OK, that makes sense.  As my layer 2 infrastructure is on separate physical switch stacks, with no routing on the lan, can I connect each network into a separate physical interface on the 2504?

It can be done, but it's much more complicated than you need. The easiest method will look kind of like below:

ssid1 -> wlan interface 1 (management interface/10.130.0.0/xx) -> VLAN 1

ssid2 -> wlan interface 2 (192.168.0.0/xx) -> VLAN 2

ssid3 -> wlan interface 3 (192.168.1.10/xx) ->VLAN 3

WLC physical port one ---> Switchport port xx (dot1q trunks with native vlan "the untagged one" matching on both sides)

The default gateway on each WLAN interface will be the L3 interface on the switch/router for each subnet.

The WLC is just a L2 pass through to the L3 switch/router where the routing is done.

If I understand, I need to create interfaces 2 & 3 to be dynamic, using physical port 1, then create a trunk on the switchport for all three VLAN's?  My problem is that I do not have a Layer 3 device on the lan, just seperate physical switch stacks for each network.  Any ideas on this?

You can try to connect the WLC ports 1, 2, and 3 to each switch respectively. Make sure you set the physical port for each WLAN interface independently.

I'm not sure if this will work as I haven't tested it myself, but it might.

Jerryard1,

Just a followup on what I was able to do. 

I have the 10.130.0.0 network on the management interface, port 1 with dynamic AP management enabled.  I then created a dynamic interface for the 192.168.1.0 network and have that on port 3, with dynamic AP disabled, both ports are untagged for VLAN's.

I then created a WLAN for each, but pointed the WLAN for 192.168.1.0 to the dynamic interface I created. The WLAN for 10.130.0.0 is pointed to the management interface.  All AP's come up on the 10.130.0.0 network.  Physical ports 1 and 3  on the 2504 are connected to it's respective switch stack.

I then enabled routing on their Sonicwall firewall to route between the two networks, all seems to work fine.

---

@jerryard1 wrote:

It can be done, but it's much more complicated than you need. The easiest method will look kind of like below:

 

ssid1 -> wlan interface 1 (management interface/10.130.0.0/xx) -> VLAN 1

 

ssid2 -> wlan interface 2 (192.168.0.0/xx) -> VLAN 2

 

ssid3 -> wlan interface 3 (192.168.1.10/xx) ->VLAN 3

 

WLC physical port one ---> Switchport port xx (dot1q trunks with native vlan "the untagged one" matching on both sides)

 

The default gateway on each WLAN interface will be the L3 interface on the switch/router for each subnet.

 

The WLC is just a L2 pass through to the L3 switch/router where the routing is done.

---

can you give an example?

HI,

we have currently running network infrastructure with 2VLANs and 5 DHCP scopes running with different ranges(configured IP helper to lease IPs in criteria ).

we are deploying 2504 WLC with 9 APs to the same network. 

we would like to have below setup done :

only one single SSID, it should lease multipple VLAN IPs from DHCP server.

is it possible? is there any configuration example available?

your help would be really appreciated.

thanks,

shihab

You can map a single SSID to multiple interfaces by using interface groups:

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0100110.html

The WLC will place the traffic in a specific subnet when it does its calculations.  If you want to place certain uses on specific vlans, then you need to use 802.1x and AAA overide.

-Scott 

*** Please rate helpful posts ***