11-09-2012 07:40 AM - edited 03-07-2019 09:57 AM
Hi, all!
I have 3 VLANs here that need to be on the same network segment. They are going to be used by our Wi-Fi network (with Aironet APs), bound to 3 different SSIDs (as Aironet APs doesnt allow multiple SSID per VLAN), each one with a different authentication method and server.
Is there a way to bridge those VLANs together with a Catalyst 3750 switch? I tryed configuring an IP address on one of the VLAN interfaces, then configuring a bridge with the vlan-bridge protocol (Catalyst 3750 doesnt have the "ieee" bridge protocol type) and put all 3 VLAN interfaces on the same bridge-group, but it didnt work (even with "bridge x route ip").
I also tryed configuring IRB bridging, with the 3 VLAN interfaces on the same bridge-group and an IP address on the BVI interface (the way I used to do with old 2600 routers). Same result.
(actually, I didint test to see if the interfaces are actually being "bridged", but I see neither of them can reach the router)
Is there a way to do this?
Thanks in advice!
Rodolfo
11-12-2012 07:50 PM
Hi,
You can create SVI interfaces for VLANs on 3750, create VLANs on AP connect them as trunk I have done it myself
VLAN 22 e.g. Wireless LAN, also you can create few wireless LAN.
3750:
int vlan 10
ip add 10.0.10.1 255.255.255.0
ip helper-address 10.0.10.10
no shut
int vlan 22
ip add 10.0.22.1 255.255.255.0
ip helper-address 10.0.10.10
no shut
int g1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 10
AP:
dot11 vlan-name Native_vlan vlan 10
dot11 vlan-name eni.wip vlan 22
!
dot11 ssid test
vlan 22
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 040A59555B701E1D5D
!
!
!
username Cisco password 7 05280F1C2243
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 22 mode ciphers tkip
!
ssid test
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.10
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.22
encapsulation dot1Q 22
no ip route-cache
bridge-group 22
bridge-group 22 subscriber-loop-control
bridge-group 22 block-unknown-source
no bridge-group 22 source-learning
no bridge-group 22 unicast-flooding
bridge-group 22 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
!
encryption vlan 22 mode ciphers tkip
no dfs band block
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.22
encapsulation dot1Q 22
ip dhcp relay information trusted
no ip route-cache
bridge-group 22
bridge-group 22 subscriber-loop-control
bridge-group 22 block-unknown-source
no bridge-group 22 source-learning
no bridge-group 22 unicast-flooding
bridge-group 22 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.10
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.22
encapsulation dot1Q 22
no ip route-cache
bridge-group 22
no bridge-group 22 source-learning
bridge-group 22 spanning-disabled
!
interface BVI1
ip address dhcp client-id FastEthernet0
no ip route-cache
!
ip default-gateway 10.0.10.1
Please rate helpful posts.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: