Solved: Re: Configure Switch for WAP

ryanrock · ‎02-10-2009

I have a demo kit that includes a 2106 WLC and 2 1252 WAP. I have configured the WLC correctly (I think) and the 2 WAP can contact the WLC when they are plugged directly into the WLC and I can connect my laptop wirelessly. I want to move the WAP's from directly connected to the WLC to a core Cisco 3560G switch. Does anyone know what the port settings on the 3560 have to be or where I can look. I have configured the switch ports:

interface GigabitEthernetX/X

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 212,214,215,901

switchport mode trunk

but when I plug it in it doesn't connect to the WLC.

jeff.kish · ‎02-10-2009

Glad it was a simple issue to resolve :)

View solution in original post

jeff.kish · ‎02-10-2009

Believe it or not, LWAPP access points don't require a trunk port! They tunnel all traffic back to the controller, where the traffic is de-encapsulated and switched onto the network.

Since the AP is transmitting data without tags, your switch is interpretting the traffic as part of VLAN 1 (the native VLAN by default). Because you aren't allowing traffic from VLAN 1, your AP traffic is getting blocked.

The solution is to configure the switchport as an access port for whichever VLAN the AP should be on. It doesn't matter to the controller which VLAN it's on, as long as the AP can DHCP an address (assuming non-static addresses), and assuming the traffic can reach the controller via L3, you'll be fine. You've already primed your APs by connecting them directly to the controller, so that should do it.

Make sure that your controller has a trunked connection to your network with all wireless VLANs allowed across the link.

Jeff

ryanrock · ‎02-10-2009

Thanks Jeff. I switched the port over to switchport access mode with the management vlan and it can right up.

jeff.kish · ‎02-10-2009

Glad it was a simple issue to resolve :)

bklawson · ‎02-10-2009

Jeff,

Quick question on this subject- if you have a second. I was in a similar situation recently, only my 1252's and WLC are actually members of a VLAN, and my WLAN/ Clients are a member of a different VLAN... I tried multiple combinations on the AP connecting to the switchport and could not get traffic established once the SSID was registered on a client.

The odd thing was I could grab a valid DHCP address, and the WLC could link test to the client with good results- but no go for the client- nothing...?

I read the AP switchport can not be configured as "switchport access vlan xxx"... I ended up actually trunking the AP switchport, trunked the native VLAN for the AP/ WLC and allowed only the 2 VLANs (native & WLAN), and the client was off and running.

Due to the "native vlan" on the trunk, isn't this similar, to your untagged switchport setting for the above? - i couldn't get that config to work for me... at this point i can't have the AP untagged (or can I-?) because the WLC is in the same subnet and tagged... Any down side to trunking all the 16 AP's we will be implementing- very soon?

Thanks in advance.

Brian