cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1895
Views
20
Helpful
4
Replies

Tagging Management Vlan | Mobility Express

animesh_R
Level 1
Level 1

I am setting up my lab with 2800 mobility express controller. I am trying with tagging management vlan.
wlc management ip: 10.106.59.190
management vlan: 59
vlan 58 is for AP's.

Here is my switchport configuration:

interface GigabitEthernet1/0/5
description Trunk Port to ME WLC
switchport trunk native vlan 58
switchport trunk allowed vlan 58,59
switchport mode trunk
end

-----------------------------
(Cisco Controller) >show interface detailed management
Interface Name................................... management
MAC Address...................................... 00:81:c4:f4:42:a0
IP Address....................................... 10.106.59.190
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 10.106.59.1
IP Address Type.................................. Static
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
Link Local IPv6 Address.......................... fe80::281:c4ff:fef4:42a0/64
STATE ........................................... NONE
Primary IPv6 Address............................. ::/128
STATE ........................................... NONE
Primary IPv6 Gateway............................. ::
Primary IPv6 Gateway Mac Address................. 00:00:00:00:00:00
STATE ........................................... CREATING
VLAN............................................. 59
Quarantine-vlan.................................. 0
Physical Port.................................... 1
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. 10.106.190.1
AP Manager....................................... Yes

But I am not able to ping gateway from wlc. Neither I'm able to reach connected switch from wlc itself. I believe this is related to configuration. Can someone please suggest what I am doing wrong and how to correct?

Animesh
1 Accepted Solution

Accepted Solutions

You cannot tag management traffic, it has to be on the native VLAN of the trunk port.

"The switch port to which the primary AP is connected can be a trunk port or an access port and must be configured to trunk Native VLAN for management traffic. Data traffic must be trunked with appropriate VLANs for local switching as well."

https://www.cisco.com/c/en/us/td/docs/wireless/access_point/mob_exp/83/user_guide/b_ME_User_Guide_83/b_ME_User_Guide_83_chapter_01000.html 
HTH
Rasika
*** Pls rate all useful responses ***

View solution in original post

4 Replies 4

You cannot tag management traffic, it has to be on the native VLAN of the trunk port.

"The switch port to which the primary AP is connected can be a trunk port or an access port and must be configured to trunk Native VLAN for management traffic. Data traffic must be trunked with appropriate VLANs for local switching as well."

https://www.cisco.com/c/en/us/td/docs/wireless/access_point/mob_exp/83/user_guide/b_ME_User_Guide_83/b_ME_User_Guide_83_chapter_01000.html 
HTH
Rasika
*** Pls rate all useful responses ***

Thank you, Rasika for your help.

I've started thinking around this after HTTP upgrade have been failed for this ME controller. I have found this bug on same behaviour. 
------------------------------------------
CSCve89758 -- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve89758
Symptom: vWLC code download fails when using HTTP mode with untagged management interface
Conditions: HTTP mode upgrade fails with error
Workaround: Convert untagged management interface to tagged interfaces and it should work.
------------------------------------------

This doesn't show Mobility Express Controller as affected product though.

Does this restriction of "Management traffic has to be on native vlan of trunk port" applies on Mobility Express controllers only?

Animesh

Yes, That restriction (management traffic needs to be untagged) applies to FlexConnect AP as well as Mobility Express.

vWLC does not mean Mobility Express, it is virtual WLC (AireOS based).

HTH
Rasika
*** Pls rate all useful responses ***

ammahend
VIP
VIP

Try to  untag management interface on ME side and then on switch side you can do below only for g1/0/5, other interfaces where APs are connected should still be native vlan 58

interface GigabitEthernet1/0/5
description Trunk Port to ME WLC
switchport trunk native vlan 59
switchport trunk allowed vlan 58,59
switchport mode trunk

I am assuming there is an SVI somewhere on the switch, try this and let us know

-hope this helps-
Review Cisco Networking for a $25 gift card