Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Requirement for Native VLAN on Flexconnect Access Point

Hi All,

 

Just looking at AP configuration using 5508 WLC.

 

We have APs deployed at all branch sites connected over a corporate L3 WAN to a Data Centre which houses the WLC(s)

When setting the AP for Flexconnect mode there is a requirement that one native VLAN must be configured for each FlexConnect AP. If the AP is attached to a L2 switch and I want to enable multiple VLAN Mappings then I would need to add these VLANs to the allowed VLAN list on a trunk link between the AP and the switch (802.1Q) on the branch site.

Normally if I configured a trunk link I would never add the Native VLAN to the trunk and never use it for any traffic. In this case it would appear that I MUST use the native VLAN (which seems to go against my better judgement). So my question (after all this) is: What must the AP use the Native VLAN?

 

Thanks All.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

This has always been a

This has always been a standard practice for access points that has to connect to a trunk port. This goes back to the autonomous access points and also with FlexConnect and Mesh if your setting up Ethernet bridging.  Wired side is different from the wireless side as you have noticed. 

Please rate helpful post and Cisco Support Community will donate to Kiva

 

Scotty

-Scott
*** Please rate helpful posts ***
6 REPLIES
Hall of Fame Super Silver

The AP's management IP

The AP's management IP address needs to be on the native Vlan. There is no way around this at the moment and you can't have all your vlan's tagged as the AP has to be on the native Vlan. 

Please rate helpful post and Cisco Support Community will donate to Kiva

Scotty

-Scott
*** Please rate helpful posts ***
Community Member

Thanks Scott. Is there an

Thanks Scott. Is there an underlying reason for this feature? It seems to fly in the face of best practice for VLAN security (albeit the risk being small). I thought maybe I was misunderstanding something but if it's a requirement then I'll configure accordingly-just curious about the reason now. Thanks again.

Hall of Fame Super Silver

This has always been a

This has always been a standard practice for access points that has to connect to a trunk port. This goes back to the autonomous access points and also with FlexConnect and Mesh if your setting up Ethernet bridging.  Wired side is different from the wireless side as you have noticed. 

Please rate helpful post and Cisco Support Community will donate to Kiva

 

Scotty

-Scott
*** Please rate helpful posts ***
Community Member

Thanks Scott. That's fair

Thanks Scott. That's fair enough. Haven't had a great deal to do with wireless in the past and am reviewing a current configuration. Helpful answer - so thank you!

 

Community Member

Thanks Scott. Is there an

Thanks Scott. Is there an underlying reason for this feature? It seems to fly in the face of best practice for VLAN security (albeit the risk being small). I thought maybe I was misunderstanding something but if it's a requirement then I'll configure accordingly-just curious about the reason now. Thanks again.

Wired is different from

Wired is different from wireless as access point has to be connected through trunk port.

355
Views
0
Helpful
6
Replies
CreatePlease to create content