I am not sure what I did wrong here, but I had this working, and now it doesn't work. I have setup two VLANs on a WLC that's built-in to my router, the C1111-8PW, VLAN1 and VLAN40. VLAN1 is on the 10.0.0.0 / 24 network, VLAN40 is on the 10.0.40.0 / 24 network. The built-in WLC is connected to Wlan-GigabitEthernet 0/1/8 interface. Here is it's running config.
interface Wlan-GigabitEthernet0/1/8 switchport trunk allowed vlan 1,40 switchport mode trunk end
Does that look okay or am I missing something? On the WLC, I cannot ping 10.0.40.1, which is the IP address to VLAN40 on the router.
All the examples I see online seem to show something along the lines of this:
interface gig0/20 Description Connected to the WLC switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,20,60 switchport mode trunk
However, when I try configuring the interface Wlan-GigabitEthernet 0/1/8, there is no switchport trunk encapsulation dot1q. From what I've read, I believe that encapsulation is required for what I'm attempting to do. I cannot seem to figure out how to enable it though.
I don't think it's something like a bad cable, I will say why. The WLC I call WLC0, and the built-in AP I call AP0. They are built into the router. I do not run any cables to them. I have been actively working on configuring the network more, like fine tuning it, setting up the VLANs, more security, etc. That is why I think it's a config issue.
So I reset the WLC config to the default. Then I reconfigured just the very basics.
I set the IP address of the management interface to 10.0.0.2 with the subnet mask of 255.255.255.0.
I executed these commands after doing the basic auto-configure stuff:
config interface address management 10.0.0.2 255.255.255.0 10.0.0.1 config sysname WLC0 config prompt WLC0 ping 10.0.0.1 <ping failed> config wlan disable 1 config interface vlan management 10 config wlan enable 1 ping 10.0.0.1 <ping failed>
So from the WLC0, I still cannot ping the VLAN10. I will search the internet to see if there's something else I'm missing here....
I am looking at the Cisco Mobility Express User Guide for 8.8 ( https://www.cisco.com/c/en/us/td/docs/wireless/access_point/mob_exp/88/user_guide/b_ME_User_Guide_88/getg_started.html )
I see this:
Configuring the Switch Port Connect the access points to the switch and power them up. Ensure the following while configuring the
switch port: All access points, including the Master AP, in a Mobility Express network should be in the same L2
broadcast domain. Management traffic must not be tagged. The switch port to which the Master AP is connected can be a trunk port or an access port and must
be configured to trunk Native VLAN for management traffic. Data traffic must be trunked with
appropriate VLANs for local switching as well. The following is a sample switch port configuration. Interface GigabitEthernet1/0/37 description » Connected to Master AP « switchport trunk native vlan 122 switchport trunk allowed vlan 10,20,122 switchport mode trunk
The part that I'm worried about is the part that reads management traffic must not be tagged. Does that mean I am not supposed to put the management interface on VLAN 10? I thought the only way to put the management interface on the VLAN 10 was to tag the management interface with VLAN 10....
I see for the APs, I can run that Lightweight AP Software and from looking at the release notes, it looks like it's IOS. I wonder if I could install that Lightweight AP Software on the WLC and if that would make things a little easier. I dunno. I am kind of lost as to why from the WLC, even with a default config, after setting the IP of the management interface to 10.0.0.2, I cannot ping the router's VLAN10, regardless of whether I tag the management interface on the WLC0 for VLAN10 or not. I would think I'd have to tag the management interface with VLAN10 if I wanted it to be able to communicate with other clients on VLAN10.
A bit of progress. If I set the management interface to VLAN10 and then on the built-in AP, I tag the packets with the VLAN ID 10, then the WLC can reach the outside world, but the AP fails to join the WLC with a message saying:
Layer 3 discovery request not received on management VLAN
I'm not sure how to fix that, besides having the AP and WLC's management interface on different VLANs.
I think the WLC and router had some sort of caching going on somewheres, because no matter how I configure the router or the WLC interfaces, I cannot seem to reach the router or the outside world. I'm converting the AP to local mode (or trying).
I believe the management interface has to be tagged. Very frustrating trying to get this working.
Did you ever get this working?
I have a new C1111-4PW Router with this same issue. This is also my first experience with an AP/WLC.
My scenario is slightly different, but results are the same: The built-in AP/WLC cannot communicate with the Router using IP protocols.
I am only working with the C1111-4PW for use as a Primary AP.
I can only get it to work (assuming VLAN configs are OK) when the AP/WLC's Internal (management) DHCP Server is configured. When the Internal DHCP server is Not configured, the built-in AP/WLC is configured to use an External DHCP server, my C1111-4PW's built-in AP/WLC cannot communicate with the Router over IP to access an External DHCP server through the Router.
I appreciate your config export attachment to this posting as it gives me a reference to compare with. When I finally get a working configuration, I will post my config.
Any suggestions are appreciated.