1

00:00:00,274  -->  00:00:06,595
In the previous video, we already learn
about trunk. After configuring trunk,

2

00:00:06,595  -->  00:00:13,813
now same vlan between room can communicate each
others. Vlan 10 in the room 1 can communicate

3

00:00:13,813  -->  00:00:22,614
with vlan 10 in the room 2. And vlan 20 in room
1 also can communicate with vlan 20 in room 2.

4

00:00:23,351  -->  00:00:30,285
Next in this video, we are going to learn
about allowed trunk. Let’s just start!

5

00:00:30,960  -->  00:00:37,174
Let’s open switch 1, enable,
and show interface trunk.

6

00:00:38,097  -->  00:00:47,237
Here we have interface trunk, which
is fa0/5. Here we can see allowed on trunk.

7

00:00:47,237  -->  00:00:52,339
This is means which vlan
that allowed to pass the interface.

8

00:00:53,440  -->  00:00:58,178
By default, all vlans is allowed
to pass the interface trunk,

9

00:00:59,049  -->  00:01:07,138
here we can see that the allowed on trunk
is vlan 1 until 1005. In the real device,

10

00:01:07,138  -->  00:01:19,298
the allowed on trunk will be 1 until 4095. Because
the number of vlan is between 1 until 4095.

11

00:01:20,399  -->  00:01:24,045
Here we can configure custom allowed trunk.

12

00:01:24,302  -->  00:01:28,721
So we can configure which vlan
can pass the interface trunk.

13

00:01:29,226  -->  00:01:33,761
Let’s say here we only have vlan 10 and vlan 20.

14

00:01:34,284  -->  00:01:42,116
For security reason we want to configure so only
vlan 10 and vlan 20 can pass the interface trunk.

15

00:01:42,773  -->  00:01:54,232
Let’s configure the allowed trunk.
Conf t, and then go to interface fa0/5.

16

00:01:55,000  -->  00:02:04,276
To configure allowed trunk, the command
is switchport trunk allowed vlan 10, 20.

17

00:02:05,351  -->  00:02:08,036
Now let’s see the interface trunk.

18

00:02:08,649  -->  00:02:15,396
Okay here we can see that now allowed
on trunk is only vlan 10 and 20.

19

00:02:16,035  -->  00:02:25,994
Let’s also configure in switch
2. Conf t, interface fa0/5,

20

00:02:26,151  -->  00:02:31,344
and then switchport trunk allowed vlan 10,20.

21

00:02:32,258  -->  00:02:33,725
Let’s see the trunk,

22

00:02:33,866  -->  00:02:42,472
do show interface trunk. Okay here we can see that
now the allowed on trunk is only vlan 10 and 20.

23

00:02:43,217  -->  00:02:47,849
Now let’s try to communicate
between PC in the vlan 10.

24

00:02:48,266  -->  00:02:57,938
Okay this is success. Now let’s try between
PC in the vlan 20. Okay this is also success.

25

00:02:58,773  -->  00:03:04,285
So now all PC in the same vlan
still can communicate each others.

26

00:03:04,764  -->  00:03:11,050
This is because vlan 10 and vlan 20 is
allowed to pass the interface trunk.

27

00:03:11,973  -->  00:03:19,867
Now let’s try to add a PC. let’s say
we will configure this PC to vlan 30.

28

00:03:21,315  -->  00:03:26,392
Let’s change the name of the PC. let’s say PC 9.

29

00:03:26,542  -->  00:03:35,752
And here PC 10, let’s connecting this to
switch 2. This PC will also in the vlan 30.

30

00:03:36,613  -->  00:03:46,587
Now let’s configure the switch, here fa0/6 will
be in the vlan 30. Let’s create the vlan first.

31

00:03:47,484  -->  00:03:57,076
Let’s say the name is engineering. And then
assign the interface fa0/6 to the vlan 30.

32

00:03:57,653  -->  00:04:06,090
Interface fa0/6, switchport mode
access, switchport access vlan 30.

33

00:04:08,142  -->  00:04:18,694
Let’s verify it, do show vlan brief. Okay
here we can see that fa0/6 is in the vlan 30.

34

00:04:19,217  -->  00:04:31,974
Next let’s configure on switch 2. Here fa0/6 will
also in the vlan 30. Let’s create the vlan first.

35

00:04:37,431  -->  00:04:48,941
And then assign interface fa0/6 to the vlan
30. Interface fa0/6, switchport mode access

36

00:04:48,941  -->  00:04:52,205
and then switchport access vlan 30.

37

00:04:52,684  -->  00:04:57,114
Let’s verify it, do show vlan
brief.

38

00:04:58,111  -->  00:05:01,585
Oh I'm sorry, here I do a mistake

39

00:05:02,048  -->  00:05:08,720
This is should not fa0/3 but fa0/6.

40

00:05:09,277  -->  00:05:21,815
So let’s bring fa0/3 back to vlan 20. Interface fa0/3, switchport access vlan 20.

41

00:05:22,314  -->  00:05:36,044
Now let’s configure fa0/6, interface fa0/6, switchport mode access, and then switchport access vlan 30.

42

00:05:36,774  -->  00:05:40,945
Let’s verify it again, do show vlan brief.

43

00:05:42,796  -->  00:05:55,783
Okay here we can see that fa0/3 and fa0/4 is in the vlan 20, and then fa0/6 is in the vlan 30. This is correct.

44

00:05:56,406  -->  00:06:01,334
Now let’s try to ping between PC in the vlan 30.

45

00:06:01,975  -->  00:06:09,643
Okay here we get an error PC 10 has no functional
port. This is because we don’t configure the

46

00:06:09,643  -->  00:06:19,879
ip address yet. Let’s configure it first.
For PC 9, let’s say the ip address is 192.168.1.9.

47

00:06:22,160  -->  00:06:32,949
for PC 10, the ip address is 192.168.1.10.
Okay now let’s ping again from PC 9 to PC 10.

48

00:06:35,119  -->  00:06:42,569
Okay here we can see that the result is
failed. Let’s try again, okay still failed.

49

00:06:42,933  -->  00:06:49,476
Why? This is because the allowed
on trunk is only vlan 10 and 20.

50

00:06:49,804  -->  00:06:53,565
Let’s see it again, do show interface trunk.

51

00:06:54,160  -->  00:06:59,023
Here we can see that the allowed
on trunk is only vlan 10 and 20.

52

00:06:59,218  -->  00:07:03,876
Vlan 30 is not allowed to pass the interface trunk

53

00:07:05,000  -->  00:07:11,263
Now let’s configure so vlan 30 will
allowed to pass the interface trunk.

54

00:07:11,858  -->  00:07:19,503
Go to interface fa0/5, and then
switchport trunk allowed vlan,

55

00:07:19,893  -->  00:07:28,205
and here earlier we directly put the
number of vlan, which is 10 and 20 like that,

56

00:07:28,924  -->  00:07:35,431
But if now we directly put the number of
vlan like this, so the allowed on trunk

57

00:07:35,431  -->  00:07:43,385
will be only vlan 30. Vlan 10 and vlan
20 will be removed from allowed on trunk.

58

00:07:43,955  -->  00:07:48,445
Let’s just try it. Now let’s verify it.

59

00:07:49,137  -->  00:07:56,374
Okay here we can see that now vlan 10 and
vlan 20 is removed from allowed on trunk.

60

00:07:56,969  -->  00:07:59,636
So we need to be careful here.

61

00:08:00,675  -->  00:08:06,561
Okay now let’s bring the vlan 10 and
vlan 20 back to allowed on trunk.

62

00:08:08,293  -->  00:08:17,183
Let’s verify it again, okay now here we can see
that the allowed on trunk is vlan 10 and 20.

63

00:08:18,160  -->  00:08:19,440
The question is,

64

00:08:19,440  -->  00:08:26,543
how we can add vlan 30 to the allowed on
trunk without removing the vlan 10 and 20?

65

00:08:27,031  -->  00:08:34,400
Let’s just try it. Actually the
command is similar, so switchport port

66

00:08:34,400  -->  00:08:41,770
trunk allowed vlan, and here we need
to use one more command, which is add.

67

00:08:42,055  -->  00:08:50,303
So switchport trunk allowed vlan add
and then the number of vlan, which is 30.

68

00:08:50,729  -->  00:08:58,880
Let’s verify it. Do show interface
trunk. Okay here we can see that now,

69

00:08:58,880  -->  00:09:07,091
the allowed on trunk is vlan 10 20 and
30. Let’s also configure on switch 2.

70

00:09:08,089  -->  00:09:19,004
Interface fa0/5. Switchport trunk
allowed vlan add 30. Let’s verify it,

71

00:09:19,004  -->  00:09:27,832
do show interface trunk. Okay here we can see
that the allowed on trunk is vlan 10, 20 and 30.

72

00:09:28,915  -->  00:09:36,374
Now let’s try ping between PC in the
vlan 30. Okay now the result is success.

73

00:09:36,951  -->  00:09:40,346
I think enough for this
video, I hope you understand

74

00:09:40,346  -->  00:09:42,554
about allowed on trunk.

75

00:09:42,928  -->  00:09:46,301
Thankyou for watching and see you on the next video!