Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1450
Views
0
Helpful
4
Replies

Managing Cisco 1242s with 2 VLANs

MBrooksAirIT
Level 1
Level 1

‎12-05-2013 05:22 PM - edited ‎03-03-2019 07:14 AM

Hello- I am tasked with building out an autonomous AP system with surplus 1242s (AIR-AP-1242AG-A-K9). The topology would be:

LAN (trunk) -- AP -- (Bridge) -- AP Fa0 -- PC NIC

I need to provide a layer 2 VLAN access to a PC attached directly to the Ethernet interface (vendor controls layer 3 addressing). And I need to be able to manage the APs from an existing layer 3 management VLAN. DISCLAIMER: I am not a wireless guy.

That said, in my (confused) reading I have formulated a plan to use interface BVI1 as management, create an interface off one of the radios:

interface Dot11Radio0.VLANID

encapsulation dot1Q VLANID native

And then trunk the root-side switchport.

Feasible? Way off base? (Better) suggestion?

Thanx

Labels:
0 Helpful
4 Replies 4

MBrooksAirIT
Level 1
Level 1

‎12-05-2013 07:07 PM

In building this scenario, I ran into a DOH! moment -- where is the other side of the trunk? The Fa0 interface on the AP cannot be trunked (I think). However, some success: when I tagged frames in VLANID on the switch-side trunk with native VLAN VLANID (OK, that is getting old, let's call L2 VLAN 500 and mgt VLAN 50). So when I set native VLAN to 500 on the switch port I was able to ping the PC NIC.

VLAN 500, ping >-- trunk -- AP -- (bridge) -- AP -- > ping success PC NIC

Now the issue is how do I get VLAN 50 across?

0 Helpful

MBrooksAirIT
Level 1
Level 1
In response to MBrooksAirIT

‎12-06-2013 12:43 PM

I realize I should have said UNtagged the frames on the trunk, but you get the idea.

It is seeming like I am only able to pass one VLAN over this topology. Anyone have any other ideas?

0 Helpful

MBrooksAirIT
Level 1
Level 1

‎02-10-2014 05:57 PM

Any replies at all would be helpful at this point...

0 Helpful

John Blakley
VIP Alumni
VIP Alumni
In response to MBrooksAirIT

‎02-13-2014 12:05 PM

You've been going at this for a while.

Okay, so the AP should be configured with subinterfaces for all of the related vlans. You would encapsulate all vlans once you configure subinterfaces, or the native vlan no longer works. In the following example, I'll use 2 vlans:

int d0

ssid TEST

ssid TEST-2

encryption vlan 1 ciphers tkip

encryption vlan 2 ciphers tkip

int d0.1

encapsulate dot1q 1 native

bridge-group 1

int d0.2

encapsulate dot1q 2

bridge-group 2

int fa0.1

encapsulate dot1q 1 native

int fa0.2

encapsulate dot1q 2

int bvi1

ip address 192.168.1.1 255.255.255.0

On your vlans, you would need something on the other end routing for them, so you would need a L3 switch or a router.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
0 Helpful
Customers Also Viewed These Support Documents