cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
512
Views
0
Helpful
10
Replies
Highlighted
Beginner

Issue Accessing the Cisco Switch from LAN network

I have a core switch and Wifi Switch where Access Points are connected to Wifi Switch. This is how it has been configured.

Wifi VLAN 20

LAN - VLAN1

Port 27 Core - 1U, 20 T (Mode - Trunk Port)

Port 21 Core - 20 U ( Access Port)

Port 1 WIFI - 1U, 20T (Mode - Trunk Port)

Port 8  Wifi (APs ports) - 20U (Access Port)

 

Port 27 is connected to Firewall which handles all the routing.

Port 1 Wifi is connected to Port 21 on the Core

Port 8 on the Wifi is connected to Unifi AP

This is how it has been setup by someone. After the power failure it is now breaking the wifi network.

If I change the Wifi Port 1 to 20U, it picks up the Wifi network but I can not access the management network from the the LAN network. I need to plug the laptop on the Wifi Switch and manually enter the LAN network to access the Wifi GUI

These are Cisco SG300-28 switches.

As I am new, I am wondering what wrong with this setup.

Please let me know if you need more details.

 

 

10 REPLIES 10
Highlighted
Rising star

Hi,

I am not sure I fully understand your setup. Can you please try to change your Port 21 Core to the Trunk port with the settings as 1U, 20T and see the result.

Best regards,

Antonin 

Highlighted

Hi Antonin,


Thanks for taking time to look at the issue. I already tried the solution you suggested and I had the same result. I don't know what is going on with that switch. Please let me know if you need any further info.


Thank You
Highlighted

Hi,

Thanks for the reply. Which Vlan is your management network? What is the port configuration at the WjFi switch you are connecting your laptop to.

Thanks & Regards,

Antonin

Highlighted

Vlan 1 is our management vlan. Now I am directly connected to the Cisco wifi switch as I could not access it from server but I am able to ping the server from wifi network but not pinging from server to wifi
Any thoughts??
Highlighted

Hi,

Thanks for the update.

Firstly to answer your questinon. My view is that your switches are set at Layer 2 mode as you have mentioned the firewall routing (can you please confirm) and also there are no ACL configured (please check at the Access Control tab). You have not answered my question as for the WiFi switch port assignment you have connected your laptop to. In my view it may be set up as 20U Access - can you please let me know and also your current setting of Port 1 of this WiFi switch is changed to 20U - can you please confirm.  If so than in my opinion you may be actually crossing the Vlan boundaries and your firewall rules may apply.

In my strong belief the only way to propagate both Vlans form the Core to WiFi (and back) via only one connection is to configure both ports (ie. port 1 WiFi and port 21 Core) same way as trunk with 1U, 20T. Have you really tried this configuration?  Is there any other connection between the Core and WiFi? If not the suggested configuration should NOT be breaking the WiFi network. As for the management Vlan (Vlan 1) can you please check that your WiFi IP is from the Vlan 1 assignment - btw. is it assigned via DHCP? I hope your server is also within Vlan1 (at the Core switch perhaps).

Best regards,

Antonin

Highlighted

Hi Antonion,

You are right. This is the Layer 2 switch and there is no ACL configured on it. All the routing has been configured on the Firewall.
Port 1 on the Wifi Switch is configured 1U, 20T which breaks no now another port is configured as 20U and linked to the Core Switch. There is only on interlink between core and Wifi which was 1 to 21 (1U, 20T)
Now it is 14 to 21 (20U)
My laptop is connected to one of the unused port on the Wifi switch (The setting is Trunk 1U) but I am not worried about this one.
APs connected to the Wifi Switch gets Wifi IP address (.20) not the VLAN1 IP address.Server is on the VLAN 1
IP addresses are assigned by DHCP on the Firewall.

Thanks for spending time to take alook at this. I am really appreciate this but I have no clue what we are missing here.
Please let me know if you need further info.

Thank YOu

Highlighted

Hi,

Thanks for the information supplied. Are you saying that the only CURRENT connection between Core and WiFi switches is via Port 21 of the Core and Port 14 of the WiFi with both settings as 20U? If so then Vlan 20 ONLY gets propagated between switches and that is why you cannot reach WiFi switch mgmt IP from the server connected at Core Vlan 1 and also your APs do not get their IP addresses from the Vlan 1 range.

What prevents you from configuring both Core Port 21 and WiFi (current) Port 14 as trunk (1U,20T) as I have suggested?

Perhaps I am missing something basic from your setup. Would it be feasible for you to post the configuration of both switches (with any sensitive information deleted)?

Best regards,

Antonin

Highlighted

As you explained here, I understand why AP did not get VLAN 1 IP address. I remembered I did this setting one time (Core Port 21 and WiFi (current) Port 14 as trunk (1U,20T)). I will try one more time and let you know.

On core Port 27 which is connected to Firewall is also configured as trunk (1U, 20T). Is that Okay?


Also when I make these port changes, should I restart the switches or it will work once it is changed. If I don't think I can get the screenshot of the settings but I will try.


Thank You.
Highlighted

Hello

Instead of writing down the port connection would it be possible of posting a topology diagram which will allow us to view your current setup and gain a better understanding of the problem?

 

res
Paul



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted

Hi,

Thanks for the reply. Port 27 configuration (trunk: 1U,20T) which connect to the FW makes sense and in my view it is OK. After making configuration changes you do not need to restart the switches. However when you reach the final configuration please do not forget to save.

Will you please let me know the result. Good luck!

Best regards,

Antonin 

Content for Community-Ad