Wireless Bridge Connection

Unanswered Question
Sep 10th, 2009

I have (2) 1300 access point that are connected for point to point access.

I have a data network VLAN 10 and Cisco IP Phone VLAN 20. The computer is plugged into the phone and the phone is plugged into port injector. The root-bridge is plugged into a 6500 switch. The port was configured

sw access vlan 10

sw mode access

sw voice 20

spanning-tree portfast

The problem is I can only access VLAN 10, the phone just goes into configuration mode and VLAN search. I have brought the phone back to the main location and the phone connects. I was able to connect the phone before but I dont think it was setup right. I am thinking that the switch port should be a sw mode trunk.

I think I need a better VLAN setup on the root and non-root bridge so that it works properly. I also am unable to talk to the native VLAN 1 and connect to the bridges from the network.

Can someone help and explain a it little. I have read some of the documentation, but it looks like I will need to make more ssid for each VLAN. Is that right?

Here is the basic config.

ROOT BRIDGE

bridge irb

!

!

interface Dot11Radio0

description ** Downlink HQ RootBridge to Stock NON-ROOTBRIDGE **

no ip address

no ip route-cache

!

encryption key 1 size 128bit 7 55555555 transmit-key

encryption mode wep mandatory

!

ssid STOCK

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root bridge

cca 75

concatenation

infrastructure-client

bridge-group 1

bridge-group 1 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

bridge-group 1

bridge-group 1 spanning-disabled

hold-queue 80 in

!

interface BVI1

ip address 192.168.5.11 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.5.1

NON-ROOT

bridge irb

!

!

interface Dot11Radio0

description ** Uplink Stock NON-ROOTBRIDGE to HQ ROOTBRIDGE **

no ip address

no ip route-cache

!

encryption key 1 size 128bit 7 55555555 transmit-key

encryption mode wep mandatory

!

ssid STOCK

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role non-root bridge

bridge-group 1

bridge-group 1 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

bridge-group 1

bridge-group 1 spanning-disabled

hold-queue 80 in

!

interface BVI1

ip address 192.168.5.12 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.5.1

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2.5 (2 ratings)
Loading.
o.primous Fri, 09/11/2009 - 13:09

Is there away to set this up or a trick so that I do not lose my connection for the point to point?

When I configure this I lose connection to the other Bridge. It is saying that I need 1 ssid per vlan. I have 3, the native 1, DATA 10 & PHONE 20.

So it would look like:

(config)#

dot11 ssid STOCK # Connects the Bridges together.

authentication open

dot11 ssid Native

vlan 1

dot11 ssid DATA

vlan 10

dot11 ssid PHONE

vlan 20

int dot11radio 0

ssid STOCK

ssid NATIVE

ssid DATA

ssid PHONE

exit

int dot11radio 0.1

encapsulation dot1q 1 native

end

int f0.1

encapsulation dot1q 1 native

end

int dot11radio 0.10

encapsulation dot1q 10

end

int f0.10

encapsulation dot1q 10

end

int dot11radio 0.20

encapsulation dot1q 20

end

int f0.20

encapsulation dot1q 20

end

Do I need to do anything with the bridge groups?

bridge-group 1 is under dot11radio 0 and Fa 0.

o.primous Fri, 09/11/2009 - 15:27

The switch that the root is connected to should be set from trunking correct?

also what if I have a switch on the NON-Root side how will that effect the configuration?

o.primous Sat, 09/12/2009 - 12:29

I have a point to point Wireless connection between 2 buildings, using Cisco 1300 access points. I have 2 VLANs, Data and Phone that have to function at the Non-Root building.

Right now there is one computer and one phone at the NON-Root building. They need to connect to the Root Building to access the internet and servers.

Previously I was able to connect when I had the access points switch port set to access data vlan and voice vlan. But for some reasonly I am unable to connect the phone to the vlan only data.

I understand its not a full wireless question but it is pertaining to the wireless access configuration.

o.primous Tue, 09/15/2009 - 05:52

I understand wireless.

What I have going on is a location down the street that that is connected to HQ by 2 AP 1300. HQ is root and 2nd location is non-root.

There is a switch that is located at the 2nd location that plugs into the F0 of the injector. The location will connect up to 5 computers and phones.

What I would like to know is how do I use these to APs to form at trunk link so that I can pass VLANs across without running a cable to truck to the switches.

Right know I have the Root-bridge at HQ and the NON-Root bridge at the 2nd location.

Is this the right way, because I have to set up "spanning-tree link-type point-to-point" on the trunk port or spanning tree disables the port.

bcolvin Tue, 09/15/2009 - 20:03

setting up vlans and mutiple ssids on an access point is nearly impossible using IOS CLI until you have seen the proper entries built by using the WEB/GUI interface. you need to link each ssid to a VLAN including the native VLAN and link each to a radio. you can create one config for your root bridge copy that config to your non root and then change root to non root in the radio config. you must also configure your switch ports for .1Q trunking. the attached config shows mutiple VLAN/SSID entries generated by the GUI interface. As you can see it can get quite complex.

You will also need to assign your native Vlan an SSID and link it to the radio to bridge it to the non root side.

Hope this helps

Bill

Attachment: 
o.primous Thu, 09/17/2009 - 07:27

Thank you that is what I am looking for.

I have been trying to set this configuration up, but I still can not connect to the network. I have tried with teh GUI and CLI and still not success. I am currently using WEP. Is there anything differnt I should do?

I am using a 4500 at HQ and a 3524 at the 2nd building and I have then set with:

sw trunk encap dot1q

sw mode trunk

spanning-tree link-port point to point

I am about to take a option like the Cleveland Browns and just punt.

jeff.kish Mon, 09/21/2009 - 13:27

Can you post your current bridge configs? I'll gladly review them if you do. You should have a single SSID per radio interface, with subinterfaces for each VLAN you want to traverse the link.

o.primous Mon, 09/28/2009 - 06:19

This is my current config. The NonRoot is the same except for station-role non-root bridge.

Besides the switch at HQ and the branch office being setup for trunks.

sw mode trunk

sw trunk encap dot1q

spanning-tree link-type point-to-point

Is there anything else that needs added?

Also the only Wireless devices that are connecting are the root bridge at HQ and non-root at Branch office. The other devices will connect to a switch at the other end. This is only a trunk so that I can remove the T-1 at the location.

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ROOT

!

!

dot11 vlan-name HQ-DATA vlan 10

dot11 vlan-name HQ-Voice vlan 172

!

dot11 ssid BranchOffice

vlan 1

authentication open

infrastructure-ssid

!

dot11 ssid data

vlan 10

!

dot11 ssid phone

vlan 172

!

dot11 network-map

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption key 1 size 128bit 7 *************************** transmit-key

encryption mode wep mandatory

!

ssid BranchOffice

!

ssid data

!

ssid phone

!

station-role root bridge

cca 75

concatenation

infrastructure-client

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

!

interface Dot11Radio0.10

encapsulation dot1Q 10

no ip route-cache

bridge-group 10

!

interface Dot11Radio0.172

encapsulation dot1Q 172

no ip route-cache

bridge-group 172

!

interface FastEthernet0

no ip address

no ip route-cache

!

interface FastEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

!

interface FastEthernet0.10

encapsulation dot1Q 10

no ip route-cache

bridge-group 10

!

interface FastEthernet0.172

encapsulation dot1Q 172

no ip route-cache

bridge-group 172

!

interface BVI1

ip address 192.168.34.211 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.34.1

ip http server

ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

bridge 1 route ip

o.primous Fri, 10/09/2009 - 04:31

I finally got the VLANs to connect. I really dont know what I did since it was the same thing over and over. I did start with the root bridge after deleting all the VLANs and worked backwards.

I also made the VLANs from the GUI instead of CLI. And Enabled STP for VLAN 1 native and disabled for all the others.

besides that the codes are identical. I ran a diff from linux command and it proved that.

I am so comfused on why this didnt work the like this the last time.

Thank You for all your help.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode