Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

1200: Native VLAN & Management VLAN

I want to keep the management VLAN and native VLAN seperate. Is this the correct setup when using VLAN 999 as the native VLAN and VLAN 100 for the management VLAN.

Management VLAN 100 (10.100.0.0/24)

### Trunk SW ###

description "AP"

switchport trunk encapsulation dot1q

switchport trunk native vlan 999

switchport trunk allowed vlan

switchport mode trunk

switchport nonegotiate

speed 100

duplex full

### AP ###

interface Dot11Radio0

no ip address

no ip route-cache

!

!

encryption vlan 99 key 1 size 128bit 7 3831CB248113D952741376BEC352 transmit-key

encryption vlan 99 mode wep mandatory

!

encryption vlan 11 mode ciphers tkip

!

ssid xoxoxo

vlan 11

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

!

ssid xxx

vlan 99

authentication network-eap eap_methods

!

speed basic-1.0 basic-2.0 basic-5.5 basic-11.0

rts threshold 2312

station-role root

!

interface Dot11Radio0.11

encapsulation dot1Q 11

no ip route-cache

bridge-group 11

bridge-group 11 subscriber-loop-control

bridge-group 11 block-unknown-source

no bridge-group 11 source-learning

no bridge-group 11 unicast-flooding

bridge-group 11 spanning-disabled

!

interface Dot11Radio0.99

encapsulation dot1Q 99

no ip route-cache

bridge-group 99

bridge-group 99 subscriber-loop-control

bridge-group 99 block-unknown-source

no bridge-group 99 source-learning

no bridge-group 99 unicast-flooding

bridge-group 99 spanning-disabled

interface dot11radio 0.999

encapsulation dot1q 999 native

interface dot11radio 0.100

encapsulation dot1q 100

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

ntp broadcast client

!

interface FastEthernet0.11

encapsulation dot1Q 11

no ip route-cache

bridge-group 11

no bridge-group 11 source-learning

bridge-group 11 spanning-disabled

!

interface FastEthernet0.99

encapsulation dot1Q 99

no ip route-cache

bridge-group 99

no bridge-group 99 source-learning

bridge-group 99 spanning-disabled

interface fastethernet 0.999

encapsulation dot1q 999 native

interface fastethernet 0.100

encapsulation dot1q 100

interface BVI100

ip address 10.100.0.110 255.255.255.0

no ip route-cache

!

ip default-gateway 10.100.0.1

1 REPLY
Community Member

Re: 1200: Native VLAN & Management VLAN

This looks correct to me. Do you have a non_root bridge on their other side?

Are you able to trunk all 4 VLANS with this config?

302
Views
0
Helpful
1
Replies
CreatePlease to create content