In the config for "bottom3750.txt" in port Fa0/17 is connected to "Netgear Port 1" is this the netgear dhcp server?

This port is a trunk port! perhaps it should be a switch port in vlan 8.

I am sorry the desciption is wrong. The Netgear is on F0/11 on the bottom switch.

can you ping the netgear from the access point?

No I cannot.

If I had to use VLAN1 as my internal lan and VLAN 8 as my "guest lan". How would you setup the ports to use with the WAP with two SSIDs

Hold on a sec, if you can't ping the netgear from the AP - how do you expect it to get an IP address, you are missing something.

Is the netgear pingable at all??

In my original config, see attachment. My laptop could connect to both SSIDs on the one WAP.

PRIVATE, I was on the corp internal network, got 192.168.100.x address

PUBLIC, I was on the TimeWarner(Netgear) network, got 192.168.8.x address

The netgear gives out dhcp of 192.168.8.x, and only for vlan 8

Yes I saw that - but you are not answering the question, can you ping the netgear device from anywhere in the network or not?

Not without manually assigning my laptop a 192.168.8.x address and being on a port that allows VLAN 8 traffic to the port the Netgear box is on.

Listen you are missing the point, let me phrase it another way.

1) Does the netgear have an IP address?

2) Does the netgear route or switch?

3) Do you have a layer 3 interface on your network in the vlan 8 that does have an IP address?

1) Does the netgear have an IP address? Yes. 192.168.0.1

2) Does the netgear route or switch? Route to the Internet cable modem.

3) Do you have a layer 3 interface on your network in the vlan 8 that does have an IP address? Nothing on the network has a 192.168.0.x address besides the Netgear.

Well I dont know how the netgear wil be able to alocate an IP address out of the 192.168.8.x range, when it does not have an interface in the 192.168.8.x range.

The other issue is inter-vlan routing, you CANNOT route from 1 vlan to another WITHOUT a layer 3 interface in the vlans.

You need to re-look into what you want to do.

Ron,

I went over the configurations you have provided us with, and I have a couple of questions:

1.) Almost all your ports on the switches are configured as trunks. Are you sure you need something like that? The ports are normally configured as access ports and only those ports which interconnect switches are configured as trunks.

2.) The upper switch you call "2960" is in fact a 3560 series switch, according to the "show cdp neigh" output from the middle switch. Thus there seems to be an inaccuracy in the description of your network.

3.) Further on, you are claiming that on the "2960" (the upper switch), the port Fa0/23 is connected to the Orinoco AP. However, according to the "show cdp nei" output on the "2960", there is yet another 3560 series switch connected to the Fa0/23 of the "2960" with the hostname "Switch". This is yet another inaccuracy. The configuration of that previously undescribed switch must again be thoroughly inspected.

4.) You have described the middle switch as 3750. However, according to the "show cdp neigh" output on the other switches, the middle switch is in fact a 3560. Another inaccuracy?

5.) You have described the bottom switch as another 3750. Yet according to the "show cdp neigh" on the middle switch, it is in fact 3550. Another inaccuracy?

6.) Your exhibit states that the bottom switch uses the Fa0/24 port to connect go the middle switch and its Gi0/2. In reality, according to the "show cdp nei", the bottom switch uses Gi0/1 to connect to the middle switch. The port Fa0/24 is connected somewhere but it does not show up in the CDP neighbor table.

Formally, the configuration seems to be OK but as you can yourself see here, there are so many discrepancies and confusing aspects of your description here that we can't proceed further until and unless it is absolutely clear that we are looking at the correct devices and have an accurate description of the topology.

Best regards,

Peter