I have to set up some VLANS on Cisco 1240 access points. I have a linksys SRW248G4 Switch. I have set VLAN1, as native on the AP, the same as the switch, and added VLAN10 and VLAN20, and associated an SSID with each, The radio interface is up, however, no clients see the ssid and so can't authenticate.
I am new to this, so any help you can give me would be greatly appreciated.
In order to Broadcast the SSID, type this command on the AP in global configuration mode:
From this doc;
Hope this helps!
Many thanks for taking the time out to reply.
So to sum up, to make this change, we have to configure from the CLI (there's nothing in the GUI to achieve this ?)
If I enter this command, then the two SSID's I have set up will now be visible, and the devices assigned to each network will be able to see their own ssid's and log on.
Seems too good to be true !
OK, I can't test this now as I am not in the office until tomorrow.
In the meantime, following up the chain, do the switch ports that the access points are connected to need to be set as trunk ports or general ports ?
Can you think of anything else that I might need to do ?
Many thanks once again.
When you define multiple SSIDs/VLANs on Cisco Aironet wireless equipment, one (1) SSID can be assigned as guest mode SSID with the SSID broadcast in 802.11 radio beacons. The other SSIDs are not broadcast. The client devices must indicate which SSID to connect.
This doc has all the VLAN info;
Hope this helps!
I have been on that document all day, and others like it... It's really not easy to figure out what to do if you're a newbie.
OK, to recap, we set the guest SSID to be the SSID of VLAN10, that means the computers can browse and pick up the wifi.
However,the other devices (ie handheld remotes) will need to be manually configured and we just have to hope that they hook up to the wifi, there's no way to see the ssid and connect to it.
If they don't seem to connect, how do we test any of that ?
Also, do you know if the switch ports should be general or trunk (it's a linksys...)
Once again, thanks for your help, I have got more from your mails than in three days of hacking around the internet.
No worries :) Glad to be of some small help here. The switchport (at least if they were Cisco :) would need to be set as trunks to carry the appropriate VLAN's. If it were me I would get the Handhelds on the Broadcast SSID and configure the other non-broadcast SSID on the laptops.
Just my 2 cents :)
Yeah, but then guests come with laptops, it's going to be a nightmare trying to get them to join a network they can't see. They are not going to want to start manually configuring, it will annoy them.
Not to mention the staff, they are going to hate it too.
Politically, I don't have a choice. Very complex, this....
Sorry man, it was just a suggestion :( I didn't realize that the "Guest" portion of this was such a big part of the deployment. Leave the Guest network for the guests and hardcode the SSID Ffor the handhelds.
You have been a fantastic help, I am messing with the access points now following your advice, I can see one SSID now.
It might work to put the laptops onto a network with hidden SSID, come to think about it, so that we make sure the remote controllers are able to see and connect. Would we still need encryption for this network ? Also, do I need to map VALN1 to an SSID and set it as the default infrastructure ssid ? (for now, I have left it).
Thanks again, Rob.
You are most welcome :) You will always need some sort of Security even with the SSID not being Broadcast. The SSID can be sniffed "over the air" by anyone who cares to do so.
Vlan 1 does not need to be mapped to an SSID.
Hope this helps!