Hi:

i have two vlans in my network vlan 1 and vlan 30 , i try to configure my AP (1200) to have the two vlan 1 and 30,by give to ssid for each vlan, but my problem that the vlan 1 is work AP , but the vlan 30 doesnt being added to vlan, it can authenticate using leap but cant connect to any station in vlan 30, the following are my configuration for the AP:

aaa session-id common

dot11 network-map

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers tkip wep128

!

encryption vlan 1 mode ciphers tkip wep128

!

encryption vlan 30 mode ciphers tkip wep128

!

ssid root

vlan 1

authentication network-eap eap_methods mac-address mac_methods

!

ssid root1

vlan 30

authentication network-eap eap_methods mac-address mac_methods

!

world-mode

speed basic-1.0 2.0 5.5 11.0

rts threshold 2312

channel 2422

station-role root

l2-filter bridge-group-acl

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio0.30

encapsulation dot1Q 30

no ip route-cache

bridge-group 30

bridge-group 30 subscriber-loop-control

bridge-group 30 block-unknown-source

no bridge-group 30 source-learning

no bridge-group 30 unicast-flooding

bridge-group 30 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

l2-filter bridge-group-acl

!

interface FastEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface FastEthernet0.30

encapsulation dot1Q 30

no ip route-cache

bridge-group 30

no bridge-group 30 source-learning

bridge-group 30 spanning-disabled

!

interface BVI1

ip address 10.100.3.26 255.255.252.0

no ip route-cache

!

ip default-gateway 10.100.1.1

ip http server

ip http authentication aaa

ip radius source-interface BVI1

logging history errors

logging facility local3

snmp-server community xxx

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps tty

snmp-server enable traps entity

snmp-server enable traps disassociate

snmp-server enable traps deauthenticate

snmp-server enable traps authenticate-fail

snmp-server enable traps dot11-qos

snmp-server enable traps wlan-wep

snmp-server enable traps config

snmp-server enable traps syslog

snmp-server enable traps aaa_server

snmp-server enable traps switch-over

snmp-server enable traps rogue-ap

snmp-server host 172.20.228.71 msg

radius-server local

nas 10.100.2.70 key xxx

nas 172.20.228.70 key xxx

!

radius-server host 172.20.228.70 auth-port 1645 acct-port 1646 key xxxx

radius-server host 10.100.2.70 auth-