11-04-2009 01:57 AM - edited 03-06-2019 08:26 AM
Hello
I have a 3560 switch and there is a WLAN AP connected.
Port is configured as below.
interface FastEthernet0/43
description * WLAN *
switchport trunk encapsulation dot1q
switchport trunk native vlan 5
switchport trunk allowed vlan 5,10,15
switchport mode trunk
Now I'm not able to ping the AP.
If I insert the command:
no switchport trunk native vlan 5
and then
switchport trunk native vlan 5
Then I'm able to ping.
If I disconnect the AP and connect again I have the same problem.
Is this a bug or do I have a wrong config?
Thanks for your help
11-04-2009 11:25 AM
It doesn't seem to be a bug. Normally thin APs should go into a access port ,not to trunk port. Could you please tell me the AP type and model ?
11-04-2009 03:57 PM
Please post the ap config.. Have seen any bug like that .
11-05-2009 07:06 AM
AP: Cisco 1242
Here is the config:
Current configuration : 3989 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap1
!
enable secret 5 12345
!
ip subnet-zero
no ip domain lookup
ip domain name domain.local
!
!
ip ssh version 2
no aaa new-model
!
dot11 ssid MA
vlan 10
authentication open
authentication key-management wpa
wpa-psk ascii 7 12345
!
dot11 ssid guest
vlan 15
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 12345
!
power inline negotiation prestandard source
!
!
username wid privilege 15 password 7 12345
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 15 mode ciphers aes-ccm
!
encryption vlan 10 mode ciphers aes-ccm tkip
!
ssid MA
!
ssid guest
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.10
encapsulation dot1Q 10
no ip route-cache
no cdp enable
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 port-protected
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
!
interface Dot11Radio0.15
encapsulation dot1Q 15
no ip route-cache
no cdp enable
bridge-group 15
bridge-group 15 subscriber-loop-control
bridge-group 15 port-protected
bridge-group 15 block-unknown-source
no bridge-group 15 source-learning
no bridge-group 15 unicast-flooding
bridge-group 15 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
!
encryption vlan 15 mode ciphers aes-ccm
!
encryption vlan 10 mode ciphers aes-ccm tkip
!
ssid MA
!
ssid guest
!
no dfs band block
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
channel dfs
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.10
encapsulation dot1Q 10
no ip route-cache
no cdp enable
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 port-protected
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
!
interface Dot11Radio1.15
encapsulation dot1Q 15
no ip route-cache
no cdp enable
bridge-group 15
bridge-group 15 subscriber-loop-control
bridge-group 15 port-protected
bridge-group 15 block-unknown-source
no bridge-group 15 source-learning
no bridge-group 15 unicast-flooding
bridge-group 15 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.5
encapsulation dot1Q 5 native
no ip route-cache
no cdp enable
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.10
encapsulation dot1Q 10
no ip route-cache
no cdp enable
bridge-group 10
no bridge-group 10 source-learning
bridge-group 10 spanning-disabled
!
interface FastEthernet0.15
encapsulation dot1Q 15
no ip route-cache
no cdp enable
bridge-group 15
no bridge-group 15 source-learning
bridge-group 15 spanning-disabled
!
interface BVI1
ip address 192.135.91.202 255.255.255.0
no ip route-cache
!
ip default-gateway 192.135.91.254
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
control-plane
!
bridge 1 route ip
!
!
alias exec c conf t
alias exec w cop run sta
alias exec v sh run
alias exec b sh ip int brie
alias exec a show dot11 associations
!
line con 0
line vty 0 4
login local
!
end
11-05-2009 12:39 PM
Hi.
Weird. As I see it your config is fine. You have "encapsulation dot1Q 5 native" and "bridge-group 1" and the IP of the AP on BVI1 and it all corresponds fine with the native vlan 5 on the switchport, so it _should_ all be fine.
That said, I actually had a problem that looked like this at a customer. As they were preparing to convert from autonomous AP to lightweight we did not pursue the problem further so unfortunately I do not have a solution. I'd be pleased to learn a solution if anybody else has one.
HTH, Ingolf
11-05-2009 01:17 PM
Hi
Does may be a firmware update helps?
Yours sincerely
11-08-2009 05:00 AM
I did a firmware update and now my workaround with the no switchport.... doesn't work anymore.
So now I have no possibility to access the AP.
Looks like the configuration is not correct?
Yours sincerely
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: