Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
779
Views
0
Helpful
4
Replies

mobility express with access port

stephan92
Level 1
Level 1

‎08-06-2018 01:44 PM - edited ‎07-05-2021 08:56 AM

Hi,

 

i try to configure 2800 with Mobility Express (ME) configuration connected to a switch on which is not possible to have a trunk port (802.1q). So I am in access port. I am using 8.5.x release and I have only one AP in ME (so it is master ME)

I have found on controller configuration (CLI) this command:

config ap flexconnect vlan disable

I didn't find sample configuration for ME with access port. So I might be wrong about the configuration.

All seems to be ok until I setup a VPN tunnel on a PC already connected to the AP. I use Cisco Anyconnect and I see connection/reconnection and VPN tunnel is not able to setup. I suppose this is a problem due to this access port configuration (MTU, VPN pass through issue...).

 

So, any recommendation would be appreciated on ME with Access port configuration.

 

Thanks

Stephan

Labels:
0 Helpful
4 Replies 4

Masato Ueoka
Cisco Employee
Cisco Employee

‎08-06-2018 02:00 PM

Hi
I you have single WLAN, can use management interface that is untagged.
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
-------------------------------- ---- -------- --------------- ------- ------ -----
management 1 untagged 192.168.129.xxx Static Yes No

(Cisco Controller) >show wlan 1


WLAN Identifier.................................. 1
Profile Name..................................... abcd
Network Name (SSID).............................. abcd
Status........................................... Enabled
~snip~
Webauth DHCP exclusion........................... Disabled
Interface........................................ management . <<<<
Multicast Interface.............................. Not Configured

If you want to separate the user's communication from a security point of view
recommended to use VLAN by trunk setting.

Regards,





0 Helpful

stephan92
Level 1
Level 1
In response to Masato Ueoka

‎08-06-2018 02:56 PM

Hi Masato,

thank you for your email. In fact, I don't have the choice. AP is connected
to an internet box which doesn't support 802.1q.
In my configuration I have 2 Wlan, 1 for 2.4GHz and 1 for 5GHz. would you
recommend in such configuration to keep only one WLAN?

(Cisco Controller) >show wlan summary

Number of WLANs.................................. 2

WLAN ID WLAN Profile Name /
SSID Status Interface
Name
-------
-------------------------------------
-------- --------------------
1 sweethome-room /
sweethome-room Enabled management
2 sweethome-room-5G /
sweethome-room-5G Enabled management

Any other particular configuration?

Thanks,
Stephan

0 Helpful

Masato Ueoka
Cisco Employee
Cisco Employee
In response to stephan92

‎08-06-2018 03:11 PM

Hi

In this case, This is no problem config 2 WLAN to separate 2.4 and 5g client as you configured.

 

client throughput point of view, this is recommended.

 

Thanks

 

 

 

0 Helpful

stephan92
Level 1
Level 1
In response to Masato Ueoka

‎08-06-2018 10:54 PM

Thank you Masato.

So, my Anyconnect VPN on my PC is working fine on others WiFi network but
it is not working with that configuration on Cisco ME. I have
disconnect/reconnect every 5s. It seems that VPN passthrough is an issue...

Any suggestions?

Thanks

Stephan
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card