10-14-2021 12:26 PM - edited 10-14-2021 12:32 PM
Hello, I got a question when i read the Flexconnect group document (link is listed below). Please see the screenshot which is from this document. The interface g1/0/4 with trunk and native vlan are connected to a AP(flexconnect mode). Based on the interface configuration, I think the AP interface might need to be trunk too. If so, there are at least two vlans and one ip address at this AP. The question is the ip address at the AP should be at vlan 109 or 3? Thank you
https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-7/Flex_7500_DG.htm
10-14-2021 01:05 PM
AP management always needs to be on an untagged vlan (ie native vlan on that trunk). Therefore in that example, it should be on vlan 109
HTH
Rasika
*** Pls rate all useful responses ***
10-14-2021 02:17 PM - edited 10-14-2021 02:21 PM
Thank you Rasika very much for your reply. So, which vlan or something else in this AP is connecting this switch's vlan 3 since the AP's ip address is connecting the switch's vlan 109?
10-14-2021 02:23 PM
Clients can use vlan 3.
10-14-2021 02:39 PM - edited 10-14-2021 02:41 PM
Thank you Scott. Can we say this ip address and vlan109 at AP are responsible for connecting wlc, while vlan3 is responsible for client's any other traffic?
10-14-2021 02:43 PM
Yes, that is correct. In this instance, you configure WLAN as "FlexConnect Local Switching" which means traffic directly terminates on the local switch on vlan 3.
There is an option you can configure "FlexConnect Central Switching", in that instance client will get an IP address based on the subnet you map to SSID on the WLC connected swtich.
HTH
Rasika
10-14-2021 06:09 PM
Like Rasika mentioned, all Cisco AP’s need to be connected to an untagged vlan. This is for management purposes. Depending if you use local switching in which the switch port would be a trunk port, any tagged vlans can be used for ssid mapping for wireless clients.
10-16-2021 09:05 AM
If we have several ssid, for example, Corp, byod, and guest, can this vlan 3 work for all these three ssid or we need to create another two vlan so that each ssid/wlan works with each vlan respectively? Thanks
10-16-2021 10:54 AM
10-16-2021 02:24 PM - edited 10-16-2021 04:42 PM
No you don't have to create separate VLAN's for each SSID unless all SSID's are locally switching. You can have selected SSID's to centrally switch in Flex Connect, in this case AP will build a capwap tunnel for data using AP management interface with the WLC. All the traffic for centrally switched SSID's will be routed out of this tunnel which is terminating at the WLC.
@Scott Fella Thanks Scott. Corrected.
referring to the switchport config snippet you shared, 3 SSID's and only SSID which is mapped to VLAN 3 is locally switched, other 2 could be centrally switched. Centrally switched SSID's tunnel the traffic back to the WLC. Tunnel source is AP management IP and destination is AP manager interface in WLC. So you don't need to allow the VLAN's mapped to these 2 SSID's in AP uplink. But rather you must allow this in the WLC uplink.
10-16-2021 03:29 PM
Just a small edit... You have this backwards.
Should be:
10-16-2021 07:35 PM - edited 10-16-2021 07:40 PM
The issue is how to define Local switching. if the connection is like this: AP----SW2-----SW1-----WLC. vlan3 only exists at SW2, and vlan109 exists at SW2, SW1 and WLC, vlan3 traffic only work at SW2, then it can be called local switching, which include dhcp and authentication traffic etc, If vlan3 exist at all three devices SW2, SW1 and WLC, we can call vlan3 traffic as Central switching, is this correct?
10-16-2021 09:34 PM
Local switching means that traffic will egress the switch the ap is connected to, so in your case SW2. Central switch means traffic tunnels back to the controller and then egress the port(s) the controller is connected to. Now you need to understand what is required. All vlans need to be routed and on all switches, SW1 and SW2 or else how is traffic going to route if SW1 is L3 and SW2 is L2
10-20-2021 08:04 AM
Please see this Client-----AP ------ SW2 --------WAN-------SW1-----WLC
DHCP server1 is located at SW1 and DHCP server2 is located at SW2. If the client get ip from dhcp server1, we call this traffic as central switch. If the client get ip from dhcp server2, we call it as local switching. Is this correct? or both belong to local switching?
10-20-2021 08:07 AM
DHCP has nothing to do with local switching or central switching. It's how the wireless user traffic flows, either the traffic will tunnel back from the AP to the WLC (central) or the traffic will egress from the AP to the directly connected switch (local switching.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide