Multiple SSID With Multiple VLANs configuration on Cisco Aironet APs: Assotiated clients cannot obtain IP addresses
I was just given this task to see how i can configure a second ssid for guest access in our environment.
this is our network setup prior to this request: Internet----Firewall (not ASA)---ce520---C1131AG and CME router is also connecting to the ce520 switch. we only have two vlans: one for voice and two for data.
Presently, there is no vlan configured on the AP because it on broadcasting ont ssid and wireless users gets IP from a windows DHCP server on the LAN. the configuration on the ce520 switch port for the AP and other switches say access vlan is the DATA vlan which automatically becomes the native vlan for all trunk port connecting the AP and other Stiches to the network.
Now with this new requirement, i have made my research and i have configured the AP to broadcast both the production and the guest Vlans. The two vlans are 20-DATA and 60-Guest. I made the DATA vlan on the AP the native vlan since the poe switch is using the DATA vlan as native on the trunk ports. I configured the firewall to serve as DHCP server for the guest ssid and i have added the ip helper-address on the guest vlan interface on all switches while the windows server remains the dhcp server for the production DATA Vlan. I have confirmed that the AP, switches can ping the default gateway of the guest dhcp server which is another interface on the firewall. I can now see and connect to all broadcasted ssids but the problem is I am not getting IP addresses from both the production dhcp server and guest dhcp server when i connected to the ssid one at a time.
My AP config is attached below.
Please tell me what am I doing wrong.
Do i need to redesign the whole network to have a native vlan other nthan the data vlan?
Does the access point need to be aware of the voice vlan?
Do the native Vlan on the AP need to be in Bridge-group 1 or can i leave it in bridge-group 20?
IntroductionFeatured ExpertQ: Does switch port support uplink the mac-sec link?Q: Will the older 16.10/16.12 IOS XE SD-WAN (stand-alone) images be maintained for a specific amount of time going forward? Will these stand-alone code branches receive mainten...
This is a two-step process.
Step 1: Need to add the FlexConnect AP to a FlexConnect Group.Step 2: Need to configure a FlexConnect ACL (to specify the local traffic-of-interest), and map it to that FlexConnect Group.
For step 1----------As in the i...
Hello , We faced issues with Cisco AnyConnect when trying to connect at home network. we have 2 scenarioScenario 1: one home network and Cisco AnyConnect gives "limited or no connectivity" error messageScenario 2: multiple networks and Cisco An...
Hello, We're running WLC 9800-40 with version 16.12.2t with SFP-10G-LR-S. I have some questions regarding SFP-10G-LR-S:1. Is this model supported by Cisco? If not Which model do you recommend for WLC9800-40?2. Would SFP-10G-LR-S cause issues with upg...
Hello, I just received my new 240ac access point!I tried to configure it twice now but each time I set the IP to be static I can wait more than an hour and it is still flashing 3 colors. Last time I lost my patience and after 30min I reset...