cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4201
Views
10
Helpful
5
Replies

how to reach accesspoint connected with router interface ??

Dr.X
Level 2
Level 2

hii ,

i have the topology below :

R1>192.168.1.1<=====>accesspoint A <172.16.1.1>   <<<<wireless link >>>>>>    accesspoint  B <172.16.1.2> <=========>192.168.1.2 <R2

hint : the acces points ips are only for management .

as you see above ,

in the same link we have 2 subnets , one to the routers , and the 2nd one for the wireless link for configuring access points ,

now some times , i need to look at the access points config , and in this case i have to change one ip of the two routers to any ip of the subnet 172.16.0.0/16 and i can reach both the access points ,

my request is ,

i want to reach the two access points without making down in the network 192.168.1.0/24 .

i began thinking about  making subinterface on the router and  put the subinterface an ip of the subnet 172.16.0.0/16 ,

i did , but i requred a vlan encaspulatin and vlan id ,

i put dot1q and random vlan id  50 ,

but i still cant reach the access points .

could any find my problem , or suggest another solution ??????/

regards

1 Accepted Solution

Accepted Solutions

If it's directly connected, does it connect directly to the interface that has address 192.168.1.1 or is it on a separate interface? If it's on the same interface, you could put a secondary address on the 192.168.1.1 interface and you should be able to get to it:

int fa0/0

ip addre 192.168.1.1 255.255.255.0

ip address 172.16.1.5 255.255.255.0 second

Depending on the default gateway on your computer, you may need to put a static route pointing to this router to get to this subnet. If your default gateway points to this router, you should be able to get to it.

HTH,

John

HTH, John *** Please rate all useful posts ***

View solution in original post

5 Replies 5

John Blakley
VIP Alumni
VIP Alumni

What kind of access points are these? If they're Cisco, the subinterface configuration can work but it's going to get a little tricky. As you may know, when you set up router-on-a-stick and configure your encapsulations, you can specify the native vlan. Let's assume that you're native vlan is on the default of 1. When you create your subinterface, as you said that you did, you created it with a vlan id 50. This isn't your native, so now the router is expecting to see traffic tagged with vlan id of 50. You can make your access points part of the vlan 50 on the switch that they're connected to, but looking it your diagram it seems as though you have the APs directly connected to the router. If that's not the case and the access points definitely do connect to a switch, try adding the vlan 50 to the switch and then making the port an access port of vlan 50.

Aside from that, if these are connected to switches that don't support vlans, such as an unmanaged switch, you won't be able to pass the vlan 50 tag to the router and wouldn't be able to get to your AP. The other configuration that you could do is if users use these APs for wireless access, you probably want them on a separate subnet (at least I know I do). If that's the case, that requires a separate vlan in which case going back to the above we're going to assume that you have something that supports vlans (switch, directly connected to router, etc). If this is a Cisco AP, and you have your users on vlan 1 and want your management address on vlan 50, simply making the switchport that the AP connects to as an access port to vlan 50 will break your users configuration. You'd need to also create subinterfaces on your access point (this is again assuming this is a Cisco AP). Cisco's don't allow you to run multiple SSIDs on the same vlan, so when you create your subinterfaces, you'll now need to change the configuration for the AP to support all vlans (not just the native):

dot11 ssid CustA

vlan 1

dot11 ssid CustB

vlan 2

int d0

encryption vlan 1 mode ciphers tkip

encryption vlan 2 mode ciphers tkip

int d0.1

bridge-group 1

int d0.2

bridge-group 2

int d0.50

descript management

bridge-group 50

int fa0.1

encapsu dot1q 1 native

bridge-group 1

int fa0.2

encapsu dot1q 2

bridge-group 2

int fa0.50

descript Management

encaps dot1q 50

int bvi1

ip addr 172.16.1.1 255.255.255.0

You can also change the vlan 50 to be configured as the native and the users will still be able to connect. You'll obviously need to change the switchport that the AP connects to to a trunk port for these vlans to work.

HTH,

John

**** Please rate all useful posts ****

HTH, John *** Please rate all useful posts ***

hi ,

i really appreciate ur preciuos  info and nice reply ,

actually , it is not  cisco access point ,

its connected directly with no switch in the middle .

it just configured as bridge and no vlan config on the AP ,

i think this mean that it uses vlan 1  , but not sure ,

now if i want to type vlan  1 as native vlan in the subinterface , the command is rejected and cant use  vlan 1 ?

If it's directly connected, does it connect directly to the interface that has address 192.168.1.1 or is it on a separate interface? If it's on the same interface, you could put a secondary address on the 192.168.1.1 interface and you should be able to get to it:

int fa0/0

ip addre 192.168.1.1 255.255.255.0

ip address 172.16.1.5 255.255.255.0 second

Depending on the default gateway on your computer, you may need to put a static route pointing to this router to get to this subnet. If your default gateway points to this router, you should be able to get to it.

HTH,

John

HTH, John *** Please rate all useful posts ***

Robert R
Level 1
Level 1

Quickest solution is to give the APs an IP address in the 192.168.1.0/24 subnet.

For what it's worth, if your 192.168.1.0/24 network is simply used for the p2p link between the 2 routers, you may want to consider making it into a /30 to save address space.  Not a huge issue, but worth doing nonetheless.  Also, if there is no out of band management ports on the Access Points, you may want to consider making the p2p network a /29 and giving the APs an address from within.

R1)192.168.1.1 /29 <===> AP1) 192.168.1.3/29 <====> AP2)192.168.1.4/29 <======> R2) 192.168.1.2/29

Then there's no need for secondary ips or static routes.

hi ,

Thanks very much john ,  i did it

thanks also robert ,   im using /30 in p2p link  .

anyway

apperciate ur help

regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: