Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
981
Views
10
Helpful
4
Replies

Cannot Ping Cisco 1141 BVI-Address with multiple SSID's and Vlan's

YannikLieblinger
Level 1
Level 1

‎06-25-2016 10:55 AM - edited ‎07-05-2021 05:18 AM

Hi all,

i've trying to reconfigure my access point with multiple ssid's and vlan's. All is working great excpect the connectivity to BVI interfaces. 

Clients can connect to both SSID's and belong to the right vlan. But I can't ping from the 1141 any host and no host can ping the BVI address.

Here's my configuration:

Current configuration : 3113 bytes
!
! Last configuration change at 04:45:48 UTC Fri Mar 1 2002
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
!
logging rate-limit console 9
!
no aaa new-model
no ip routing
no ip cef
!
!
!
!
dot11 syslog
!
dot11 ssid Computers
 vlan 125
 authentication open
 authentication key-management wpa version 2
 mbssid guest-mode
 wpa-psk ascii 7 
!
dot11 ssid Phone
 vlan 120
 authentication open
 authentication key-management wpa version 2
 mbssid guest-mode
 wpa-psk ascii 7 
!
!
dot11 guest
!
!
!
!
!
bridge irb
!
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 125 mode ciphers aes-ccm tkip
 !
 encryption vlan 120 mode ciphers aes-ccm tkip
 !
 ssid Computers
 !
 ssid Phone
 !
 antenna gain 0
 mbssid
 speed basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
 station-role root
!
interface Dot11Radio0.120
 encapsulation dot1Q 120
 no ip route-cache
 bridge-group 120
 bridge-group 120 subscriber-loop-control
 bridge-group 120 spanning-disabled
 bridge-group 120 block-unknown-source
 no bridge-group 120 source-learning
 no bridge-group 120 unicast-flooding
!
interface Dot11Radio0.125
 encapsulation dot1Q 125 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 !
 encryption mode ciphers aes-ccm
 !
 encryption vlan 120 mode ciphers aes-ccm tkip
 !
 encryption vlan 125 mode ciphers aes-ccm tkip
 !
 ssid Computers
 !
 ssid Phone
 !
 antenna gain 0
 peakdetect
 no dfs band block
 mbssid
 speed basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
 channel dfs
 station-role root
!
interface Dot11Radio1.125
 encapsulation dot1Q 125 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 no keepalive
!
interface GigabitEthernet0.120
 encapsulation dot1Q 120
 no ip route-cache
 bridge-group 120
 bridge-group 120 spanning-disabled
 no bridge-group 120 source-learning
!
interface GigabitEthernet0.125
 encapsulation dot1Q 125 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface BVI1
 ip address 192.168.10.2 255.255.255.0
!
ip default-gateway 192.168.10.1
no ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
bridge 1 protocol ieee
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
 login local
 length 0
 transport input all
!
end

Would be really nice if someone could take a look into my config and maybe had an idea : ).

Regards Yannik 

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Scott Fella
Hall of Fame
Hall of Fame

‎06-25-2016 11:57 AM

Yannik,

With autonomous AP's, the BVI has to be the native vlan. So looking at your config, vlan 125 is your native, is the AP management ip on vlan 125?  There is no way to change this also.

-Scott 

*** Please rate helpful posts ***

-Scott
*** Please rate helpful posts ***

YannikLieblinger
Level 1
Level 1
In response to Scott Fella

‎06-25-2016 01:10 PM

Scott, thanks for your fast response.

So looking at your config, vlan 125 is your native, is the AP management ip on vlan 125?

Yes vlan 125 is our native trunk. On vlan 125 we use 192.168.10.0 255.255.255.0 ip range. 

Sorry, but is that what you mean?

I think it looks like the AP won't use the default gateway or something ist wrong with bridge-group 1. Cause it can't ping anything.

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to YannikLieblinger

‎06-25-2016 01:21 PM

Bridge-group 1 is used with the native vlan which you have.  Since vlan 125 is the vlan the AP management is on, then everything looks fine to me. From the console of the AP, can you ping the gateway of vlan 125?  You can always try to set the bvi to dhcp to see if the AP gets a dhcp address. Or connect a laptop to that switch port and verify that the laptop obtains an IP address and you have network connectivity. 

-Scott

*** Please rate helpful posts ***

-Scott
*** Please rate helpful posts ***

YannikLieblinger
Level 1
Level 1
In response to Scott Fella

‎06-25-2016 02:18 PM

I've set dhcp on. But BVI doesn't get an IP and I can't ping the default gateway. I only get now the following error on ping.

Unrecognized host or address, or protocol not running.

All other client's of the vlan get an ip from dhcp-server. 

Clients can connect to the phone and computers sssid and all is working great. I only can't get the management interfaces working.

Yannik

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card