Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
Cisco
CCST & CCNA (Entry-level & Associate)
native Vlans
biggish
Need help. Just been practicing for my exams, using Pearson test practice. There is a question about vlans and configuring a router connected to a switch, with 2 vlans.
The answer given is that the physical interface can be used as the native vlan, so you will only need 1 subinterface on the router.
Is that right? I thought that, when configuring router on a stick, you should configure the same number of subinterfaces as the number of vlans.
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
Serpente
Yea, generally you bring the physical interface up and leave it without an ip address, then configure the VLANs and IP address on the sub-interfaces. I think some older IOS versions might not allow you to set a sub-interface as a native VLAN, in which case you would use the physical interface, but for CCNA the practice is to bring up the physical interface and then configure the sub-interfaces for the VLANs.
kacper
As I understood it, anything on the native vlan is untagged. It's certainly possible to do RoAS using the native vlan but it might have unwanted effects. Anything traveling on the physical interface will be able to reach any switch port that isn't tagged (assuming no ACL or alike is in effect). Any switch port that isn't a member of a specific vlan is a member of the native vlan, which usually corresponds to number 1.
JLAW904
Every PacketTracer lab I've been doing for my LAN Swtiching class seems to have me configure a subinterface for each and every VLAN being used (including the Management & Native VLAN).
biggish
I actually thought that for every vlan, you should have a subinterface configured on the router, including the native vlan.
In a Boson practice question, what is the minimum number of subinterfaces on a router connected to a switch with 5 vlans, and the answer was 5. If the physical interface can be configured as the native vlan, then the minimum has to be 4. So either Pearson or Boson is wrong.
Whats the correct answer?
Serpente
At the CCNA level, CBT Nuggets and Odom both clearly state that the way to set up a router-on-a-stick is to have 1 sub-interface per vlan. I'm not sure if you can use the physical interface for the native VLAN and subs for the others as I haven't tried it myself, but I have heard that it's possible (I could be wrong though). Regardless, that is beyond the scope of the CCNA so if you are simply studying for the exam then all you need to know and follow is the 1 sub-interface per VLAN setup.
Dieg0M
If you use subinterfaces, you typically do not also want the physical interface to pass traffic, because the physical interface passes untagged packets. Because the physical interface must be enabled for the subinterface to pass traffic, ensure that the physical interface does not pass traffic by leaving out the
nameif command. If you want to let the physical interface pass untagged packets, you can configure the
nameif command as usual.
Cisco Security Appliance Command Line Configuration Guide, Version 7.2 - Configuring Ethernet Settings and Subinterfaces [Cisco ASA 5500-X Series Next-Generation Firewalls] - Cisco Systems
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
