Need help adding a device to an existing vlan

spfister336 · ‎02-06-2009

I need some help adding a device to an existing, recently created vlan.

Here is the fragment of our network:

[core 4507] -> [8540] -> [3550] -> [1230 WAP]

[configuration excerpts are below]

The 1230 access point described is attached to our network, and is functioning properly. Recently, I tried to add another 3550 (in another part of the building), and a 1230 access point, copying the first configuration as the model. The vlan 99 (the user workstations) worked right away, but vlan 199 (the wireless access points) I cannot get working.

I can still get to the first access point, but am having trouble with the new one:

- it's unreachable when connected to the new switch, but I can get to it when connected to the first switch

- I can get to the vlan 199 default gateway from the new switch, and can get to the first access point from the new switch, but I can't get to the new access point, even when logged into the new switch.

- If I assign an ip address to the vlan 199 interface, I can get to the new access point from the new switch, but then I can't get to the vlan's default gateway or to the first access point.

Can someone help me find where the problem is? Do I need to allow vlan 1 on the interface on the core 4507?

Thanks for your help!

--Steve

Here are configuration fragments of each:

4507 (vtp server, domain ADM_VTP):

----------------------------------

interface GigabitEthernet1/1

description Trunk to 8540

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 40,51,99,199,997,998

switchport mode trunk

switchport nonegotiate

no logging event link-status

qos trust dscp

tx-queue 3

priority high

!

interface Vlan199

description ADM WLAN Management

ip address 192.168.199.1 255.255.255.0

ip helper-address 10.99.20.62

no ip redirects

no ip unreachables

no ip proxy-arp

no ip mroute-cache

end

8540 (vtp client, domain ADM_VTP):

----------------------------------

interface GigabitEthernet1/0/0

description Fiber to 99-c45-clan1

no ip address

no ip redirects

no ip proxy-arp

no cdp enable

!

interface GigabitEthernet1/0/0.1

description Native VLAN

encapsulation dot1Q 1 native

no ip redirects

no ip proxy-arp

!

interface GigabitEthernet1/0/0.99

description ADM LAN Access VLAN

encapsulation dot1Q 99

no ip redirects

no ip proxy-arp

no cdp enable

bridge-group 99

!

interface GigabitEthernet1/0/0.199

description Admin WLAN Management

encapsulation dot1Q 199

no ip redirects

no ip proxy-arp

no cdp enable

bridge-group 199

!

interface GigabitEthernet1/0/0.997

description ADM IVDL

encapsulation dot1Q 997

no ip redirects

no ip proxy-arp

bridge-group 97

!

interface GigabitEthernet1/0/0.998

description Admin WLAN

encapsulation dot1Q 998

no ip redirects

no ip proxy-arp

bridge-group 98

!

interface GigabitEthernet1/0/2

description Fiber to 3550

no ip address

no ip redirects

no ip proxy-arp

no cdp enable

!

interface GigabitEthernet1/0/2.1

description Native VLAN

encapsulation dot1Q 1 native

no ip redirects

no ip proxy-arp

!

interface GigabitEthernet1/0/2.99

description ADM LAN Access VLAN

encapsulation dot1Q 99

no ip redirects

no ip proxy-arp

no cdp enable

bridge-group 99

!

interface GigabitEthernet1/0/2.199

description Admin WLAN Management

encapsulation dot1Q 199

no ip redirects

no ip proxy-arp

bridge-group 199

!

interface GigabitEthernet1/0/2.998

description Admin WLAN

encapsulation dot1Q 998

no ip redirects

no ip proxy-arp

bridge-group 98

!

interface BVI199

description Admin WLAN Management

ip address 192.168.199.2 255.255.255.0

end

spfister336 · ‎02-06-2009

Here is the 3550 config:

3550 (vtp client, domain ADM_VTP):

---------------------------------

interface GigabitEthernet0/1

description to 99-c85-catm1

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/2

switchport mode dynamic desirable

no ip address

shutdown

!

interface Vlan1

no ip address

no ip route-cache

!

interface Vlan99

ip address 10.99.20.211 255.255.248.0

no ip route-cache

ntp broadcast client

!

interface Vlan199

no ip address

!

interface FastEthernet0/38

description to 1230 WAP

switchport access vlan 199

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

no snmp trap link-status

end

glen.grant · ‎02-06-2009

If you do a show vlan on the new switch do all the vlans show in the table and active? Did you create the layer 2 vlans on the new 3550 ? Sounds like the trunk isn't working right or the layer 2 vlans are missing. Can you specify on the 8540 which interface goes to the 4500 and which goes to the 3550 ?

spfister336 · ‎02-09-2009

Yes, the layer 2 vlans were created on the 3550. The vlan 99 is set up the same way as vlan 199 and is working.

Sorry about the configs... I left out part of the 8540 config. The connections are:

1/0/0 -> goes to 4507

1/0/2 -> goes to old 3550 with working 199 vlan

0/0/0 -> goes to new 3550 with non-working 199 vlan

The config for 0/0/0 is similar to the config for 1/0/2:

interface GigabitEthernet0/0/0

description Fiber to 99-c35-sc1n1 (board room)

no ip address

no ip redirects

no ip proxy-arp

no cdp enable

!

interface GigabitEthernet0/0/0.1

description Native VLAN

encapsulation dot1Q 1 native

no ip redirects

no ip proxy-arp

!

interface GigabitEthernet0/0/0.99

description ADM LAN Access VLAN

encapsulation dot1Q 99

no ip redirects

no ip proxy-arp

no cdp enable

bridge-group 99

!

interface GigabitEthernet0/0/0.199

description Admin WLAN Management

encapsulation dot1Q 199

no ip redirects

no ip proxy-arp

bridge-group 199

!

interface GigabitEthernet0/0/0.998

description Admin WLAN

encapsulation dot1Q 998

no ip redirects

no ip proxy-arp

bridge-group 98

Let me know if there's anything else I can post. I'll clean up the configs and repost them if what I've given is too hard to follow.

Thanks again!