Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
5768
Views
10
Helpful
1
Comments

WGB with multiple VLANs

Vinay Sharma
Level 7
Level 7

‎01-19-2012 12:45 AM - edited ‎11-18-2020 02:57 AM

 

 

Introduction

 

What is a Workgroup Bridge?

 

A Workgroup Bridge (WGB) is a small stand-alone unit that can provide a wireless infrastructure connection for Ethernet-enabled devices. Devices that do not have a wireless client adapter in order to connect to the wireless network can be connected to the WGB through the Ethernet port. The WGB associates to the root AP through the wireless interface. In this way, wired clients get access to the wireless network. The WGB connects to a hub through a standard Ethernet port that uses a 10-Base-T connector.

 

Many of us thought, the clients of a WGB had to be in the same vlan as what had been assigned to the SSID that the WGB used to associate to the root AP. This is not the case and you can put them into another VLAN quite easily, you just need to remember some rules:

 

1. WGB SSID it connects to root one must be native VLAN

2. ROOT AP must have 'infrastructure-client' configured on DotRadio to treat clients as infrastructure devices

 

Cut-down configuration

 

only including the necessary parts for multiple VLANs.



ROOT AP:

 

dot11 ssid WGB
vlan 10
!
int dot 1
encryption vlan 10 mode cipher wep128 <<-- this is optional
ssid WGB
station-role root
!
int dot 1.10
encapsulation dot1q 10 native
!
int dot 1.20
encapsulation dot1q 20
bridge 2
!
int fast 0.10
encapsulation dot1q 10 native
!
int fast 0.20
encapsulation dot1q 20
bridge 2
!
end


WGB AP: with dot1q capable switch connected:

 

dot11 ssid WGB
vlan 10
!
int dot 1
encryption vlan 10 mode cipher wep128 <<-- again optional
ssid WGB
station-role WGB
!
int dot 1.10

 

encapsulation dot1q 10 native
!
int dot 1.20
encapsulation dot1q 20
bridge 2
!
int fast 0.10
encapsulation dot1q 10 native
!
int fast 0.20
encapsulation dot1q 20
bridge 2
!
end


WGB Switch with Trunking:

 

interface GigabitEthernet1/0/1
   switchport
   switchport encapsulation dot1q
   switchport trunk native vlan 10
   switchport mode trunk
   switchport allowed vlan 10,20

 

 

-or-

 

WGB AP: with a client directly connected to FastEthernet or non-trunking switch

 

 

dot11 ssid WGB
vlan 10
!
int dot 1
encryption vlan 10 mode cipher wep128 <<-- again optional
ssid WGB
station-role WGB
!
int dot 1.10
encapsulation dot1q 10 native
!
int dot 1.20
encapsulation dot1q 20
bridge 2
!
int fast 0.10
encapsulation dot1q 10 native
!
int fast 0.20
encapsulation dot1q 20
bridge 2
!
workgroup-bridge client-vlan 20 <<---- this pushes all traffic from FastEthernet into VLAN20
end

 


WGB Switch without trunking:
interface GigabitEthernet1/0/1
   switchport
   switchport access vlan 20
   switchport mode access
   spanning-tree portfast

 

I didn't think the command 'workgroup-bridge client-vlan 20' actually worked, but to my surprise when I configured it as above I was able to successfully ping from a client directly connected to the FastEth on the WGB with no trunking enabled.

 

Reference

 

Cisco Aironet Workgroup Bridge FAQ

 

Access Point as a Workgroup Bridge Configuration Example

 

Comments
Michael Kiessling
Level 1
Level 1
‎02-26-2018 12:09 AM

Perfect summary. I was looking for something like this quite a while...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents