Solved: Re: Port config for AP

samuel_M9 · ‎07-14-2012

Hello Experts

WLAN Controller 4400 series connected to Catalyst 4506 on vlan 12. Access switches got managment vlan 5 and vlan 1 shutdown.

what config is needed on ports were Access points are connected. Access switch is in vtp client mode.

cheers

Samuel

Scott Fella · ‎07-15-2012

You specified vlan 5 then vlan 4 on your port config?

You need to allow only the vlans you have defined in the wlc. You do not need to allow the ap vlan, only the management vlan and any vlans for the dynamic interface. The APs will communicate with the wlc via ip (layer 3). Open or secure authentication does not matter for this. Also you should tag the management vlan in case you do QoS. Using native vlan is fine, but tagging is the best way. The switchport config is fine if vlan 4 is your management vlan for the access points.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

Scott Fella · ‎07-14-2012

The ap will be on an access port. The vlan should be the vlan you want the ap manager interface on. So for example, you can say vlan 6 is strictly for access points sow the switch port config would be for example:

Interface gixx/x

description Access Point

switchport mode access

switchport access vlan 6

spanning-tree portfast

Make sure vlan 6 is configured on the access switch and being allowed on the trunk to the core. You wireless traffic gets tunneled back to the wlc and that would be a trunk port only allowing the wlc vlan and any vlans configured on the dynamic interfaces on the wlc.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Scott Fella · ‎07-14-2012

Here is a good link to follow

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080665cdf.shtml

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

samuel_M9 · ‎07-14-2012

Thanks Mate

I followed the link you provided, how Open auth and Secure Auth works. The trunk config for WLC are not allowing AP vlan 5, so how wlc communicates with AP. Do I need to tag management vlan as native.

my scenario got WLC and AP in same vlan and total AP will be 12, so this config ok on ports connecting to AP

Interface gi1/0/10

description Access Point

switchport mode access

switchport access vlan 4

spanning-tree portfast

Scott Fella · ‎07-15-2012

You specified vlan 5 then vlan 4 on your port config?

You need to allow only the vlans you have defined in the wlc. You do not need to allow the ap vlan, only the management vlan and any vlans for the dynamic interface. The APs will communicate with the wlc via ip (layer 3). Open or secure authentication does not matter for this. Also you should tag the management vlan in case you do QoS. Using native vlan is fine, but tagging is the best way. The switchport config is fine if vlan 4 is your management vlan for the access points.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

samuel_M9 · ‎07-16-2012

Thanks scott

jjose · ‎10-03-2018

Hi Scott, I can see from the diagram, that the link connected to the AP is allowing vlan 5 only. Is Vlan 5 the management vlan for the AP? If so, we should have that valn allowed in the link between ap and the wlc, right?