Hairpining Vlan on Catalyst switch

Unanswered Question
Jul 22nd, 2009

I have a problem where we have multiple devices connected to a catalyst 2960 switch. However a few devices get connected via a wireless trunk and enter the switch via a single port. However the other portion of the network is also connected to the wireless access point, thus the data needs to go out the same port to the other part of the network. Aka Hairpinning the data.

Currently we have the problem that we can see that MAC addresses on all devices from different networks that are connected via this Access point and thus this single port, however we can't access these devices. Nor seem to be able to bridge the communication between them.

Any one have any idea on how we could so called hairpin the data such that the other devices on these 2 networks could talk to each other?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Wed, 07/22/2009 - 16:34


It's a little unclear what you are asking.

Are the devices on different networks ie. they are in a different vlan with a different IP subnet ?

If so you need a L3 device to allow the devices from one vlan to talk to the devices on the other vlan and vice-versa and a 2960 switch is L2 only so you can't do it with that switch.

If this is not your setup could you clarify ?

Jon Wed, 07/22/2009 - 16:47


For quick answer, all devices are on the same subnet, however the port where the wireless accesspoint device is connected to, is set to trunk mode, as (not by my design) the network where the gateway is located is also on a wireless point.

Basically we have:

internet -> 2960 -> wireless AP -> 3560 (not managed by us) -> Cisco ASA

thus we have 2 vlans pushed from the 2960 to the 3560, one for public network traffic (internet traffic) and one for private network traffic.

Also of the Wireless AP there are private network access points connected. Thus the wireless AP bridges multiple connections through the 2960 on a single port.

I also have one device that is also directly connected to a different port on the 2960 and has no problems accessing anything on the ASA.

So basically what i am trying to do is to bridge the entire subnet accross a wireless AP using a single port on the switch.

Hope that is more clear.


This Discussion