Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1360
Views
0
Helpful
2
Replies

Aironet not native VLAN for management

kab00m
Level 1
Level 1

‎10-20-2019 04:33 AM - edited ‎07-05-2021 11:10 AM

Greetings,

I have outdated AIR-BR1310 with broken configuration. This is not about fixing it, but mostly about understanding why it works like it works.

 

BR1310 is connected via trunk interface. Native VLAN have nothing, VLAN 26 is for wireless and VLAN 20 is for management. Configuration will follow.

 

After some experiments I had learned the following:

1. There is no routing (even default gateway) if BVI1 have no IP address.

2. There is no way to have routing on other BVI interface.

3. IP works if FastEthernet0.20 have IP address (but without routing).

4. There is no way to remove bridge-group1 from FastEthernet0, so there is no way to disconnect native VLAN with BVI1.

 

I conclude that only native VLAN (which arrive to FastEthernet 0 and hard-attached to BVI1) can be the management one, so I can ping or tftp via router. 

 

Is there a proper configuration to have management working over not-native VLAN?

 

interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 26 mode ciphers aes-ccm tkip

bridge-group 1

bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled

!

interface Dot11Radio0.26
encapsulation dot1Q 26
no ip route-cache
no snmp trap link-status
bridge-group 26

bridge-group 26 subscriber-loop-control
bridge-group 26 block-unknown-source
no bridge-group 26 source-learning
no bridge-group 26 unicast-flooding
bridge-group 26 spanning-disabled

!

interface FastEthernet0
no ip address
no ip route-cache
l2-filter bridge-group-acl
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled

!

interface FastEthernet0.20
encapsulation dot1Q 20
ip address 172.20.20.21 255.255.255.0
no ip route-cache
no snmp trap link-status
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled

!

interface FastEthernet0.26
encapsulation dot1Q 26
no ip route-cache
no snmp trap link-status
bridge-group 26
no bridge-group 26 source-learning

!

interface BVI1
no ip address
no ip route-cache

!

ip default-gateway 172.20.20.254

Sincerely yours.
1 person had this problem
Labels:
0 Helpful
2 Replies 2

kirm
Level 1
Level 1

‎07-09-2020 09:20 AM

I've got a Aironet 1532i and it is a real hassle to work with, TBH. I'm no expert but I had 2 subnets up and running with other equipment super fast and easy. With the Aironet it's an exercise in patience and endurance.

 

I'm having the same issues as you. I've figured out in my own case that you need a BVI with the same vlan number to get DHCP to work and to hit the router.

 

So in my case I'm using 10 as the VLAN for wireless  with sub-ints on both radios and the PoE Gig port. I've got a BVI 10 with an IP address of 10.10.10.11 and, subsequently my laptop does pull and address from the DHCP pool and ipconfig says the DHCP server is the BVI address. The problem now is that when I added the BVI(10) my config got shuffled around, believe it or not. Then somehow the vlan i need got changed to a native VLAN and, of course, now I can't hit the router. (Native VLAN strips the tag). I'm trying to change it back to none native but it's not working. It has to be none native so that the tag stays intact until it hits the router.

 

I know all at once it's going to hit me that it all makes perfect sense, all Cisco stuff does, but right now it's costing me lots of time and effort. I know you're not using native DHCP on the device but try adding BVIs for 20 and 26 and see what happens. Assign the BVIs IPs that are in the subnet too.

 

If any Cisco experts could chime in with an overall overview of Cisco wireless equipment and how it works it would be most appreciated.

 

0 Helpful

kirm
Level 1
Level 1
In response to kirm

‎07-09-2020 09:26 AM

ETA: How my config got shuffled when I added BVI 10 was the bridge group 10 was added to the main interface on radios and Gig0 and the default bridge group, 1, was added to the sub interfaces. At that point I started to get and ip and I could reach the router. I think that's the way it's supposed to be but again, any help by a Cisco guru would be so much appreciated.

 

Then I started to mess around with the config and ended up screwing up the vlans. They got tagged as native. Trying to fix that now.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card