Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
992
Views
0
Helpful
0
Replies

H-REAP Issues: Clients get dropped onto Native VLAN on one AP

vanderwaalr
Level 1
Level 1

‎10-10-2011 03:38 PM - edited ‎07-03-2021 08:54 PM

Hi,

I have a wireless deployment consisting of 2 WLC's centrally located in two data centres, with WCS managing the WLC's.  There are currently two sites with wireless.  Each site is it's own AP Group with different SSIDs at both sites.

The site where I am having an issue with H-REAP has 48 AP's installed across a number of floors.

The problem I am experiencing is that when clients get associated to one specific AP, they will successfully connect to the SSID, but are getting dropped into the native VLAN (VLAN 23) instead of the VLAN (VLAN 22) that is mapped to the SSID.  The clients get an IP address from the native VLAN and can access the corporate network, but due to firewall rules they cannot get access to some key corporate assets, as the native VLAN (VLAN 23) is not included in a specific firewall group for wireless clients.  Clients connected to the same SSID but on a different AP are getting dropped into the correct VLAN (VLAN 22).

The switchport configuration for the one AP that is having issues is specifically below:

interface GigabitEthernet5/47

description *** Wireless AP ***

switchport access vlan 23

switchport trunk native vlan 23

switchport trunk allowed vlan 22,23

switchport mode trunk

spanning-tree portfast trunk

spanning-tree bpduguard enable

spanning-tree guard root

!

However, this configuration is the same across all AP connected switchports.  The switchport is trunking correctly:

show int gi5/47 trunk

Port        Mode             Encapsulation  Status        Native vlan

Gi5/47      on               802.1q         trunking      23

Port        Vlans allowed on trunk

Gi5/47      22-23

Port        Vlans allowed and active in management domain

Gi5/47      22-23

Port        Vlans in spanning tree forwarding state and not pruned

Gi5/47      22-23

I have attached a screenshot of the AP configuration from WCS.  As can be seen, the AP is configured for H-REAP, with the Native VLAN set, and the SSID-to-VLAN mappings also set.

I have tried doing a configuration reset on this AP and re-configuring it from scratch, but it still exhibits the same behaviour. 

Does anyone have any ideas on what I can do to resolve this problem?

Thanks in advance.

1 person had this problem
Labels:
Preview file
113 KB
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card