Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2469
Views
5
Helpful
6
Replies

Requirement for Native VLAN on Flexconnect Access Point

Go to solution
ddavenport-dcc
Level 1
Level 1

‎05-09-2014 10:43 AM - edited ‎07-05-2021 12:48 AM

Hi All,

 

Just looking at AP configuration using 5508 WLC.

 

We have APs deployed at all branch sites connected over a corporate L3 WAN to a Data Centre which houses the WLC(s)

When setting the AP for Flexconnect mode there is a requirement that one native VLAN must be configured for each FlexConnect AP. If the AP is attached to a L2 switch and I want to enable multiple VLAN Mappings then I would need to add these VLANs to the allowed VLAN list on a trunk link between the AP and the switch (802.1Q) on the branch site.

Normally if I configured a trunk link I would never add the Native VLAN to the trunk and never use it for any traffic. In this case it would appear that I MUST use the native VLAN (which seems to go against my better judgement). So my question (after all this) is: What must the AP use the Native VLAN?

 

Thanks All.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to ddavenport-dcc

‎05-10-2014 08:28 AM

This has always been a standard practice for access points that has to connect to a trunk port. This goes back to the autonomous access points and also with FlexConnect and Mesh if your setting up Ethernet bridging.  Wired side is different from the wireless side as you have noticed. 

Please rate helpful post and Cisco Support Community will donate to Kiva

 

Scotty

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎05-09-2014 12:50 PM

The AP's management IP address needs to be on the native Vlan. There is no way around this at the moment and you can't have all your vlan's tagged as the AP has to be on the native Vlan. 

Please rate helpful post and Cisco Support Community will donate to Kiva

Scotty

-Scott
*** Please rate helpful posts ***

Go to solution
ddavenport-dcc
Level 1
Level 1
In response to Scott Fella

‎05-09-2014 02:17 PM

Thanks Scott. Is there an underlying reason for this feature? It seems to fly in the face of best practice for VLAN security (albeit the risk being small). I thought maybe I was misunderstanding something but if it's a requirement then I'll configure accordingly-just curious about the reason now. Thanks again.

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to ddavenport-dcc

‎05-10-2014 08:28 AM

This has always been a standard practice for access points that has to connect to a trunk port. This goes back to the autonomous access points and also with FlexConnect and Mesh if your setting up Ethernet bridging.  Wired side is different from the wireless side as you have noticed. 

Please rate helpful post and Cisco Support Community will donate to Kiva

 

Scotty

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
ddavenport-dcc
Level 1
Level 1
In response to Scott Fella

‎05-12-2014 08:00 AM

Thanks Scott. That's fair enough. Haven't had a great deal to do with wireless in the past and am reviewing a current configuration. Helpful answer - so thank you!

 

0 Helpful

Go to solution
ddavenport-dcc
Level 1
Level 1

‎05-09-2014 01:49 PM

Thanks Scott. Is there an underlying reason for this feature? It seems to fly in the face of best practice for VLAN security (albeit the risk being small). I thought maybe I was misunderstanding something but if it's a requirement then I'll configure accordingly-just curious about the reason now. Thanks again.
0 Helpful

Go to solution
Abhishek Abhishek
Cisco Employee
Cisco Employee

‎05-28-2014 04:00 PM

Wired is different from wireless as access point has to be connected through trunk port.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card