Re: Encryption and VTP

misd.network.support · ‎02-21-2008

Hi all,

I have two Cisco 1300's acting as bridges only. I have created an infrastructure ssid on VLAN 2 and assigned this to the radio. I am carrying multiple VLANs between the bridges (using subinterfaces on the fastethernet and radio ports).

I have enabled WPA-PSK, but how do I check that this is being used between the bridges?

Also - I have a switch connected at each end of the bridge. When I make VTP changes, the remote switch does not pick these up - is this because VTP goes over VLAN1 regardless of the Native VLAN (2 in my case)?

Do I have to carry VLAN1 over the bridge to get VTP working, or is there an alternative solution?

Cheers,

Ben

Scott Fella · ‎02-25-2008

You do have to carry vlan 1 accross the link.

-Scott
*** Please rate helpful posts ***

misd.network.support · ‎02-25-2008

As soon as I enable a subinterface 0.1 for VLAN 1 on the fastEthernet port of the bridge, it can no longer contact the network through its directly connected interface.

Have I done something wrong? see below.

I have used the following commands:

dot11 ssid

infrastructure-ssid

int fastEthernet0.1

encapsulation dot1q 1

bridge-group 2

int fastEthernet0.2

encapsulation dot1q 2 native

bridge-group 1

int dot11radio0.1

encapsulation dot1q 1

bridge-group 2

int dot11radio0.2

encapsulation dot1q 2 native

bridge-group 1

ip route bridge 1

The switch port has this config:

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk allowed vlan 2

switchport trunk native vlan 2

Cheers,

Ben

Scott Fella · ‎02-26-2008

Try to make vlan 1 native... I think it needs to be this way.

-Scott
*** Please rate helpful posts ***

misd.network.support · ‎02-26-2008

I can't make vlan 1 native as the BVI interface needs to be on VLAN 2, and the BVI can only be on the native VLAN.

Looking through Cisco release notes they mention that the 1310 bridge now correctly supports VTP when the native VLAN is changed. I am on a version more recent than the release notes, but still can't get VTP working.

tmh9 · ‎04-17-2008

I'm in the same boat. For testing I wanted to try one of the exact versions that was supposed to fix this problem and they aren't available for download anymore. Have you found a version of IOS that fixes this?

misd.network.support · ‎04-17-2008

No - Ive given up. Im just manually updating VLAN information on the remote side of the bridge.

wesley8336 · ‎03-01-2012

Using 1240 series radios for a bridge - battled to get VTP working across the root to non root. The radios can still use native VLAN 2, but the switches trunk that was also confogured with VLAN 2 as the native, needs to be changed to native VLAN 1. The AP's still use the native VLAN 2 but as son I changed the native VLAN on the switches to VLAN 1 - the VTP was there.