Cisco 892fsp - Vlan1003 issue

osoerensen · ‎09-16-2015

I am trying to replace an old Cisco ASA5505 with a Cisco892fsp.

On the LAN - besides hosts etc. - is an Apple Wireless setup (Airport Extreme as main and some Airport Express as extenders)

The Wireless setup is announcing 2 SSID´s - One for local LAN access and a guest Network. - The Airport Extreme is setup as a bridged device (no routning enabled).

On the ASA5505, the Airport extreme was connected on a TRUNK port. - Untagged frames (local LAN) access would be Applied to vlan1 and as the Airport Extreme tags the guestnetwork with VLAN1003.... interface vlan1003 is used as the Guestnetwork.

No problem with the ASA - (although I am well aware, that Apple is using a reserved vlan)....

But on the cisco892fsp i´am now stuck... in IOS i can´t change or use vlan1003 as a nomal vlan, and i can´t use vlan mapping, as it is apparently not supported on the 89x switchmodule... don´t even know if it would work, but i was the only solution that came to mind.

Any ideas to get this working ?? - I can´t be the only one stuck with the vlan1003 issue :)

Regards /Ole

osoerensen · ‎08-12-2016

For anyone with the same issue, I ended up implementing a "workaround", using one of the routed interfaces (wan ports) on the Cisco892 for the guest Network, as it actually do support using the 1003 vlan tag on routed ports :)

This is my config on the Cisco 892, to enable the use of Apple Airport guestnetwork on vlan1003:

interface GigabitEthernet9
description *** GUEST NETWORK - TRUNK TOWARDS AIRPORT ***
no ip address
duplex auto
speed auto
!
interface GigabitEthernet9.1003
description *** GUEST NETWORK - AIRPORT Vlan1003 WORKAROUND ***
encapsulation dot1Q 1003
ip address 10.0.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
zone-member security GUEST