cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
925
Views
0
Helpful
2
Replies

Bridging multiple vlans across workgroup bridge using MESH APs

Steven Shelton
Level 1
Level 1

Customer needs to reach remote areas with wireless networking.  The remote device will connect to the ethernet port of the MAP.  The RAP with Ethernet bridging enabled will bridge the VLAN to which it's ethernet interface is connected. 

In this case, the RAP needs to use trunking and accept two vlans one will get bridged to the MAP and the other vlan will get routed to the wireless controller.

I see where this might be done, under the MESH tab of the RAP, click on the ethernet interface and vlans can be added; also same for the MAP, on the MESH tab, select the ethernet interface and add Vlans.  There's a warning message that appears that indicates this configuration is not active is the vlans are back-hauled. 

Is there anyway to achieve trunking two vlans to the RAP ethernet interface, having one vlan for capwap access and the other vlan is bridged to the MAP for ethernet bridged traffic.

2 Replies 2

Sam Smiley
Level 3
Level 3

Here is a video that was helpful for me setting up a wireless trunk back to a corporate office. This is the simplest that it can be to configure two access point in a bridge. This video however doesn't go into to switch configs on either end of the wireless bridge.

https://youtu.be/h9m63BhsYsA

If everything is correct on your switch and routing assigning the VLANs to each interface that encapsulates these packets. Make sure each VLAN that you need to the remote location is assigned to the appropriate interfaces in the two access points and that each switch is sending appropriate VLAN information from either end.

If you want to see configs for the APs, I have mine posted in another thread.

https://supportforums.cisco.com/discussion/13113261/replace-air-lap1252ag-k9-air-lap1142n-k9-root-bridge-clients

Regards,

Sam

Thanks for your response, Sam.  I should have mentioned that these APs are LAPs.

I think I was confusing myself, when I came back to work this morning with a fresh mind, I was able to start from scratch and get this working in a matter of minutes.

One point I would like to make to others who might need this configuration.  The RAP will transmit the native vlan to the MAPs. 

Starting with the RAP  configure the native vlan and the other vlans that you need at the remote ends.  In my case, the native vlan is the path for the capwap and other mgmt traffic.  The other vlan, in my case, carried untrusted traffic and was the path to the DMZ.

Once the RAP is configured, you will see the MAP has learned the native vlan and you can't change it at the MAP.  While on the MESH tab in the GUI, toward the bottom of the screen at the ethernet interfaces, click the active interface and there's where you configure how the MAP's ethernet interface behave. In my case, I needed an access port on a non-native vlan.  Add the vlan number and it must also be on the RAP's ethernet port.

At this point, the device connected to the MAP was reachable.  I skipped over the switch port configuration, it's configured as a trunk port with native vlan matching the native vlan on the RAP and the non-native vlans must match on each side.

That's it

Review Cisco Networking for a $25 gift card