Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Indoor wireless mesh configuration - Q's about ethernet bridging

We are trying to lab up a small indoor wireless mesh deployment.  This is in the lab, not production.

We have a 3550 with an enhance image

8 port 3560 switch

4402 series controller

4 1242 LAPs

The 3550 has the following VLANs:

10 = Management (for controller management)

11 = AP VLAN

12 = 2.4 GHz mesh for users.  SSID = "meshuser"

13 = wired vlan (this is a bridged vlan)

14 = wired vlan (this is a bridged vlan also)

15 = wired management (mgmt IP subnet for remote switches)

Here is the topology:

CTRLR <--(LAG)--->  3550 ----- 1242(RAP) ~ ~ ~ ~ 5 GHz ~ ~ ~ ~  1242(MAP)  ~~~~~ 2.4 GHz~~~~~ vlan 12 (2.4 GHz wireless users)


                                                                               |_________ 8 port PoE switch   ------------ vlan 13 & 14 (wired users) and Mgmt interface in vlan 15

3350 is routing and is configured as DHCP server.

Controller to 3550, trunked, untagged vlan 10, all others allowed and tagged.

3550 ---> RAP, untagged vlan 11, all others allowed and tagged

RAP <-----> MAP, 802.11a, (everything gets trunked automagically)

MAP ---> Wireless "meshuser" 2.4 GHz.  vlan 12.

MAP ---> 3560, trunked, untagged = 15, allowed vlans 13 & 14.


It appears as if the MAP and RAP's ethernet interfaces are handled differently.  True or False?

THe RAP is plugged into the 3550's trunked port with the native set to vlan 11 so it will connect and get an IP address from the 3550 on the AP vlan.

Is the 5 GHz link "on vlan 11"?  It seems like it would have to be in order for our MAP to get an IP address.

We tried using vlan 11 on the MAP's ethernet interface as the untagged vlan, but it didn't seem to work.  We changed it to vlan 15 and it works.  Using different vlan interface IP addresses on the switch, of course.

Why can't we vlan 11 as our AP vlan and our switch management vlan?

Is it possible to use VTP from the 3550 to the 3560 in this scenario.

Does anyone have a lab written that shows the steps?  And perhaps explains the reasoning?


  • Getting Started with Wireless
Cisco Employee

Re: Indoor wireless mesh configuration - Q's about ethernet brid


I can't give a full explanation but I think this is expected.

You normally don't want your RAP native vlan to be bridged across MAPs ethernet port. This would mean that a broadcast packet sent by wired devices behind the MAP would travel all the way to the RAP and the WLC network and vice versa (APs ARP packets sent to all wired clients behind MAPs) ... that's not optimal to my opinion.

At the time the feature was made available in 5.2, I read that it was highly recommended by developers to use vlan 1 to connect the RAP as ap vlan. I'm not sure that this restriction stayed but it does make some sense that the ap vlan is not bridged behind MAPs.