernet0/10
    switchport mode dynamic desirable
    interface GigabitEthernet0/11
    switchport mode dynamic desirable
    interface GigabitEthernet0/12
    switchport mode dynamic desirable
    interface Vlan1
    ip address 10.1.2.30 255.0.0.0
    interface Vlan200
    no ip address
    ip default-gateway 10.1.1.1
    ip classless
    ip http server
    snmp-server community public RO
    line con 0
    line vty 0 4
    password xxx
    login
    line vty 5 15
    password xxx
    login
    end
    here is the last switch in the circuit
    version 12.1
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    hostname BCR-2950-2
    enable secret xxxx
    enable password xxx
    ip subnet-zero
    no ip finger
    interface FastEthernet0/1
    interface FastEthernet0/2
    interface FastEthernet0/3
    interface FastEthernet0/4
    interface FastEthernet0/5
    interface FastEthernet0/6
    interface FastEthernet0/7
    interface FastEthernet0/8
    interface FastEthernet0/9
    interface FastEthernet0/10
    interface FastEthernet0/11
    interface FastEthernet0/12
    interface FastEthernet0/13
    interface FastEthernet0/14
    interface FastEthernet0/15
    interface FastEthernet0/16
    interface FastEthernet0/17
    interface FastEthernet0/18
    interface FastEthernet0/19
    spanning-tree portfast
    interface FastEthernet0/20
    interface FastEthernet0/21
    interface FastEthernet0/22
    interface FastEthernet0/23
    interface FastEthernet0/24
    interface GigabitEthernet0/1
    interface GigabitEthernet0/2
    interface Vlan1
    ip address 10.1.2.24 255.0.0.0
    no ip route-cache
    ip default-gateway 10.1.1.1
    no ip http server
    snmp-server engineID local xxxx
    snmp-server community private RW
    snmp-server community public RO
    line con 0
    exec-timeout 0 0
    transport input none
    line vty 0 4
    password parker2710
    login
    line vty 5 15
    password parker2710
    login
    end
    hope this helps
    Carl

  • Switch trunking ports

    Hello,
    If I have switch A that has 3 vlans with ip addresses in other words 3 switch virtual interfaces and I configure one  port as a switchport trunk that has the following commands switchport trunk mode and encapulasation dot1q.   Now if I want connect to another switch B to allow those same vlans to go accross and then put 5 ports in those 3 vlans. The port from switch B that connects to switch A I would configure with the following commands  switchport mode trunk and  encapulasation dot1 my question is do I just configure on both switch ports switchport trunk allowed vlan all for devices from both switches in the same vlans to talk to each other or do I still need to add more commands to both switches like add the same svi from switch A to Switch B?

    Hi Horacio
    It sounds like you are pretty much there from reading your original post.
    Using the following commands creates a trunk port between the switches:
    #switchport trunk encapsulation dot1q
    #switchport mode trunk
    If you use these commands on both the switches you are connecting together, you should get a trunk port form and by default this allows all vlans to pass traffic across it.
    If you want to restrict the trunk so that it only passes traffic for specific vlans, this can be achieved using the following command:
    #switchport trunk allowed vlan [X]
    Replace the [X] with the vlans you want to allow. Make sure you do this both sides otherwise you may find one side sending traffic which is dropped by the other side.
    Make sure the Layer 2 Vlans exist on both switches. The SVI you mentioned with be the default gateway for hosts in that Vlan and only needs to exist on the switch which is performing the intervlan routing, you do not need an SVI on each switch for every Vlan.
    Hope this helps

  • 10 Gig Trunk Port

    I'm setting up two 3750E switches on a bench prior to installing them  - with a ten Gig port trunk port between them. I am running PVST and have pretty standard switch configuration.   Show span indicates that all my vlans are forwarding between the ports but the packet rate keeps increasing as if its in a loop.  Must be something obvious but can't find it - is there anything special you have to do to those ten GIG Modules to get them to work.
    # interface ten gig 1/0/2
    # sw trunk enc dot1q
    # sw mode trunk
    # sw nonegotiate

    pardon me. I thought you are saying that packets are dropping but you are talking about STP loop.
    As mentioned in other post, check  if this link creating STP loop because of UDLD ?  Maybe one of your cable not working or some other reason.
    Though in LR you dont need an attenuator but check the power levels at both sides.Are they within receiver sensitivity? as you must be  connecting back to back just with patch cables.

  • Port Groups on Multiple switches

    Is it possible to create a port group that contains ports from multiple physical switches. We are using Catalyst 3500 series switches that are connected to a Catalyst 6509 running layer 3.

    The Etherchannel do not HAVE to be on the same switch.
    You may configure an etherchannel between 3 physical switches :
    cf http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_example09186a00806cb982.shtml
    a document called "Cross-Stack EtherChannel on a Catalyst 3750 Switch Configuration Example"

  • Catalyst 6500 Block Switching Between Trunk Ports

    Hello all,
    I have a Catalyst 6509-E with SUP2T and a WS-68xx series SFP line card. On this line card I will have 5 trunk connections going to ME3400 4 port access switches. There is one tagged VLAN allowed on all trunk ports and it is the same across them all. I need to have one trunk connection be allowed to switch to all ports within this VLAN and the remaining 3 ports be denied to switch between eachother. The remaining three ports would only be able to switch to the primary trunk port.
    For informational purposes I want to point out that the downstream ME3400 access switches are performing QinQ on each connection so that when the traffic reaches the 6509 it will be double tagged.
    Traditionally I have been able to do this on 12 port ME3400s using the built in UNI/NNI structure and on ME3800/3600 switches using EVCs and the "split-horizon" keyword on the bridge domain. However, the 6500 doesn't seem to support either one of these commands.
    Does anyone have any ideas on how to accomplish this?

    I'm really not all that savvy on private VLANs but I did look at them as an option. Would they be affective on trunk ports? Most config examples I have seen have shown them applied on access ports.
    Can't see switchport protected:
    6509(config-if)#switchport protected
                                              ^
    % Invalid input detected at '^' marker.

  • Catalyst 6500 Block Switching Between Trunk Port

    Hello all,
    I have a Catalyst 6509-E with SUP2T and a WS-68xx series SFP line card. On this line card I will have 5 trunk connections going to ME3400 4 port access switches. There is one tagged VLAN allowed on all trunk ports and it is the same across them all. I need to have one trunk connection be allowed to switch to all ports within this VLAN and the remaining 3 ports be denied to switch between eachother. The remaining three ports would only be able to switch to the primary trunk port.
    For informational purposes I want to point out that the downstream ME3400 access switches are performing QinQ on each connection so that when the traffic reaches the 6509 it will be double tagged.
    Traditionally I have been able to do this on 12 port ME3400s using the built in UNI/NNI structure and on ME3800/3600 switches using EVCs and the "split-horizon" keyword on the bridge domain. However, the 6500 doesn't seem to support either one of these commands.
    Does anyone have any ideas on how to accomplish this?

    Duplicate posts. 
    Go here:  https://supportforums.cisco.com/thread/2261414

  • How to configure a port channel with VLAN trunking (and make it work..)

    We're trying to configure a port channel group with trunked ports to connect a NetApp HA pair. We want to create two data LIFs and connect them to the switch stack.  We are trying to create 2 data lifs, one for cifs and one for nfs that are on different vlans.
    We want the same ports to be able to allow multiple vlans to communicate. (trunked)
    These data lifs should be able to fail over to different nodes in the HA pair and still be able to communicate on the network.
    What this means is that we have to connect 4 ports each for each node in the NetApp HA Pair to the switches and create a port channel of some type that allows for trunked vlans. When we configure the ports, the configuration is as follows (below):
    We are only able to configure an IP on one of the vlans.
    When we configure an IP from another vlan for the data lif, it does not respond to a ping.
    Does anyone have any idea what I'm doing wrong on the Cisco switch?
    interface GigabitEthernet4/0/12
    description Netapp2-e0a
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    channel-protocol lacp
    channel-group 20 mode active
    end
    interface GigabitEthernet4/0/13
    description Netapp2-e0c
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    channel-protocol lacp
    channel-group 20 mode active
    end
    interface GigabitEthernet6/0/12
    description Netapp2-e0b
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    channel-protocol lacp
    channel-group 20 mode active
    end
    interface GigabitEthernet6/0/13
    description Netapp2-e0d
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    channel-protocol lacp
    channel-group 20 mode active
    end
    interface Port-channel20
    description Netapp2-NFS
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    spanning-tree portfast
    spanning-tree bpduguard enable
    end

    Our problem was fixed by the storage people.  They changed the server end to trunk, and the encapsulation / etherchannel.
    I like all the suggestions, and they probably helped out with the configuration getting this to work.
    Thanks!
    interface Port-channel20
    description Netapp2-NFS
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    switchport mode trunk
    interface GigabitEthernet4/0/12
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    switchport mode trunk
    channel-protocol lacp
    channel-group 20 mode active
    interface GigabitEthernet4/0/13
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    switchport mode trunk
    channel-protocol lacp
    channel-group 20 mode active
    interface GigabitEthernet6/0/12
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    switchport mode trunk
    channel-protocol lacp
    channel-group 20 mode active
    interface GigabitEthernet6/0/13
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 10,20,511,519
    switchport mode trunk
    channel-protocol lacp
    channel-group 20 mode active

  • Best practices for configure Rogue Detector AP and trunk port?

    I'm using a 2504 controller.  I dont have WCS.
    My questions are about the best way to configure a Rogue Detector AP.
    In my lab environment I setup the WLC with 2 APs.  One AP was in local mode, and I put the other in Rogue Detector mode.
    The Rogue Detector AP was connected to a trunk port on my switch.  But the AP needed to get its IP address from the DHCP server running on the WLC.  So I set the native vlan of the trunk port to be the vlan on which the WLC management interface resides.  If the trunk port was not configured with a native vlan, the AP couldn't get an address through DHCP, nor could the AP communicate with the WLC.  This makes sense because untagged traffic on the trunk port will be delivered to the native vlan.  So I take it that the AP doesn't know how to tag frames.
    Everything looked like it was working ok.
    So I connected an autonomous AP (to be used as the rogue), and associated a wireless client to it.  Sure enough it showed up on the WLC as a rogue AP, but it didn't say that it was connected on the wire.  From the rogue client I was able to successfully ping the management interface of the WLC.
    But the WLC never actually reported the rogue AP as being connected to the wired network.
    So my questions are:
    1. What is the correct configuration for the trunk port?  Should it not be configured with a native vlan?  If not, then I'm assuming the rogue detector AP will have to have a static IP address defined, and it would have to be told which vlan it's supposed to use to communicate with the WLC.
    2.  Assuming there is a rogue client associated with the rogue AP, how long should it reasonably take before it is determined that the rogue AP is connected to the wired network?  I know this depends on if the rogue client is actually generating traffic, but in my lab environment I had the rogue client pinging the management interface of the WLC and still wasn't being picked up as an on-the-wire rogue.
    Thanks for any input!!

    #what's the autonomous AP's(as Rogue AP) Wired and Wireless MAC address?
    it has to be +1 or -1 difference. If Wired MAC is x.x.x.x.x.05 and the wireless mac should be x.x.x.x.x.04 or 06. It is not going to detect if the difference is more than + 1 or - 1.
    #Does the switch sees the Rogue AP's wired MAC on its MAC table.
    Rogue Detector listens to ARPs to get all the Wired MAC info and forwards to WLC, It compares with Wireless MAC, if there is a +1 or -1 difference then it will be flagged as Rogue on wire. And the client that connected to it is also marked as found on wire.
    Regards to Trunking, Only Native vlan matters per trunk link, just configure the right vlan as native and we're done.
    It is not mandatory to keep the Rogue detector on Management vlan of wlc. It can also be on L3 vlan also as long as it can join the WLC to forward the learnt wired MACs.
    So if we don't have +1, -1 difference on Rogues then you've to use RLDP which will work with your existing setup to find Rogue on wire. there's a performance hit when we use this feature on local mode APs.
    Note: For AP join - AP can't understand Trunk, meaning if AP connected to Trunk it'll only talk to its native vlan irrespective of AP mode, however rogue detector listens to the Trunk port to learn MACs via ARPs from different VLANs and forwards to WLC using native vlan.

  • Trunk config between two 6500 cat switches

    Hi All,
    What is the recommended trunk configuration between 2 cisco 6500 switches including hsrp scenario.
    Thanks

    Hi Samir,
    In almost all scenarios, its recommended to have 'dot1q' encapsulation and a static trunk config 'switchport mode trunk'. Matching the native VLAN on both sides is required and will be VLAN1 by default.
    When configuring trunks, you should be mindful of VTP, trunk and STP states. Reviewing the following for mismatches between your Cat6K will help:
    - show vtp status
    - show interfaces trunk
    - show spanning-tree
    In terms of HSRP, it is also recommended to run HSRP active in the same location as STP Root to avoid any asynchronous routing problems.
    /ijay

  • Multiple trunk ports on switch

    How many ports on a 2950 can be configured as dot1q trunks? I need to place an intermediary switch in my network to pass trunk data beween 10 other Cisco switches and therefore need to configure 10 ports as trunk ports. Is this possible or would a different switch work better for this purpose?

    Hi Scott,
    There's no limitation on the number of trunk ports you can configure. However, there is a switch-wide limitation of 64 instances of Spanning Tree. In other words, you can only have 64 active VLANs on the switch.
    See:
    http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12119ea1/2950scg/swstp.htm#1150172
    HTH,
    Bobby
    *Please rate helpful posts.

Maybe you are looking for