Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1850
Views
3
Helpful
8
Replies

Unable to use multiple VLANs on 3 different SSID's - Mobility Express

Go to solution
tfpmatos
Level 1
Level 1

‎03-28-2023 05:38 AM

Hello everyone,
I'm running out of ideas here, me an the team have searched entire forums looking for this but we can't get this to work.

So, this is our setup:
Mikrotik router has the VLAN's set up with DHCP configured for each (1, 10, 20 and 30). Static routes for the VLAN's are correctly configured. We set port 2 as the trunk port, and connected it to the switch (which is the tp-link sg1210p, managed), on port 1 and tagged vlans 1, 10, 20 and 30. 
The subnets for each vlan are 192.168.1.0/24 for the vlan 1; 192.168.10.0/24 for the vlan 10; 192.168.20.0/24 for the vlan 20 and 192.168.30.0/24 for the vlan 30.
The access points being used are the Cisco Aironet 1815i-k9, being one of the the WLC, running the latest cisco firmware for the Mobility Express.
Tagged the VLAN's 10, 20 and 30 on port 2 of the switch and set VLAN 1 to untagged, as the management interface of the AP requires the traffic to be untagged. All the ports on the switch have the PVID set to 1.

Now, on the access point, I created just 1 SSID to test the IP assignment on the VLAN 20 (for example).
So, to do that i added a new WLAN, set the security as "personal" and the encryption as WPA2, set the vlan tagging to yes and stated the id as 20, set the native VLAN to 1 and clicked ok and saved.


No IP address at all when connecting to the SSID on VLAN 20.

If i use no VLAN tagging, it sends me out the VLAN 1 and have access to the internet.

 

Anyone here that can help please? Ask some more questions if you have to, I'll reply with everything I've found so far.

Thank you so much.

Tiago M.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
tfpmatos
Level 1
Level 1
In response to Scott Fella

‎03-30-2023 11:25 AM

Scott, I solved it. So far, I do not know what was wrong in the first place but i reset the settings the mikrotik RouterOS and reconfigured it as it was. I did nothing different, but now it works. Go figure...

Thank you all for the help provided!

View solution in original post

0 Helpful
8 Replies 8

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎03-28-2023 06:04 AM

i do not see any issue Mobility Express :

https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-2/b_Mobility_Express_Deployment_guide/b_Mobility_Express_Deployment_guide_chapter_0111.html

make sure your switch can support Trunk and allowed VLANs in the switch.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
tfpmatos
Level 1
Level 1
In response to balaji.bandi

‎03-28-2023 06:06 AM

The switch ises untagged and tagged to set up trunk. If you tag multiple vlans on a switch port, it'll be configured as trunk.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to tfpmatos

‎03-28-2023 06:19 AM

As Long as the switch pass that information, as i suggested i do not see the issue on ME side. may be try different configuring the switch port combination.

below guide (i am not a TP link expert) -where is the Layer 3 SVI (on switch ?) try trunk should work as i read.

https://www.tp-link.com/us/support/faq/328/

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to tfpmatos

‎03-28-2023 06:45 AM

Like what @balaji.bandi mentioned, the ME side looks good.  You might want to go on the other vendors forum for recommendations or run a packet capture on the trunk port to see if the other vlans are being passed.

-Scott
*** Please rate helpful posts ***

Go to solution
tfpmatos
Level 1
Level 1
In response to Scott Fella

‎03-30-2023 11:25 AM

Scott, I solved it. So far, I do not know what was wrong in the first place but i reset the settings the mikrotik RouterOS and reconfigured it as it was. I did nothing different, but now it works. Go figure...

Thank you all for the help provided!

0 Helpful

Go to solution
tfpmatos
Level 1
Level 1
In response to balaji.bandi

‎03-29-2023 02:51 AM

Trunk is properly set up.
Do I need to configure any L3 vlan settings on the switch? It shouldn't be needed...

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to tfpmatos

‎03-29-2023 05:21 AM

if this is just layer 2 you do not need any Layer 3 interface (unitl your requirement is different)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Rich R
VIP
VIP
In response to tfpmatos

‎03-29-2023 05:21 AM

No L3 needed.

Follow troubleshooting approach as Scott suggested.

Make sure your software is up to date as per TAC recommended below (you did not mention what version you're using).

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top