Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1778
Views
8
Helpful
14
Replies

Native vlan tagging and vty access to Autonomous APs

trevormark
Beginner
Beginner

‎01-15-2013 08:42 PM - edited ‎03-07-2019 11:06 AM

Hello and thanks for reading!          

I've been experimenting with the 'vlan dot1q tag native' command on a switch and it seems as though tagging the native vlan breaks vty access to my access point.

With the 'vlan dot1q tag native' commnand applied, I lose management connectivity to the AP with 'no vlan dot1q tag native' applied, connectivity is restored. Why is this? Is it safe to say that one can access the AP via vty lines using ONLY untagged packets?

Can anyone shed light on this?

SWITCH

Model: WS-C3560G-24PS

Code: c3560-advipservicesk9-mz.122-46.SE


--Abbreviated CONF

vlan dot1q tag native

!

interface GigabitEthernet0/1

description AIRONET

switchport trunk encapsulation dot1q

switchport trunk native vlan 2

switchport trunk allowed vlan 2,4,8,16

switchport mode trunk

-------------------------

ACCESS POINT

Model: AIR-AP1042N-A-K9 

Code: c1140-k9w7-mx.124-25d.JA1

--Abbreviated CONF

interface Dot11Radio0.2

encapsulation dot1Q 2 native

no ip route-cache

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface GigabitEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

no keepalive

!

interface GigabitEthernet0.2

encapsulation dot1Q 2 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled


Labels:
0 Helpful
14 Replies 14

Andras Dosztal
Participant
Participant

‎01-15-2013 09:20 PM

This config was copied from one of my operating 1131AG APs:

Switch:

interface FastEthernet0/21
 description AP
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 2
 switchport mode trunk
 spanning-tree portfast
 spanning-tree bpduguard enable

AP:

interface Dot11Radio0.3
 encapsulation dot1Q 3
 no ip route-cache
 no cdp enable
 bridge-group 3
 bridge-group 3 subscriber-loop-control
 bridge-group 3 block-unknown-source
 no bridge-group 3 source-learning
 no bridge-group 3 unicast-flooding
 bridge-group 3 spanning-disabled
!
interface FastEthernet0.2
 description Management
 encapsulation dot1Q 2 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface FastEthernet0.3
 description SSID 
 encapsulation dot1Q 3
 no ip route-cache
 no cdp enable
 bridge-group 3
 no bridge-group 3 source-learning
 bridge-group 3 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
 hold-queue 160 in
!
interface BVI1
 ip address 
 no ip route-cache

trevormark
Beginner
Beginner

‎01-15-2013 09:40 PM

Andras,

Is native vlan tagging enabled on this switch?

Sent from Cisco Technical Support iPhone App

0 Helpful