AP 1200 and Multiple SSID

Unanswered Question
Apr 19th, 2007

Hate to restart this conversation - but I want to make things a bit clearer.

As for hardware I do not have a core switch. I have 2600 router then goes off to 3500XL switches with Ap 1200 Ap.

The physical switch that I have has several VLANS. Vlan 1 (Native)which is basically flat for the infrastructure and users have connectivity to the lan etc. Then I introduced some broadband DSL. From the dsl/modem which also has dhcp I have that set as Vlan 100. What I want to do is to have multiple SSID so a laptop user can choose between the two different SSID for sake of argument for now I will call them INTERNAL and the Vlan 100 for dsl will be called "DSL".

My switch is vlan'd as mentioned but when i type the ssid into thte clent laptop the laptop will connect to the radio BUT it will not give it an IP address to the client. Please advise on any hints or tips. If I uploaded a config would that help?

p.s. The ethernet that is connecting to the ap is from vlan 1.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rseiler Thu, 04/19/2007 - 12:24

Uhh... How is the user that connects to the DSL SSID on the AP1200 (assuming autonomous) reaching the DSL when you don't have that VLAN trunked to the AP?

planzone Thu, 04/19/2007 - 12:30

Thanks - I read through your sarcasm and seemed to get it to work.

planzone Thu, 04/19/2007 - 13:06

Since I can now get to the DSL. I still have the issue of getting to internal which is mapped to my VLAN 1.

my switch has the command set to allow vlan 1,10

I figure this piece out I will be good to go.

rseiler Thu, 04/19/2007 - 13:21

Am I understanding you to say that you have the switchport on your switch configured as follows:

interface FastEthernet0/24

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,10

switchport mode trunk

switchport nonegotiate

spanning-tree portfast trunk

And the AP(s) are configured to map an SSID to a VLAN (you will need to remove the non-VLAN assigned SSID and re-add it).

Make sense?

planzone Thu, 04/19/2007 - 13:27

Thats correct that is what I basically have.

But now I am trying to connect to the SSID that is mapped to vlan 1 which is my internal infrastructure for server printers etc and it will not give the client an IP.

Basically testing both but cannot get it to go to to the VLan 1 ssid.

Hope that makes sense..Any SSID I have IS mapped to a VLAN I dont have any that are not assigned.

rseiler Thu, 04/19/2007 - 13:29

What is providing DHCP ip addresses? Router? Switch? AP? Windows server? What VLAN is it on?

planzone Thu, 04/19/2007 - 13:32

First off I want to thank you for sticking with me on this.

For VLAN 1 Windows server is providing DHCP.

For VlAN 100 the DSL Modem is providing the DHCP

VLAN 1 Ip Adressing 10.150.1.x

VLAN 100 Ip address 192.168.254.x

rseiler Thu, 04/19/2007 - 13:35

Your welcome.

Does VLAN 100 work for DHCP from the DSL modem?

Just VLAN 1 doesn't work for DHCP?

What happens if you manually set the IP on the client, associate to the SSID for VLAN 1, can you ping the DHCP server or default gateway?

planzone Thu, 04/19/2007 - 13:47

Correct the Since making the trunking changes in the switch the DSL DHCP Works fine i associate,connect and provides ip to the client. When i try to connect to the other SSID (VLAN 1) it will not give it an IP address (connects to radio but No ip address)

I did not try the manual IP on the client as of yet. I can try that test tomorrow. So I suppose if there are no more tips to try .. please stay tuned tomorrow. I am not at the office at the moment but keeping my eye on the pulse in this forum for tips.

But in theory it should work correct ?????

planzone Fri, 04/20/2007 - 05:28

Ok I have tried your recommendation - however I cannot ping our gateway. (even from a workstation) on the wired lan because of a Stealth rule - Any traffic going to the firewall itself is dropped. This is to prevent DoS attacks, etc. and people trying to get info from the firewall that our firewall folks put in.

But I am able to ping other servers etc by ip and name (on VLAN1) infrastructure after putting the ip address into the client manually. If we get that for DHCP. I should be golden.

here is a snippet of the config from my switch for the port where the AP is plugged into:

interface FastEthernet0/31

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,100

switchport mode trunk

spanning-tree portfast

Actions

This Discussion