Ethernet bridge traffic VLAN configuration

Unanswered Question
May 28th, 2009

There are several 1522 APs working as mesh (802.11a backhaul) and one Root AP connected to the wired network. One of the mesh APs is also configured as bridge and it connects remote LAN to wired network. Is it possible to place remote LAN traffic in a separate VLAN in a wired network? Such configuration is possible with different SSID-VLAN pairs, we need to configure the same for ethernet port of mesh AP - VLAN.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
vmtimaan2k7 Fri, 06/19/2009 - 00:02


We are also encountering a problem with vlan tagging on Ethernet Bridging on the RAP and MAP(vlan 4,Mgt Vlan), we are currently using 5.2.157 software codes for the 2x WLC's and when we Failover to the WLC2, it seems the client with a different vlan (Vlan28)ip cctv camera, Times Out. But both RAP & MAP(Vlan4) can Failover no problem.

The way we remedy the Failover issue is to Check and Uncheck the Vlan Transparent box under Wireless>Mesh Global Config which is manual intervention. Is there a missing config to automate the Failover?

The documentation provided by naks from above seems to be confusing and not detailed enough, as well as no config example.

Hoping anyone can help us resolve the matter.

Thanks in Advance and Have a nice day ahead. =)

naks Fri, 06/19/2009 - 00:35


If the VLAN transparent check box is enabled, it simply means that it is transparent bridging. If the box is un-checked, it means that packets will be tagged appropriately.

In your case, have you configured the RAP port that is connected to your switch as trunk and allowed vlans 28 and 4 on that?

Please note that the ethernet bridged traffic never goes through the WLC, but it simply flows through the RAP port and onto the switch.

The traffic flow from Camera to outside is like this:

Camera-->MAP-->RAP-->Infrastructure Switch.

The only place where you need to be careful in failover is that the VLAN transparent checkbox should be disabled on both the WLCs.

Let me know how this goes.



vmtimaan2k7 Fri, 06/19/2009 - 01:05

Hi Naks,

Thanks for your prompt response on my Failover case, As per your comments, Yes we did configure the RAP port connected to the switch with a trunk native vlan 4 and trunk allow vlan 4, 28.

I understand clearly that you need to disable the Vlan Transparent checkbox on both WLC if you are using Vlan Tagging.

On my previous post, i was pertaining to remedy the issue we encountered on the Problem of Failover from WLC1 to WLC2.

As an update on the set-up we have:

Camera --PoEout--MAP------>RAP-Trunk Native Vlan 4, Trunk allow 4,28 ---Edge Switch----Core Switch---Trunk native Vlan 4, Trunk allow 4,28--WLC's

Note; the WLC1 --Trunk--Core Switch 1 &

WLC2 --Trunk--Core Switch 2

Both Core Switches are in HSRP mode.

Thanks for your help in advance.. =)


Vincent Mark

naks Mon, 06/22/2009 - 23:23


What is the MAP POE port configured as?



vmtimaan2k7 Tue, 06/23/2009 - 00:55

Hi Nagendra,

Thanks for your reply, the MAP PoE port is configured as Access Vlan 28, that is directly connected to Camera 13.

The checking and unchecking of the Checkbox for the Vlan Transparent is the Workaround to bring back the Camera 13.

Hoping you can advise if you encountered a similar issue before.


Vincent Mark

naks Tue, 06/23/2009 - 01:00

Hi Vincent,

What camera is this? Have you configured a static ip on your camera? How long have you waited after the fail over before you determined that the camera would not work?



vmtimaan2k7 Tue, 06/23/2009 - 02:33

Hi Nagendra,

We are using an Axis 214 PTZ Network Camera, with static ip on the camera. We waited for quite some time about 2 minutes, when the RAP & MAP is able to failover together to the WLC.

Is it sufficient time to wait? More than that would not be an acceptable Failover. Isn't it?


Vincent Mark


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode