VLAN and trunking issues can cause communication failures between devices in different VLANs. Below is a step-by-step guide to diagnose and resolve VLAN and trunking problems.
1. Check VLAN Configuration
Issue: Devices in the same VLAN cannot communicate.
Solution:
- Verify the VLAN exists on the switch:bashCopyEdit
show vlan brief - If the VLAN is missing, create it:bashCopyEdit
configure terminal vlan 10 name Sales exit - Ensure the ports are assigned to the correct VLAN:bashCopyEdit
show interfaces GigabitEthernet0/1 switchport- If needed, assign the correct VLAN:bashCopyEdit
interface GigabitEthernet0/1 switchport mode access switchport access vlan 10
- If needed, assign the correct VLAN:bashCopyEdit
- If the device still cannot communicate, check if the VLAN is allowed on the trunk.
2. Verify Trunk Links
Issue: Devices in different VLANs cannot communicate across switches.
Solution:
- Check if the port is in trunk mode:bashCopyEdit
show interfaces trunk- If the port is missing, it is not operating as a trunk.
- Enable trunk mode manually:bashCopyEdit
interface GigabitEthernet0/1 switchport mode trunk - Check if VLANs are allowed on the trunk:bashCopyEdit
show interfaces trunk- If VLANs are missing, allow them manually:bashCopyEdit
interface GigabitEthernet0/1 switchport trunk allowed vlan 10,20,30
- If VLANs are missing, allow them manually:bashCopyEdit
3. Check Native VLAN Mismatch
Issue: Trunk is up, but VLAN traffic is not passing correctly.
Solution:
- Verify native VLANs on both ends of the trunk:bashCopyEdit
show interfaces trunk- If one switch has VLAN 1 as native and another has VLAN 99, packets may be dropped.
- Fix the mismatch by setting the same native VLAN on both switches:bashCopyEdit
interface GigabitEthernet0/1 switchport trunk native vlan 99
4. Check Spanning Tree (STP) Blocking
Issue: Some VLANs work, others don’t.
Solution:
- Check if STP is blocking the trunk port:bashCopyEdit
show spanning-tree interface GigabitEthernet0/1 - If a port is in blocking mode, try:bashCopyEdit
show spanning-tree vlan 10- If STP is incorrectly blocking the trunk, consider changing the STP priority:bashCopyEdit
spanning-tree vlan 10 priority 4096 - If needed, manually enable the port:bashCopyEdit
interface GigabitEthernet0/1 no shutdown
- If STP is incorrectly blocking the trunk, consider changing the STP priority:bashCopyEdit
5. Check Inter-VLAN Routing Issues
Issue: Devices in different VLANs cannot communicate.
Solution:
- If VLANs need to communicate, a router or Layer 3 switch is required.
- Verify if SVIs (Switched Virtual Interfaces) are configured:bashCopyEdit
show ip interface brief - If missing, create an SVI for each VLAN:bashCopyEdit
interface vlan 10 ip address 192.168.10.1 255.255.255.0 no shutdown - Ensure the default gateway is set on end devices:
- If VLAN 10 uses 192.168.10.1, set this as the gateway.
6. Check VTP Configuration
Issue: VLANs are not propagating between switches.
Solution:
- Verify VTP mode:bashCopyEdit
show vtp status- Ensure one switch is in VTP Server mode and others are in VTP Client mode.
- If VLANs are not syncing, try resetting the VTP revision number:bashCopyEdit
vtp mode transparent vtp mode client
7. Check for DTP Issues (If Trunk is Not Forming)
Issue: Trunk mode is not working.
Solution:
- Verify the DTP mode on both ends:bashCopyEdit
show interfaces switchport - If both ports are dynamic auto, no trunk will form. Change one side to dynamic desirable:bashCopyEdit
interface GigabitEthernet0/1 switchport mode dynamic desirable - If connecting to a non-Cisco switch, disable DTP:bashCopyEdit
switchport mode trunk switchport nonegotiate
8. Restart the Trunking Process (Last Resort)
If all configurations are correct but the VLAN is still not passing traffic, restart the trunk port:
interface GigabitEthernet0/1
shutdown
no shutdown
Summary of Key Troubleshooting Commands
| Command | Purpose |
|---|---|
show vlan brief | Checks if VLANs exist on the switch. |
show interfaces trunk | Verifies which ports are in trunk mode. |
show interfaces switchport | Displays VLAN and trunk settings on an interface. |
show spanning-tree interface Gi0/1 | Checks if STP is blocking the port. |
show vtp status | Confirms VTP domain, mode, and VLAN propagation. |
show ip interface brief | Verifies if SVI (inter-VLAN routing) is configured. |
show cdp neighbors | Confirms if the switch is connected to the expected devices. |
Best Practices to Avoid VLAN and Trunk Issues
✅ Manually configure trunk ports (switchport mode trunk).
✅ Disable DTP (switchport nonegotiate) unless auto-negotiation is needed.
✅ Ensure native VLANs match on both ends of a trunk.
✅ Use show interfaces trunk to verify allowed VLANs.
✅ Check STP (show spanning-tree) to prevent VLAN blocking.
The Lazy Networker 
Leave a comment