06-02-2023 11:20 PM - edited 06-02-2023 11:26 PM
Long story short, I updated my main SSID to use VLAN 10 and added VLAN 25 with its own SSID. After applying the change I lost access to the AP web interface. I don't know how to get it back. None of the wireless clients on either VLAN can get to it. I have tried https://ciscobusiness.cisco and https://ip.address.
The wireless clients can still access the Internet just fine. Wireless clients cannot ping the AP IP address.
Switch PoE port is has native VLAN 1 and associated VLANs 10 and 25. Adjacent switch port has native VLAN 1 and associated VLAN 10. Adjacent port has my laptop wired in. I tried setting the Ethernet network adapter to VLAN 1 and 10. Neither are able to load the AP web interface. But on VLAN1, the laptop can ping the AP. On VLAN10, it cannot ping it.
I have access to the CLI console but after I login to it with putty, the only commands present are cli-access, hash, validate, and logout. I can't find any reference material online anywhere for the CLI console.
I have a TAC case open but they don't seem to be taking me seriously.
Solved! Go to Solution.
06-03-2023 09:56 AM - edited 06-03-2023 09:58 AM
Hi
This device does not support CLI at the level you would need. At least Cisco does not put it in a doc as far as I could see.
But your setup seem to be pretty simple. I believe the problem started when you added the second WLAN right, I am wondering if you choose the Native vlan on the AP side in Global AP config.
And if you change here to tag on both WLANs. This would be a trunk on the AP side.
By the way, the laptop in trunk is not required as usually windows (if that is the case) does not understand tagging natively. So, dont mater if you use trunk or not it will ignore the tag. Either you use it in vlan 10 or vlan 1.
I know sounds odd but you may need to factory reset it.
06-03-2023 03:45 AM
Hi
Which is the AP´s management IP address and what IP address you get on the wired network?
If seems you have two switches? Switch PoE and Adjacent switch ? Are they connected using trunk?
Did you try to put Vlan10 as native on the switch port that connects to you AP?
And then put the port you plug your laptop also on vlan 10?
06-03-2023 06:34 AM
I'm not an expert on the CBW APs but agree with Flavio - as a general rule the management interface should be untagged - native vlan in other words. If that doesn't help then the obvious thing to do is factory default reset of the AP then reconfigure it again.
06-03-2023 08:49 AM
The AP management IP is 10.0.10.2. The switch is 10.0.10.1. The laptop is 10.0.10.8. All are on a /25 network.
One switch, two ports involved. AP is in port 8 and laptop is in port 6. Both ports are configured as VLAN 1 native and VLAN 10 associated. Both ports are in trunk mode.
Yes I did try VLAN 10 native on the ports, that cut everything off on the AP, wireless clients could no longer connect and the laptop could no longer ping the AP. I tried setting laptop Ethernet as VLAN 1 and 10.
Yes the switch port for laptop was also VLAN 10.
I was unaware that changing the VLAN of the primary SSID would also change the management interface VLAN but apparently it does. I was hoping to avoid factory reset, especially if there was a way to reverse course through the CLI. But it sounds like that is the only option at this point.
06-03-2023 09:56 AM - edited 06-03-2023 09:58 AM
Hi
This device does not support CLI at the level you would need. At least Cisco does not put it in a doc as far as I could see.
But your setup seem to be pretty simple. I believe the problem started when you added the second WLAN right, I am wondering if you choose the Native vlan on the AP side in Global AP config.
And if you change here to tag on both WLANs. This would be a trunk on the AP side.
By the way, the laptop in trunk is not required as usually windows (if that is the case) does not understand tagging natively. So, dont mater if you use trunk or not it will ignore the tag. Either you use it in vlan 10 or vlan 1.
I know sounds odd but you may need to factory reset it.
06-03-2023 11:23 AM
Agreed I believe it was after I added second WLAN, at that same time though I adjusted the first WLAN to VLAN 10 exactly in your screenshot for VLAN tagging. So basically I locked myself out of VLAN 1 on the AP. Looks like I will be factory resetting it then.
I am puzzled as to why Cisco even bothered to put a console interface on the AP if it is completely useless. A different topic for another day.
06-04-2023 04:18 AM
The console will be for AP recovery in case of firmware corruption etc. But only TAC will have the (hidden) commands needed to use it. And it may even be locked down with a token which only TAC can generate.
06-03-2023 11:39 AM
Well this is interesting, I factory reset the AP and the web interface still doesn't work. It got a new IP from DHCP and I can ping that IP but the web interface still will not load on http or https. I am starting to suspect hardware failure. I will update this on the TAC.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide