Courseiva
VLANCCNA 200-301

VLAN Port Showing Inactive in show vlan brief

Presenting Symptom

A VLAN port shows as 'inactive' in the output of 'show vlan brief', and the connected device cannot communicate on the VLAN.

Network Context

This occurs in a small branch office with a single Cisco Catalyst 2960 switch running IOS 15.0. The switch has multiple VLANs configured (VLAN 10, 20, 30) for different departments. The problem is observed on an access port assigned to VLAN 20, which suddenly shows as inactive.

Diagnostic Steps

1

Check VLAN status and port assignment

show vlan brief
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
10   Sales                            active    Fa0/5, Fa0/6
20   Engineering                      inactive  
30   HR                               active    Fa0/7, Fa0/8
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup

VLAN 20 shows status 'inactive' and no ports are listed under it. This indicates the VLAN is not operational, likely because it is not created in the VLAN database or is administratively down.

2

Verify VLAN configuration in running-config

show running-config | include vlan 20
vlan 20
 name Engineering

If the VLAN is configured, you will see the vlan 20 and name lines. If not, the VLAN does not exist in the configuration. In this case, the output may be empty or show only 'vlan 20' without a name.

3

Check if VLAN is present in VLAN database

show vlan id 20
VLAN ID: 20
VLAN Name: Engineering
VLAN Type: Ethernet
VLAN State: inactive
...

If the VLAN exists but is inactive, the state will show 'inactive'. This could be due to the VLAN being administratively shut down or because the VLAN is not created in the VLAN database (if using VTP).

4

Check VTP status (if applicable)

show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 : 
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)

If VTP is enabled and the VLAN is not present in the VTP database, it may not be propagated. However, in a simple branch office, VTP is often disabled. If VTP mode is 'Transparent', VLANs are locally configured.

Root Cause

The VLAN 20 was not created in the switch's VLAN database. The 'vlan 20' command was either never executed or was removed, causing the VLAN to be inactive. As a result, any access port assigned to VLAN 20 cannot forward traffic because the VLAN does not exist in the switch's VLAN table.

Resolution

Create the missing VLAN in global configuration mode: Switch(config)# vlan 20 Switch(config-vlan)# name Engineering Switch(config-vlan)# exit This creates VLAN 20 with the name 'Engineering'. After creation, the VLAN will become active and ports assigned to it will function normally.

Verification

Run 'show vlan brief' again to confirm VLAN 20 is now active and shows the assigned ports: VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 10 Sales active Fa0/5, Fa0/6 20 Engineering active Fa0/7, Fa0/8 30 HR active Fa0/9, Fa0/10 ... Also verify the port is up/up with 'show interfaces status' or 'show interfaces fa0/7 switchport'.

Prevention

["Always create VLANs in the VLAN database before assigning them to ports.","Use a consistent VLAN configuration process, such as a configuration template or automation, to avoid missing VLANs.","If using VTP, ensure the VTP domain is correctly configured and the VLAN is propagated to all switches."]

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where a VLAN is missing or inactive. Candidates must know that a VLAN must be created in the VLAN database before it can be used. The exam may present a 'show vlan brief' output and ask why a port is not working, or require the candidate to identify the missing VLAN configuration. Key fact: A VLAN must exist in the VLAN database to be active; otherwise, it shows as 'inactive'.

Exam Tips

1.

Memorize that 'inactive' in 'show vlan brief' means the VLAN is not created or is administratively down.

2.

Remember that 'show running-config | include vlan' can quickly reveal if a VLAN is configured.

3.

Practice the 'vlan <vlan-id>' and 'name <name>' commands to create VLANs.

Commands Used in This Scenario

show running-config

Displays the current active configuration in DRAM, showing all non-default settings.

show vlan brief

Displays a summary of all VLANs configured on the switch, including VLAN ID, name, status, and ports, used to quickly verify VLAN configuration and port assignments.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions