Olá,
Tenho o seguinte cenário.
Configurei 3 vlans no meu access point (Cisco 2602)
VLAN 254 Nativa
VLAN 11 Administrativa
VLAN 31 Visitantes
No switch eu fiz a seguinte configuração na porta:
interface GigabitEthernet1/0/44
description **AP**
switchport trunk native vlan 254
switchport trunk allowed vlan 254,11,31
switchport mode trunk
spanning-tree portfast trunk
O meu problema é o seguinte, eu não consigo pingar os gateways das VLANS 11 e 31 somente a vlan nativa.
Já revisei todas as configs do AP e nada me parece fora do normal.
Alguém consegue ajudar?
Segue config do AP
BT-SP-AP01#sh run
Building configuration...
Current configuration : 6034 bytes
!
! Last configuration change at 23:59:17 GMT Tue Mar 2 1993 by topazio
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname BT-SP-AP01
!
!
logging rate-limit console 9
!
aaa new-model
!
!
aaa group server radius rad_eap
server 172.x.x.x
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
server 172.x.x.x
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius rad_ea
server 172.x.x.x
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication enable default group tacacs+ enable
aaa authorization exec default local group tacacs+
aaa accounting network acct_methods start-stop group rad_acct
!
!
!
!
!
aaa session-id common
clock timezone GMT -3 0
no ip cef
ip domain name x.x.x
!
!
!
dot11 syslog
dot11 vlan-name MGMT-TOPAZIO vlan 254
dot11 vlan-name VLAN_SP_ADMWLAN vlan 11
dot11 vlan-name VLAN_SP_VISWLAN vlan 31
dot11 vlan-name VLAN_SP_VOIPWLAN vlan 21
!
dot11 ssid TPZ-VISITANTES
vlan 31
authentication open
guest-mode
!
dot11 ssid TPZB-SP
vlan 11
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa version 2
!
!
crypto pki token default removal timeout 0
!
!
!
!
ip ssh version 1
bridge irb
!
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 11 mode ciphers aes-ccm tkip
!
encryption vlan 21 mode ciphers aes-ccm tkip
!
encryption vlan 31 mode ciphers aes-ccm tkip
!
encryption mode ciphers aes-ccm tkip
!
encryption vlan 254 mode ciphers aes-ccm tkip
!
ssid TPZ-VISITANTES
!
ssid TPZB-SP
!
antenna gain 0
stbc
station-role root
!
interface Dot11Radio0.11
encapsulation dot1Q 11
no ip route-cache
bridge-group 11
bridge-group 11 subscriber-loop-control
bridge-group 11 spanning-disabled
bridge-group 11 block-unknown-source
no bridge-group 11 source-learning
no bridge-group 11 unicast-flooding
!
interface Dot11Radio0.31
encapsulation dot1Q 31
no ip route-cache
bridge-group 31
bridge-group 31 subscriber-loop-control
bridge-group 31 spanning-disabled
bridge-group 31 block-unknown-source
no bridge-group 31 source-learning
no bridge-group 31 unicast-flooding
!
interface Dot11Radio0.254
encapsulation dot1Q 254 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
!
encryption vlan 11 mode ciphers aes-ccm tkip
!
encryption vlan 21 mode ciphers aes-ccm tkip
!
encryption vlan 31 mode ciphers aes-ccm tkip
!
encryption mode ciphers tkip
!
ssid TPZ-VISITANTES
!
ssid TPZB-SP
!
antenna gain 0
no dfs band block
channel dfs
station-role root
!
interface Dot11Radio1.11
encapsulation dot1Q 11
no ip route-cache
bridge-group 11
bridge-group 11 subscriber-loop-control
bridge-group 11 spanning-disabled
bridge-group 11 block-unknown-source
no bridge-group 11 source-learning
no bridge-group 11 unicast-flooding
!
interface Dot11Radio1.31
encapsulation dot1Q 31
no ip route-cache
bridge-group 31
bridge-group 31 subscriber-loop-control
bridge-group 31 spanning-disabled
bridge-group 31 block-unknown-source
no bridge-group 31 source-learning
no bridge-group 31 unicast-flooding
!
interface Dot11Radio1.254
encapsulation dot1Q 254 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0.11
encapsulation dot1Q 11
no ip route-cache
bridge-group 11
bridge-group 11 spanning-disabled
no bridge-group 11 source-learning
!
interface GigabitEthernet0.31
encapsulation dot1Q 31
no ip route-cache
bridge-group 31
bridge-group 31 spanning-disabled
no bridge-group 31 source-learning
!
interface GigabitEthernet0.254
encapsulation dot1Q 254 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface BVI1
ip address 172.29.239.252 255.255.255.0
no ip route-cache
!
ip default-gateway 172.29.239.1
no ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
!
radius-server attribute 32 include-in-access-req format %h
radius-server host 172.29.x.x key 7 00363302556E18323F1B
radius-server vsa send accounting
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
password 7 0232544B2B1C5E717F7E
transport input ssh
line vty 5 15
exec-timeout 30 0
password 7 053F561F01561F592A35
transport input ssh
!
end
