Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
3
Helpful
3
Replies

Native VLAN on wired switch and wireless AP

sboivin
Level 1
Level 1

‎11-07-2006 05:58 AM - edited ‎07-03-2021 01:11 PM

On our 3560g switch we have g0/15 set up as a trunk to connect our wireless AP.

Port Mode Encapsulation Status Native vlan

Gi0/15 on 802.1q trunking 35

Port Vlans allowed on trunk

Gi0/15 1-4094

Port Vlans allowed and active in management domain

Gi0/15 1,10-14,18,20,22,30,35

Port Vlans in spanning tree forwarding state and not pruned

Gi0/15 1,10-14,18,20,22,30,35

On my AP I have the native VLAN as 1.

From my reading I found that the AP and the switch port should have the same Native vlan on both ends of the trunk. Well my access point will not work unless the AP trunk is on 1 and the switch is on 35. Any ideas?

Labels:
0 Helpful
3 Replies 3

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎11-07-2006 06:55 AM

When you are setting the IP address on the BVI interface, are you using an address in the vlan 35 subnet? If you could post a copy of the config of the AP that will help as well.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

sboivin
Level 1
Level 1
In response to Stephen Rodriguez

‎11-07-2006 07:35 AM

!

!

!

dot11 ssid guestwifi

vlan 20

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

!

dot11 ssid nwifi

vlan 35

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

guest-mode

!

dot11 arp-cache optional

!

c

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers aes-ccm tkip

!

encryption vlan 35 mode ciphers aes-ccm tkip

!

encryption vlan 1 mode ciphers aes-ccm tkip

!

encryption vlan 20 mode ciphers aes-ccm tkip

!

ssid guestwifi

!

ssid raydonwifi

!

mbssid

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

channel 2462

station-role root

no dot11 extension aironet

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio0.20

encapsulation dot1Q 20

no ip route-cache

bridge-group 20

bridge-group 20 block-unknown-source

no bridge-group 20 source-learning

no bridge-group 20 unicast-flooding

bridge-group 20 spanning-disabled

!

interface Dot11Radio0.35

encapsulation dot1Q 35

no ip route-cache

bridge-group 35

bridge-group 35 block-unknown-source

no bridge-group 35 source-learning

no bridge-group 35 unicast-flooding

bridge-group 35 spanning-disabled

!

interface Dot11Radio1

no ip address

no ip route-cache

shutdown

!

encryption mode ciphers tkip

speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0

channel 5200

station-role root bridge

antenna receive right

antenna transmit right

bridge-group 1

bridge-group 1 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

!

interface FastEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

!

interface FastEthernet0.20

encapsulation dot1Q 20

no ip route-cache

bridge-group 20

bridge-group 20 spanning-disabled

!

interface FastEthernet0.35

encapsulation dot1Q 35

no ip route-cache

bridge-group 35

bridge-group 35 spanning-disabled

!

interface BVI1

ip address 192.168.35.12 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.35.1

no ip http server

ip http authentication aaa

ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1

!

access-list 111 permit tcp any any neq telnet

snmp-server community home RO

snmp-server enable traps tty

control-plane

!

bridge 1 route ip

!

!

!

line con 0

access-class 111 in

transport preferred all

transport output all

line vty 0 4

access-class 111 in

transport preferred all

transport input all

transport output all

line vty 5 15

access-class 111 in

transport preferred all

transport input all

transport output all

!

end

0 Helpful

Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to sboivin

‎11-07-2006 08:35 AM

Shannon,

What you need to do is, remove all the .1 interfaces, and put all the .35 interfaces into bridge-group 1, and mark them with dot1q 35 native. Otherwise you have a mismatch between what the AP thinks is native, what subent the BVI belongs to, and the native vlan on the trunk port. The only requirement here, is that you have a bridge-group 1, it can be on any subinterface, so long as it is the native vlan for the AP.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card