Inter-Vlan Troubleshooting Process

Inter-VLAN troubleshooting checklist you can follow when VLAN-to-VLAN communication isn’t working:

1️⃣ Physical & Interface Checks

  • Cable & Port Status

    • Make sure interfaces are up/up (show ip interface brief).

    • Verify correct ports are connected to the right devices.

  • Access/Trunk Port Configuration

    • Access ports → correct VLAN (switchport mode access, switchport access vlan X).

    • Trunk ports → correct encapsulation (switchport trunk encapsulation dot1q if required) and allowed VLANs (switchport trunk allowed vlan).

2️⃣ VLAN Configuration Issues

  • VLAN Existence

    • Check VLAN is created on all switches (show vlan brief).

  • VTP Problems

    • Ensure VTP mode and domain match; version compatibility.

    • If using transparent mode, VLANs must be created manually.

3️⃣ Layer 3 Routing Problems

  • Router-on-a-Stick / Layer 3 Switch

    • Confirm subinterfaces or SVI IP addresses are correct.

    • Subinterface: encapsulation dot1q <VLAN_ID> must match.

    • SVI: Make sure no shutdown is set.

  • Routing Enabled

    • On L3 switch: ip routing must be enabled.

    • Check route table (show ip route) to see VLAN networks.

4️⃣ IP Addressing & Subnet Mask

  • PC Configuration

    • Ensure each VLAN has a unique subnet.

    • Verify correct gateway (SVI or subinterface IP).

    • Use ipconfig or ifconfig to check.

  • IP Conflict

    • No duplicate IPs in the network.

5️⃣ ACL or Firewall Filters

  • Check if ACLs on router or switch are blocking inter-VLAN traffic.

  • Verify firewall settings between VLANs.

6️⃣ STP / Trunk Issues

  • Spanning Tree

    • Ensure STP isn’t blocking necessary trunk ports (show spanning-tree).

  • BPDU Guard / Root Guard

    • Disable if they are incorrectly blocking ports.

7️⃣ Testing & Tools

  • Ping & Trace

    • Test from one VLAN to another (ping <gateway> then ping <remote host>).

  • Show Commands

    • show cdp neighbors → check connectivity between switches.

    • show run → verify config.

    • show interfaces trunk → confirm VLANs are allowed.

💡 Common Quick Fixes

  • VLAN not created or assigned properly.

  • Subinterface missing encapsulation dot1q.

  • Gateway IP wrong or not configured.

  • Trunk port not allowing VLAN.

  • ip routing missing on L3 switch.

Comments

Post a Comment