NetworkingNetwork+

VLAN Troubleshooting for CompTIA Network+ N10-009

VLAN troubleshooting diagnoses connectivity failures caused by misconfigured VLANs, trunk ports, and native VLAN mismatches. CompTIA Network+ N10-009 tests VLAN troubleshooting in scenarios where devices cannot communicate despite being on the same physical switch. Understanding the cause of VLAN problems — incorrect port assignments, missing VLANs, or trunk misconfiguration — is tested directly.

7 min

2 sections · 7 exam key points

1 practice questions

Common VLAN Problems

Wrong VLAN assignment: a device is assigned to the wrong VLAN (e.g., placed in VLAN 10 instead of VLAN 20). The device cannot communicate with others in VLAN 20 even though physically nearby. The device may reach different resources than expected. Check the switch port's access VLAN assignment.

VLAN not in allowed list on trunk: traffic for a specific VLAN is not crossing a trunk link because the VLAN is not in the trunk's allowed VLAN list. Devices in that VLAN on one switch cannot communicate with devices on other switches. Check trunk port configuration — verify the VLAN is included.

VLAN not created on switch: a port is assigned to a VLAN that doesn't exist on the switch. The port may go into an inactive state. VLANs must be created on all switches that carry that VLAN (or VTP must propagate it).

Native VLAN mismatch: the two ends of a trunk port have different native VLANs configured. Untagged traffic is placed into different VLANs on each side — devices in the native VLAN on one switch appear in a different VLAN on the other switch. Causes connectivity issues and security concerns.

Troubleshooting VLAN Issues

Verify device VLAN: confirm which VLAN a switch port is in. Check the switch port configuration. If a device has APIPA or wrong IP, it may be in the wrong VLAN (assigned to a VLAN with no DHCP server or a different DHCP scope).

Verify trunk configuration: confirm trunk ports between switches carry the correct VLANs. Check that the VLAN exists on both switches. Verify the native VLAN matches on both ends. CDP/LLDP neighbor commands show connected device information; native VLAN mismatches generate switch log warnings.

Inter-VLAN routing not working: devices in different VLANs cannot communicate. Verify Layer 3 configuration — router-on-a-stick subinterfaces or SVI (Switch Virtual Interface) configuration on Layer 3 switch. Verify the routing protocol or static routes between VLANs.

Key exam facts — Network+

Wrong VLAN port assignment: device gets wrong DHCP subnet or no DHCP
VLAN not in trunk allowed list: traffic doesn't cross to other switches
VLAN must exist on switch to be used — not just configured on the port
Native VLAN mismatch: generates log warnings, causes wrong VLAN assignment for untagged frames
SVI or router subinterface required for inter-VLAN routing
Check: port VLAN assignment, VLAN exists, trunk allowed VLANs, native VLAN consistency
CDP/LLDP neighbor output reveals native VLAN mismatch between switches

Common exam traps

If a switch port is configured for a VLAN, the VLAN automatically exists on the switch

VLANs must be explicitly created on a switch's VLAN database. Assigning a port to a non-existent VLAN may leave the port inactive or in an error state. Create the VLAN first, then assign ports to it (unless VTP propagates it automatically)

Practice questions — VLAN Troubleshooting

These questions are representative of what you will see on Network+ exams. The correct answer and explanation are shown immediately below each question.

Q1.A network administrator adds a new workstation to a switch and configures the port as VLAN 30, but the workstation receives an APIPA address. Other workstations on VLAN 30 on the same switch work fine. What is the most likely cause?

A.The DHCP server is down

B.The switch port is defective

C.The new port is connected to VLAN 30 but VLAN 30 traffic is not crossing the trunk to reach the DHCP server on the other switch

D.The workstation's NIC is faulty

Explanation: If other VLAN 30 devices on the same switch work (they likely have static IPs or already had DHCP leases), but the new device gets APIPA, the DHCP server may be on a different switch and VLAN 30 traffic may not be crossing the trunk — either the VLAN is not in the trunk's allowed list or the trunk itself is misconfigured. The DHCP server is reachable for local devices but not for this switch.

Frequently asked questions — VLAN Troubleshooting

What is VTP and can it cause VLAN problems?

VTP (VLAN Trunking Protocol, Cisco) propagates VLAN database changes from a VTP server switch to VTP client switches. This can cause problems: a new switch added to the network as a VTP server with a higher revision number can overwrite the VLAN database on all switches — deleting all VLANs. Best practice: use VTP transparent mode (don't participate in VTP) or VTP version 3. Always verify VTP configuration when adding new switches to a production network.

Practice this topic

Network+practice questions

Test yourself on VLAN Troubleshooting

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime