Re: Access Point on Trunk port Switch

MYazdian · ‎07-13-2022

Hi all,

I have a problem connecting my access point to Cisco switch with multiple SSID. I have two SSID with VLAN 10 and 20. On my router, I have three dhcp pool MGMT, VLAN10 and VLAN20. A switch is connected to router by Trunk mode and connected to access point by trunk mode and allowd all these three vlans.

SSIDs can take proper IP from dhcp-server but LAN interface on access point should take IP from MGMT vlan. but, it doesn't take.

I tried to add MGMT vlan on the access point connected port on the switch as a native vlan but still not working.

ip dhcp pool MGMT
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.1
ip dhcp pool Wifi
 network 192.168.20.0 255.255.255.0
 default-router 192.168.20.1
ip dhcp pool Guest_Wifi
 network 192.168.30.0 255.255.255.0
 default-router 192.168.30.1

interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
!
interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.30.1 255.255.255.0
!


Switch(config-if)#do show int trunk
Port        Mode         Encapsulation  Status        Native vlan
Fa0/1       on           802.1q         trunking      1
Fa0/2       on           802.1q         trunking      10

Port        Vlans allowed on trunk
Fa0/1       1-1005
Fa0/2       10,20,30

Port        Vlans allowed and active in management domain
Fa0/1       1,10,20,30
Fa0/2       10,20,30

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/1       1,10,20,30
Fa0/2       10,20,30

Switch(config)#do show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/3, Fa0/4, Fa0/5, Fa0/6
                                                Fa0/7, Fa0/8, Fa0/9, Fa0/10
                                                Fa0/11, Fa0/12, Fa0/13, Fa0/14
                                                Fa0/15, Fa0/16, Fa0/17, Fa0/18
                                                Fa0/19, Fa0/20, Fa0/21, Fa0/22
                                                Fa0/23, Fa0/24
10   MGMT                             active    
20   Wifi                             active    
30   Guest_Wifi                       active    
1002 fddi-default                     active    
1003 token-ring-default               active    
1004 fddinet-default                  active    
1005 trnet-default                    active

would you please tips me about this problem?

Thanks in advance

paul driver · ‎07-13-2022

Hello

interface FastEthernet0/0.10
encapsulation dot1Q 1 native
ip address 192.168.10.1 255.255.255.0

or

interface FastEthernet0/0
ip address 192.168.10.1 255.255.255.0

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

MYazdian · ‎07-13-2022

Hi Paul,
I need to use vlan 10 as a mgmt vlan on the AP. I have update vlan 10 subinterface on the DHCP router. but still AP lan interface can not get IP from mgmt vlan (10)
interface FastEthernet0/0.10
encapsulation dot1Q 10 native
ip address 192.168.10.1 255.255.255.0

lagerplane · ‎07-13-2022

Now that you have the sub-interface on the Router with the "dot1q 10 native" , make both trunks on the Switch (Fa0/1 and Fa0/2) to have the native Vlan also set to Vlan 10.

MHM Cisco World · ‎07-13-2022

trunk port connect between AP and L3SW must allow
native VLAN <-management VLAN
VLAN 10
VLAN 20

you must also sure that AP have native VLAN same as management VLAN ID.

KJK99 · ‎07-13-2022

I believe I was in the same position. I have TP-Link APs connected to CISCO switches. Initially, I put the APs on trunk ports. The APs worked except for the SSID associated with the management VLAN. Even setting a static IP (management VLAN subnet) on the laptop did not help. So I figured that’s because of the native VLAN on the trunk since the APs have no concept of the native VLAN. Next, I removed the native VLAN from the trunk and, as expected, it helped. However then, I got a nasty surprise after rebooting the switches. I could no longer access the APs’ management interfaces. To make it even more interesting the APs actually worked on their SSIDs. There was nothing in the switch log to indicate any kind of problem, but the APs were not present in the ARP tables on the switches, not even in the MAC Address tables. The solution was to define the ports the APs were connected to as ‘General’. I guess that's the same as the so-called ‘Hybrid’ ports mentioned recently in the other post. The exact setting is the management VLAN untagged and the other VLANs tagged as well as the PVID set to the management VID. My switches are SB so I use their web interface to configure them. Their CLI differs in some details from the fully-managed CISCO switches.

Kris K

MYazdian · ‎07-14-2022

I am still seeking a solution. But, it seems I need to add MGMT VLAN on the "Access Point" ethernet interface!!!
SSID1 vlan20
SSID2 vlan30
AP LAN interface (vlan10) I am not sure that AP has the option to add vlanID on the LAN interface

Jitendra Kumar · ‎07-14-2022

If you are using third-party AP you should have the option there to add as a sub-interface or VLAN tag with the interface something like.

Add same MGMT VLAN on the interface that you are using as Native VLAN.

Thanks,
Jitendra