03-11-2004 11:12 AM - edited 03-02-2019 02:13 PM
We are trying to configure an Aironet 1200 with multiple VLANs without much luck. At this point, I am stuck trying to get the VLANs working on our Catalyst 4006 Sup3 switch.
The FAS0 on the AP is connected to Gi4/23 on the 4006. When I configure port 4/23 for "trunk", traffic does not pass. When I configure the same port for "access VLAN 55", it works just fine. This is not what I'm reading in the "Using VLANs with Cisco Aironet Wireless Equipment. It says to use the "trunk" mode. But, I am not getting it to work.
Here is some other info:
IOS (tm) Catalyst 4000 L3 Switch Software (cat4000-IS-M), Version 12.1(8a)EW1
cat4000-is-mz.121-8a.EW1.bin
Config of the port on the 4006 that connects the AP (this does not work):
interface GigabitEthernet4/23
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,55,200,1002-1005
switchport mode trunk
switchport nonegotiate
description Cisco 1231 AP
If I change to these two lines to "access" instead of "trunk", traffic will pass and my wireless devices begin working.
switchport mode access
switchport access vlan 55
show int gi4/23 switchport on the 4006 produces:
Name: Gi4/23
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Operational private-vlan: none
Trunking VLANs Enabled: 1,55,200,1002-1005
Pruning VLANs Enabled: 2-1001
show int gi4/23 trunk on the 4006 produces:
Port Mode Encapsulation Status Native vlan
Gi4/23 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi4/23 1,55,200,1002-1005
Port Vlans allowed and active in management domain
Gi4/23 1,55,200,1002-1005
Port Vlans in spanning tree forwarding state and not pruned
Gi4/23 1,55,200,1002-1005
VTP is configured and VLAN 55 is "active". No matter what, I can always ping the address for Interface VLAN 55.
I know I'm missing something.... can anyone help?
Thank in advance!
03-11-2004 11:38 AM
Hello,
I'm currently trying Aironets 1200 as well.
What I have read and tried is using trunking with a native vlan (I tried using a L2 switch and a router behind it).
I had to specify the native vlan explicitly (switchport trunk native vlan NNN) on the switch.
In the Aironet the native VLAN had to be configured also explicitly (somewhere in ethernet link settings).
It then worked just fine, I could associate with different SSIDs, each of them corresponding to a different VLAN (different ranges of DHCP addresses, so that checking the ip address gives an indication on the VLAN).
Possibly this is way off the mark, I post this just in case...
03-11-2004 01:51 PM
Thank you for your comments. I have tried what you suggested, but am still in the same spot.
I specifically added "switchport trunk native vlan 1" to the port on the 4006 switch.
I verified that that native vlan was specified in the CLI of the AP. Both the Ethernet Sub-Interface and the Radio Sub-Interface for VLAN 1 specify that VLAN 1 is the native VLAN.
Still no luck, so just to rule out the AP I connected a laptop with a static IP Address (172.16.55.50) for VLAN 55. (172.16.55.1) It reacted the same way.
If the 4006 port is in "trunk" mode - no traffic will pass using this subnet. As soon as I revert to "access" mode, traffic passes. But the mutliple VLAN config on the AP won't work.
Either I am misunderstanding how this is supposed to work, or I am missing something in the configuration.
Thanks for any additional help or suggestions!
05-16-2004 04:57 PM
I am having a similar problem. I am able to configure VLANS and the VLANS work as long as I am not using WEP keys. The device will authenticate but will not reieve DHCP. Apparently this is a known bug ,CSCec54099. If I assign an address it works fine.
05-16-2004 06:01 PM
We run multiple VLANS on 1200 with IOS code. Vlan 2 is the management VLAN and 26 and 28 are voice and data. See below.
1200AP 12.2(13)JA--------------------
interface Dot11Radio0.26
encapsulation dot1Q 26
no ip route-cache
no cdp enable
bridge-group 26
bridge-group 26 subscriber-loop-control
bridge-group 26 block-unknown-source
no bridge-group 26 source-learning
no bridge-group 26 unicast-flooding
bridge-group 26 spanning-disabled
!
interface Dot11Radio0.28
encapsulation dot1Q 28
no ip route-cache
no cdp enable
bridge-group 28
bridge-group 28 subscriber-loop-control
bridge-group 28 block-unknown-source
no bridge-group 28 source-learning
no bridge-group 28 unicast-flooding
bridge-group 28 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
ntp broadcast client
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.2
encapsulation dot1Q 2
ip address 10.1.2.152 255.255.255.0
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
!
interface FastEthernet0.26
encapsulation dot1Q 26
no ip route-cache
bridge-group 26
no bridge-group 26 source-learning
bridge-group 26 spanning-disabled
!
interface FastEthernet0.28
encapsulation dot1Q 28
no ip route-cache
bridge-group 28
no bridge-group 28 source-learning
bridge-group 28 spanning-disabled
3550 Trunk Port 12.1(19)EA1a-------------
interface FastEthernet0/29
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2,26,28
switchport mode trunk
switchport nonegotiate
no ip address
no logging event link-status
05-17-2004 10:59 PM
Hi,
Pls use the config as given below, it works in my environoment.
interface GigabitEthernet4/23
swithport access vlan 55
switchport trunk encapsulation dot1q
no switchport trunk native vlan
switchport trunk allowed vlan 1,55,200,1002-1005
switchport mode trunk
switchport nonegotiate
description Cisco 1231 AP
end
Rgds,
Vijay V
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: