Help Center Help Articles Professional Support Community RMA & Warranty Downloads

Switch Port VLAN Assignment (Trunk & Access Ports)

Configuring VLANs (Virtual Local Area Networks) on switch ports is essential for network segmentation and performance. This article explains how to apply VLANs to switch ports, focusing on trunking/trunk ports and access ports. Trunk ports allow traffic for multiple VLANs, while access ports handle traffic for a single VLAN, ensuring a robust and well-organized network.

Key Terminology

Here is an overview of key terminology you may hear when talking about switch ports and their VLAN configuration:

  • Native VLAN: The VLAN assigned to "untagged" traffic passing through a switch port. Devices physically connected to a switch port will be placed on this Native VLAN.
  • Tagged VLAN: Any VLAN, besides the native VLAN, that is explicitly permitted to flow through a switch port.
  • Trunk Port: The name given to a switch port with "Tagged VLANs".
  • Access Port: The name given to a switch port that does not have "Tagged VLANs". In other words, it only permits traffic belonging to the Native (untagged) VLAN.

Configuring UniFi Switch Ports

  1. Navigate to the Ports tab.
  2. Select the desired port.
  3. Set the Native VLAN / Network that will be assigned to directly connected devices.
    Note: When connecting an AP to a switch port, the Native VLAN should never be the same as the network being broadcast by that AP (except when VLAN 1 is used). This will break connectivity and clients will not be able to join.
  4. Use the Tagged VLAN Management setting to configure any VLAN restrictions.
    1. Allow All (Trunk Port): By default, UniFi switch ports allow traffic from all VLANs.
    2. Block All (Access Port): This option only permits traffic to pass on the Native (Untagged) VLAN.
    3. Custom (Trunk Port): This option can be used to allow traffic for subset of VLANs, rather than all of them.
  5. When configuring a switch port used to connect an AP or another switch, ensure you do not accidentally restrict a VLAN that must pass to maintain downstream network connectivity. 
    1. A loss of network connectivity following a configuration change often indicates incorrect VLAN tagging. See here to learn more.
  6. Apply the changes.

Related Articles

For additional guidance on VLAN configurations, check out these articles:

Was this article helpful?
0 out of 0 found this helpful