Re: Strange reboot behaviour on 1815i with multiple SSIDs and VLANs?

mrhcarlin · ‎06-28-2019

Quick topology overview before I get onto the issue:

I have a Catalyst 3560X-24P (switch 1) with ports 1-22 untagged VLAN 10. Port 22 is tagged VLANs 10 and 20 and connected to a 1815i running Mobility Express v8.5 with two SSIDs on the aforementioned VLANs respectively. Port 23 is also tagged VLANs 10 and 20 and links another Catalyst 3560X-24P (switch 2), with its own port 23 set up the same. Port 24 on switch 1 is untagged VLAN 10 and connected to an ASA 5512, and port 24 on switch 2 is untagged VLAN 20 and connected to the same ASA. DHCP on the ASA is set up to give VLAN 10 a 192.168.255.0/24 address, and VLAN 20 a 192.168.253.0/24 address. The AP itself has a static address on the VLAN 10 network.

So...

Everything is working fine, clients can connect to either SSID and get a DHCP address from the correct range. The issue is that when the AP is rebooted, it doesn’t come back online fully and the LED starts blinking red, which apparently means “Ethernet link is not operational”. At a guess, it could be because the VLAN tagging on switch 1 port 22 isn’t allowing traffic (management traffic?) to get out during its boot procedure, but I don't know why. I also don't know why that would prevent the SSIDs from broadcasting, which I would still expect them to do even with there being network connectivity issues. I can, however, access/log into the AP via its console port. If I set port 22 on switch 1 back to access mode, the AP will sort itself out after a couple of minutes. And when the AP is properly back up, I can set port 22 to a trunk port again and everything works fine. So the AP seems to be perfectly happy with the configuration when it's fully operational, but not when it's rebooting for some reason.

Thanks,

Matt

Leo Laohoo · ‎06-28-2019

What firmware is the AP and the switch running on?

mrhcarlin · ‎07-01-2019

Hey,

Both switches are running "12.2 (55) SE5", and the AP is running "8.5.120.0".

Thanks,

Matt

Leo Laohoo · ‎07-01-2019

Look, I'm not troubleshooting any AP problem if the WLC is running the very-buggy 8.5.120.0!
Update the WLC firmware to, a minimum, 8.5.151.0.
As for the switch, 12.2(55)SE5 is very old. Update it to the latest 12.2(55)SE train.

mrhcarlin · ‎07-01-2019

Thanks for the feedback. Unfortunately, for now, I am unable to upgrade the firmware because I don't have a valid service contract on my account. I'll get back in touch if I still have the same issues after I've upgraded.

Thanks again.

mrhcarlin · ‎12-05-2019

Given that I said I'd post back if I ever managed to upgrade the firmware or fix my issue, I'll do just that now.

I made another post yesterday about firmware upgrade woes, but that's all resolved now and I managed to upgrade my AP to the latest.

I have also fixed the rebooting behaviour described in my original post.

I decided to try something slightly different (it's amazing how differently you think/approach things after a break). On the AP, I left one of my WLANs untagged and set the other to VLAN 20 (whereas before I had them both tagged as 10 and 20 respectively). I also set switchport trunk native vlan 10 on the port that the AP is connected to, which I didn't do before.

I'm not sure why I didn't think to make these minor changes before, or was not advised of it, but it appears to have been what was needed because the AP now fully boots when restarted. It kind of makes sense that I'd need to do it like this now that I think about it.

Scott Fella · ‎12-05-2019

Interesting, because all Cisco ap's if connected to a trunk port should be untagged on the native vlan. You would place user traffic on other vlans which would be tagged or even on your management subnet if you really wanted that. Well good that you got it working!

-Scott
*** Please rate helpful posts ***