cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2113
Views
0
Helpful
12
Replies

standalone 1602 ap with three SSID's

mohamarneh
Level 1
Level 1

dears.
I am configuring 11 1602 sap ap in one of our customer site...he wants three ssid one of them for wireless ip phones.
the problem I am facing is when I configure the port of the ap as trunk to allow 4 vlans on it,vlan for ap and the rest three vlans for ssids.I can reach the ap and the ssids not broadcasting...I already configured my core switches with dhcp for the vlans but it is not working....
the core switches running in vrrp active passive scenario...
please guide me in fixing this since I am not very familiar with wireless solutions.
what is the best practice for this..how to do it.


Sent from Cisco Technical Support Android App

1 Accepted Solution

Accepted Solutions

Hi Mohammed,

Have you added "mbssid" in the config.

Refer :  https://supportforums.cisco.com/docs/DOC-16087

Also attach the running config.

Thanks

Victor

*****Help out other by using the rating system and marking answered questions as "Answered"*****

Regards Victor V *****Help out other by using the rating system and marking answered questions as *****Answered"*****

View solution in original post

12 Replies 12

Hi Mohammed,

Have you added "mbssid" in the config.

Refer :  https://supportforums.cisco.com/docs/DOC-16087

Also attach the running config.

Thanks

Victor

*****Help out other by using the rating system and marking answered questions as "Answered"*****

Regards Victor V *****Help out other by using the rating system and marking answered questions as *****Answered"*****

mohamarneh
Level 1
Level 1

hi vector.
thx for your reply.
I did it ..I will attach the configuration tomorrow morning.
what about the things I have done so far..did I do it correctly...

Sent from Cisco Technical Support Android App

Sandeep Choudhary
VIP Alumni
VIP Alumni

HI Mohammed,

Use this command: "MBSSID GUEST-MODE".

Dont forget to to add the global command dot11 mbssid and then over the radio interface(s) mbssid.

Regards

Dont forget to rate helpful posts

Dears,

For now, i have fixed the issue of the SSID's but unfortunatily , i am not bale to give the wireless clients IP from the DHCP pool configured on the core switches.

The customer has two core switches running in VRRP  and the DHCP pool for each SSID is configured with its excluded IPs, any advise on this will be highly appreciated.

core switch configuration and also attaching the AP configuration

ip dhcp excluded-address 10.205.81.250 10.205.81.254

ip dhcp excluded-address 10.205.82.250 10.205.82.254

ip dhcp excluded-address 10.205.81.1 10.205.81.9

ip dhcp excluded-address 10.205.82.1 10.205.82.9

ip dhcp excluded-address 10.205.80.250 10.205.80.254

ip dhcp excluded-address 10.205.80.1 10.205.80.9

!

ip dhcp pool vlan81

   network 10.205.81.0 255.255.255.0

   default-router 10.205.81.250

   dns-server 8.8.8.8

!

ip dhcp pool vlan82

   network 10.205.82.0 255.255.255.0

   default-router 10.205.82.250

   dns-server 8.8.8.8

!

ip dhcp pool vlan80

   network 10.205.80.0 255.255.255.0

   default-router 10.205.80.250

   dns-server 8.8.8.8

found this logs about dhcp on core switch:

*Feb 16 02:30:12.498: DHCPD: Sending notification of DISCOVER:

*Feb 16 02:30:12.498:   DHCPD: htype 1 chaddr 8c70.5abf.4834

*Feb 16 02:30:12.498:   DHCPD: interface = Vlan1

*Feb 16 02:30:12.498:   DHCPD: class id 4d53465420352e30

*Feb 16 02:30:12.498: DHCPD: Sending notification of DISCOVER:

*Feb 16 02:30:12.498:   DHCPD: htype 1 chaddr 8c70.5abf.4834

*Feb 16 02:30:12.498:   DHCPD: interface = Vlan1

*Feb 16 02:30:12.498:   DHCPD: class id 4d53465420352e30

*Feb 16 02:30:12.498: DHCPD: there is no address pool for 10.205.60.250.

why it is trying to put it in vlan 1??? any ideas guys???

Hi

Post the "show run interface x/x" output of your AP connected switchport.

It should be something similar to this

interface gx/x

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk native vlan 82

Regarding AP config, I would suggest WPA2 & AES encription instead of TKIP. Also configure the same subinterfaces on Radio1 interface (to give better experience for 5GHz capable client devices). Also add a default gateway pointing to BVI IP subnet gateway address.

dot11 ssid AlYemni

   vlan 82

   authentication open

   authentication key-management wpa version 2

   mbssid guest-mode

   wpa-psk ascii 7 014A5151085A545B77141E

!

dot11 ssid AlYemni-Guests

   vlan 84

   authentication open

   authentication key-management wpa version 2

   guest-mode

   mbssid guest-mode

!

dot11 ssid AlYemni-VOICE

   vlan 83

   authentication open

   authentication key-management wpa version 2

   mbssid guest-mode

   wpa-psk ascii 7 144E455E5F55727D707A63

!

interface Dot11Radio0

encryption vlan 82 mode ciphers aes-ccm

encryption vlan 83 mode ciphers aes-ccm

encryption vlan 84 mode ciphers aes-ccm

!

interface Dot11Radio1

encryption vlan 82 mode ciphers aes-ccm

encryption vlan 83 mode ciphers aes-ccm

encryption vlan 84 mode ciphers aes-ccm

ssid AlYemni

ssid AlYemni-Guests

ssid AlYemni-VOICE

mbssid

station-role root

no shutdown

!

interface Dot11Radio1.82

encapsulation dot1Q 82 native

bridge-group 1

!

interface Dot11Radio1.83

encapsulation dot1Q 83

bridge-group 2

!

interface Dot11Radio1.84

encapsulation dot1Q 84

bridge-group 3

!

ip default-gateway 10.205.82.250

HTH

Rasika

**** Pls rate all useful responses ****

the output of show interface is as the following:

interface GigabitEthernet1/0/38

switchport trunk native vlan 80

switchport mode trunk

What about the BVI interface, should the ip of the interface be from the same native VLAn or what???

Currently, i am giving it from the same subnet of the native vlan, is it wrong???

Hi Mohammed,

Interface BVI should be on native vlan. So in your case your switchport connected to AP should be a trunkport with native vlan 82 (if your AP configuration is correct). In this case AP management & AlYemni SSID users will be on same vlan.

If vlan 80 is your native vlan for the rest of your network, then you need to create a seperate AP management interface on your AP and leave the current switchport config as it is. In that case here is the config you need to modify on your AP.

interface Dot11Radio0.80

encapsulation dot1Q 80 native

bridge-group 1

!

interface Dot11Radio0.82

encapsulation dot1Q 82 native

encapsulation dot1Q 82

bridge-group 4

!

interface GigabitEthernet0.80

encapsulation dot1Q 80 native

bridge-group 1

!

interface GigabitEthernet0.82

encapsulation dot1Q 82 native

encapsulation dot1Q 82

bridge-group 4

!

!

interface BVI1

ip address 10.205.82.1 255.255.255.0

ip address 10.205.80.1 255.255.255.0 <-Assuming this IP is free to assign for AP mgmt

!

ip default-gateway 10.205.80.250 <- Assuming this is the Gateway for vlan 80

HTH

Rasika

**** Pls rate all useful responses *****

hi Rasika

I did exactly as you mentioned, but still on the core switch, i can see the request from my MAC address of my laptop and the core decides to put me in VLAn 1 which is the native vlan on the switches, please advise???

Should i do something regarding the uplinks between the core switches and the edge switches???

really i am lost with this

Hi Mohammed,

Native vlan should be same across the board. If native vlan is 1 on your core, then that should be the native vlan on the AP connected trunk port. In that case AP BVI interface should be on vlan 1 subnet IP.

Make sure you can ping AP management IP from your core. That will verify basic reachability

HTH

Rasika

**** Pls rate all useful responses ****

Review Cisco Networking for a $25 gift card