Meraki Community

jotech · ‎Oct 25 2023

I am having real trouble setting up and configuring VLANs on my MX68.

I am able to set up VLANs in the "Addressing and VLANs" settings page: (I've blurred out the ones I don't care about)

I then assign them to individual LAN ports:

I have three Managed Switches. One in Port 3, another in port 6 and another in port 10. These are all on different VLANs. I also have a server (including a DHCP server) on Port 4, in VLAN 3, same VLAN as one of the switches.

The two switches in ports 3 and 6 are completely default settings. They get a DHCP address from the server and any devices connected to them also work fine. They can communicate with each other as I have set up firewall rules to allow this.

The switch on Port 10 only seems to allow access if I configure the port in Access mode, not Trunk mode like the others. I have set a static IP on this switch (in the VLAN range - 10.0.0.2), but other than that everything else is standard. This all works.

The issue arrises when I try to configure the third switch (on Port/VLAN 10) to use VLAN tagging. I want to be able to use VLAN 10 and VLAN 11 on this switch. I followed this guide:

https://kb.netgear.com/11673/How-do-I-setup-a-VLAN-trunk-link-between-two-NETGEAR-switches?language=... and everything looks fine but I completely loose connection to the network.

I think this might be related to having to change Port 10 from Access to Trunk. But I do set it with the correct VLAN settings:

I am unable to access or ping any other device on the network, even the Meraki.

Hoping you can point me in the right direction.I'm happy to answer and questions or clarify anything!

PhilipDAth · ‎Oct 25 2023

This is really a much larger question.

If it was me, I would be use the same native VLAN for trunks everywhere (in your case, probably stick with VLAN1). I would then config the ports on the downstream switches to be in whatever VLAN you want.

If you don't want to configure the downstream switches (so they default to every port being in their VLAN1), I would probably just use access ports on the MX configured for whatever VLAN you want. Just be careful that no one ever patches one downstream switch to another downstream switch all you will have a spanning-tree party.

View solution in original post

alemabrahao · ‎Oct 25 2023

First of all, is the port on switch configured as a trunk or access port? If it's access you need to configure as a truck to allow more than one VLAN.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

PhilipDAth · ‎Oct 25 2023

This is really a much larger question.

If it was me, I would be use the same native VLAN for trunks everywhere (in your case, probably stick with VLAN1). I would then config the ports on the downstream switches to be in whatever VLAN you want.

If you don't want to configure the downstream switches (so they default to every port being in their VLAN1), I would probably just use access ports on the MX configured for whatever VLAN you want. Just be careful that no one ever patches one downstream switch to another downstream switch all you will have a spanning-tree party.

Brash · ‎Oct 25 2023

"...spanning-tree party"

The party that nobody wants an invite to.

jotech · ‎Oct 27 2023

I accepted this as a solution because it helped me firgure out what I needed to do. So thank you!

I reset the third switch to factory settings, so it worked exactly the same as the other two working ones. I set the Meraki port as a Trunk Native VLAN same as the others as you mentioned.

I was then able to config the ports on the switch to be in the correct VLAN. This worked fine.

I think the issue was caused because I set a static IP address on the third switch in the VLAN I wanted it to be in. By putting the switch in the Main VLAN with everything else, it worked as expected.

Thank you all very much for your help. I'm learning something new every day!

Brash · ‎Oct 25 2023

Setting aside the reason for the above configuration choices...

Settings Access VLAN 10 is no different from setting Trunk native VLAN 10.

They are (more or less) functionally the same configuration from a VLAN tagging perspective.

The main difference in the configuration when setting it as a trunk is that you're introducing the possibility of a loop.
It may be that when configuring a trunk, STP starts blocking the port connecting to the MX, thereby dropping Meraki dashboard connectivity for switch 3.
Do you have any links between switch 3 and any of the other switches?

jotech · ‎Oct 26 2023

Thanks for everyone's responses. I don't have any links between switch 3 and any other switch. All three switches are connected only to their own port on the Meraki device (and then a few devices each).

Settings Access VLAN 10 is no different from setting Trunk native VLAN 10.

This was my thought as well. It works fine as Access VLAN 10, but as soon as I change the port to Trunk native VLAN 10, everything just stops working. I think this is something I need to figure out before configuring the switch ports on different VLANs.

It probably would be simpler to config the same native VLAN everywhere and config the ports on the downstream switches as @PhilipDAth suggests, but it's my understanding that as long as the Allowed VLANs is set to 'all' it shouldn't matter too much? I have tried changing the native VLAN on the trunks, but it made no difference.

Meraki Community

Configuring VLANs

Configuring VLANs