Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
961
Views
0
Helpful
11
Replies

VLAN trunk and native vlan - DHCP issue

JCAA
Level 1
Level 1

‎06-27-2023 09:06 AM

Hello

I'm trying to configure our Wifi infrastructure based on Ubuquiti access points, Ubiquiti controller and Cisco 9200L switches. Our 9200L is connected to our firewall. A default route as been configured to route all trafic to FW. Our DHCP server is hosted on our Windows server in other site.

The management IP address of Our AP are in the management network (VLAN1000). I created SSID "CorporateNET"  on the Unifi controller tagged with ID VLAN 30.

On the Unifi appl:

  • My access point is configured with static IP (10.0.2.12/255.255.255.0 ang GW 10.0.2.1) and the Management Network is configured to Default (Default is the network configured by default on the controller).
  • I created an a network "CorporateNET" and set the VLAN ID to 30
  • I created a SSID "CorporateNET" with "CorporateNET" network associated

On my 9200L switches, I have this configuration :

!

vlan 30

name CorporateNET

!

vlan 1000

name Management

!

interface Vlan30

 description CorporateNET

 ip address 10.0.30.1 255.255.254.0

 ip helper-address 10.31.10.10

 no ip redirects

 no ip proxy-arp

!

interface Vlan1000

 description NET_ADMIN

 ip address 10.0.2.1 255.255.255.0

 ip helper-address 10.31.10.10

 no ip redirects

 no ip proxy-arp

!

interface GigabitEthernet2/0/11

 description AP Wifi

 switchport trunk native vlan 1000

 switchport trunk allowed vlan 30,1000

 switchport mode trunk

switchport nonegotiate

 storm-control broadcast level 10.00

 storm-control multicast level 10.00

 storm-control action trap

 spanning-tree portfast trunk

 spanning-tree guard root

!

With this configuration when I connect my laptop to SSDI "CorporateNet", I reveive an IP on management network and no on the correct network (10.0.30.0/23). If I change the native vlan and switch from "switchport trunk native vlan 1000" to "switchport trunk native vlan 30", I have an IP on the correct network (10.0.30.0/23). I receive always the IP for the native vlan. But if I add other SSID with other networks, I will have problem..

If I configure an interface with access vlan30, my laptop receive the correct IP.

What is my error in the configuration ? And why,  when I configure switchport trunk native vlan 1000, when my laptop is connected on CorporateNET SSID, I don't received ip for the correct network ?

BR

Labels:
0 Helpful
11 Replies 11

Reza Sharifi
Hall of Fame
Hall of Fame

‎06-27-2023 10:02 AM

Hi,

What if you make the port a trunk port and remove the native vlan command?  Example:

nterface GigabitEthernet2/0/11

 description AP Wifi

  switchport trunk allowed vlan 30,1000

 switchport mode trunk

switchport nonegotiate

 storm-control broadcast level 10.00

 storm-control multicast level 10.00

 storm-control action trap

 spanning-tree portfast trunk

 spanning-tree guard root

 

0 Helpful

JCAA
Level 1
Level 1
In response to Reza Sharifi

‎06-27-2023 10:07 AM

Hi,

If i remove native vlan, no ip delivered. 

BR

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to JCAA

‎06-27-2023 10:16 AM - edited ‎06-27-2023 10:16 AM

If i remove native vlan, no ip delivered.

I guess that is because the native command also exists on the firewall. If you remove the native command, it would have to be from both the switch and the firewall. 

Where is the wireless controller? Is it also connected to the 9200 via a layer-2 trunk port?

HTH

0 Helpful

JCAA
Level 1
Level 1
In response to Reza Sharifi

‎06-27-2023 10:33 AM

No the controller is hosted on our IaaS Azure infrastructure. It's a windows server hosted on a dedicated host. Our DHCP is hosted in our on-prem datacenter in other site where we have access points

0 Helpful

MHM Cisco World
VIP
VIP

‎06-27-2023 10:46 AM

AP is run as standalone or control via WLC ?

0 Helpful

JCAA
Level 1
Level 1
In response to MHM Cisco World

‎06-27-2023 11:10 AM

The AP is managed by the Unifi controller

0 Helpful

MHM Cisco World
VIP
VIP
In response to MHM Cisco World

‎06-27-2023 11:14 AM

Your AP is control by WLC so go to their and check ssid-vlan mapping 

If wlc push native vlan in ssid-vlan mapping so what you config as native vlan is take effect.

This not issue of ap nor sw it issue of controller mapping.

0 Helpful

JCAA
Level 1
Level 1
In response to MHM Cisco World

‎06-27-2023 12:05 PM

The configuration on the controller is very basic. I just created 1 network for management and 1 for CoporateNET and for each, the only settings are the network name, the vlan ID(the same number ID than vlan created on 9200L) and for gateway, it's default third-party gateway (it's a L2 gateway). I attached the management network to the AP and the CorporateNET network on the SSID CorporateNET.

0 Helpful

MHM Cisco World
VIP
VIP
In response to JCAA

‎06-27-2023 12:10 PM

Can I see control config of wlan 

0 Helpful

JCAA
Level 1
Level 1
In response to MHM Cisco World

‎06-27-2023 12:12 PM

The wlan configuration on Ubiquiti controller?

0 Helpful

JCAA
Level 1
Level 1
In response to JCAA

‎06-27-2023 11:22 PM

Hi

Find here an attach files of my networks configuration on Unifi Controller and AP configuration..

Preview file
107 KB
Preview file
58 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card