11-04-2009 01:57 AM - edited 03-06-2019 08:26 AM
Hello
I have a 3560 switch and there is a WLAN AP connected.
Port is configured as below.
interface FastEthernet0/43
description * WLAN *
switchport trunk encapsulation dot1q
switchport trunk native vlan 5
switchport trunk allowed vlan 5,10,15
switchport mode trunk
Now I'm not able to ping the AP.
If I insert the command:
no switchport trunk native vlan 5
and then
switchport trunk native vlan 5
Then I'm able to ping.
If I disconnect the AP and connect again I have the same problem.
Is this a bug or do I have a wrong config?
Thanks for your help
11-04-2009 11:25 AM
It doesn't seem to be a bug. Normally thin APs should go into a access port ,not to trunk port. Could you please tell me the AP type and model ?
11-04-2009 03:57 PM
Please post the ap config.. Have seen any bug like that .
11-05-2009 07:06 AM
AP: Cisco 1242
Here is the config:
Current configuration : 3989 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap1
!
enable secret 5 12345
!
ip subnet-zero
no ip domain lookup
ip domain name domain.local
!
!
ip ssh version 2
no aaa new-model
!
dot11 ssid MA
vlan 10
authentication open
authentication key-management wpa
wpa-psk ascii 7 12345
!
dot11 ssid guest
vlan 15
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 12345
!
power inline negotiation prestandard source
!
!
username wid privilege 15 password 7 12345
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 15 mode ciphers aes-ccm
!
encryption vlan 10 mode ciphers aes-ccm tkip
!
ssid MA
!
ssid guest
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.10
encapsulation dot1Q 10
no ip route-cache
no cdp enable
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 port-protected
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
!
interface Dot11Radio0.15
encapsulation dot1Q 15
no ip route-cache
no cdp enable
bridge-group 15
bridge-group 15 subscriber-loop-control
bridge-group 15 port-protected
bridge-group 15 block-unknown-source
no bridge-group 15 source-learning
no bridge-group 15 unicast-flooding
bridge-group 15 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
!
encryption vlan 15 mode ciphers aes-ccm
!
encryption vlan 10 mode ciphers aes-ccm tkip
!
ssid MA
!
ssid guest
!
no dfs band block
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
channel dfs
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.10
encapsulation dot1Q 10
no ip route-cache
no cdp enable
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 port-protected
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
!
interface Dot11Radio1.15
encapsulation dot1Q 15
no ip route-cache
no cdp enable
bridge-group 15
bridge-group 15 subscriber-loop-control
bridge-group 15 port-protected
bridge-group 15 block-unknown-source
no bridge-group 15 source-learning
no bridge-group 15 unicast-flooding
bridge-group 15 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.5
encapsulation dot1Q 5 native
no ip route-cache
no cdp enable
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.10
encapsulation dot1Q 10
no ip route-cache
no cdp enable
bridge-group 10
no bridge-group 10 source-learning
bridge-group 10 spanning-disabled
!
interface FastEthernet0.15
encapsulation dot1Q 15
no ip route-cache
no cdp enable
bridge-group 15
no bridge-group 15 source-learning
bridge-group 15 spanning-disabled
!
interface BVI1
ip address 192.135.91.202 255.255.255.0
no ip route-cache
!
ip default-gateway 192.135.91.254
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
control-plane
!
bridge 1 route ip
!
!
alias exec c conf t
alias exec w cop run sta
alias exec v sh run
alias exec b sh ip int brie
alias exec a show dot11 associations
!
line con 0
line vty 0 4
login local
!
end
11-05-2009 12:39 PM
Hi.
Weird. As I see it your config is fine. You have "encapsulation dot1Q 5 native" and "bridge-group 1" and the IP of the AP on BVI1 and it all corresponds fine with the native vlan 5 on the switchport, so it _should_ all be fine.
That said, I actually had a problem that looked like this at a customer. As they were preparing to convert from autonomous AP to lightweight we did not pursue the problem further so unfortunately I do not have a solution. I'd be pleased to learn a solution if anybody else has one.
HTH, Ingolf
11-05-2009 01:17 PM
Hi
Does may be a firmware update helps?
Yours sincerely
11-08-2009 05:00 AM
I did a firmware update and now my workaround with the no switchport.... doesn't work anymore.
So now I have no possibility to access the AP.
Looks like the configuration is not correct?
Yours sincerely
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide