Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
386
Views
0
Helpful
4
Replies

1250AP VLAN config

mcvosi
Level 1
Level 1

‎03-09-2009 02:12 PM - edited ‎07-03-2021 05:17 PM

I am trying to configure VLANs on my 1250 autonomous AP. I have the sub-interfaces setup but still cannot connect to the LAN. I use 432 for my native vlan and then want to assign clients to vlan 543. Being a security guy, I do not use vlan 1, nor do I trunk vlan 1. Here's a snippet of my config, so tell me what I am missing. All interfaces are showing up-up.

Thanks.

---

int d0

no ip add

int d0.432

encap dot1q 432 native

bridge-group 1

int d0.543

encap dot1q 543

bridge-group 2

int g0

no ip add

int g0.432

encap dot1q 432 native

bridge-group 1

int g0.543

encap dot1q 543

bridge-group 2

Labels:
0 Helpful
4 Replies 4

jeff.kish
Level 7
Level 7

‎03-09-2009 02:53 PM

The partial config looks good. Would you be able to post the entire config? Maybe there's a problem with the SSID configuration. Your SSID should show something like:

dot11 ssid SSID_NAME

authentication open

vlan 543

(guest-mode)

Make sure you have "bridge irb" and "bridge 1 route ip" configured. They should be in there by default, but just in case they were removed.

0 Helpful

mcvosi
Level 1
Level 1
In response to jeff.kish

‎03-09-2009 03:14 PM

I'd prefer to not post the entire config as it would take a lot of editing. :-)

Both statements are there, and there is no issue with the SSID config. I'm just trying to get a connection to my RADIUS server, which the AP cannot connect to. I am not able to ping the server from the AP, so it has something to do with the vlan config, but I don't know where. The switch where the AP is connected is trunking and allows all vlans (at this point) except for 1.

This is a head scratcher. :-)

0 Helpful

mcvosi
Level 1
Level 1
In response to jeff.kish

‎03-09-2009 03:39 PM

Something else of note. I did a sh int g0 on the AP's physical interface and noticed this:

Encapsulation 802.1Q Virtual LAN, Vlan ID 1.

Does this mean that I must TRUNK VLAN 1 on the other end of the switch???

edit: I also noticed the same on the d0 int.

0 Helpful

mcvosi
Level 1
Level 1
In response to mcvosi

‎03-09-2009 03:53 PM

Just found this in the AP documentation:

Under Configuration a VLAN:

"When you configure VLANs on access points, the Native VLAN must be VLAN1"

This puzzles me why you would even be able to specify another vlan as the native vlan if this is the restriction!

Can someone from Cisco clarify this?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card