cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1189
Views
0
Helpful
5
Replies

2 building VLAN setup; WLAN problems (RV110W)

blubbibla
Level 1
Level 1

Hi everyone,

I've set up a System consisting of two RV110W at one of our small sights. We use 3 separated networks for different purposes (security reasons).

- The first RV110W operates as a gateway connecting all the tree networks to the internet and is the DHCP server for all 3 networks.

- The second RV110W is in another building, connected to the first one over tagged VLAN Ethernet and has the function of an "access point".

Here the setup:

cisco_drawing.png

The problem is that WLAN access is not working properly (LAN works perfectly though):

- Often internet access over WLAN is not possible on "Guests network" (but connection to the network can mostly be established)

- The private networks can't be accessed at all. The client tries to connect but drops the attempt after a few seconds.

What is wrong?

Thank you very much for your help

5 Replies 5

mpyhala
Level 7
Level 7

Mikael,

On Building A router, do the following:

Port 4: VLAN 1 Untagged, VLAN 2 and 3 Tagged

On Building B router, do the following:

Port 1: VLAN 1 Untagged, VLAN 2 and 3 Tagged

This will create a trunk port on each router through which the tagged and untagged VLAN traffic can pass. Right now the only VLAN that can pass between the routers is 3.

- Marty

Thanks Marty for your reply.

I'm sorry I might have been a bit too imprecise on the VLANs. The numbers are wrong. Sorry, I just saw that now. Here the right ones:

Private 1: VLAN ID 1 (default) - is that ok from the security perspective? "fallback" into a private network? I read that VLAN ID 1 has special properties.

Private 2: VLAN ID 3

Guest: VLAN ID 5

As proposed by Marty I added VLAN ID 1 as untagged member on port 4 of router #1 and on port 1 of router #2. But it didn't change anything. The behavior is still exactly the same.

Could you elaborate a bit on your answer, so I could understand the mistake I did by setting all on tagged? Currently I don't.

Other suggestions to solve the problem?

I spotted "AP Management VLAN:" in the Wireless settings. It is currently set to VLAN 1. Is that ok? What is this setting for?

Thank you for your help!

Best wishes

Mikael,

I think that I misunderstood the issue that you are experiencing. I understood that only VLAN 3 was able to reach the gateway/internet because you did not have a trunk. I still recommend leaving VLAN 1 Untagged and all other VLANs Tagged on the ports that connect the router. VLAN 1 is typically the default and management VLAN, you could change it to anything and it would not matter. For simplicity VLAN 1 is best.

Please clarify what the actual issue is. "Often internet access over WLAN is not possible on "Guests network" (but connection to the network can mostly be established)"


Do you mean that the guest network can sometimes access the internet but not always?

Also, "The private networks can't be accessed at all."

Does this mean that wireless clients connected to the VLAN 1 SSID cannot access the wired resources on VLAN 1?

- Marty

Marty,

Guest network:

- the clients can connect to the network over WLAN, get an IP and become part of the network

- Mostly the clients will also have internet access over this network but sometimes they don't and I need to restart #2 and sometimes even #1 so that the guest clients have internet access again. At the same time clients connected via Ethernet to #1 never loose internet access. The occasional reboot of the RV110W is only required because of the clients connected to the Guests network "VLAN3" not being able to access the internet.

Private network:

- the clients can't connect to this network at all through WLAN. No WLAN connection can be established. On the iPhone for example I get a message saying "Unable to join the network".

I hope you now understand the issue. Otherwise don't hesitate to ask again.

Mikael

Mikael,

The intermittent internet issue sounds like a corrupt configuration or bad hardware. If the routers were configured wrong you wouldn't see internet access at all on the guest network.

Regarding the private LAN, creating a trunk between the routers should allow access to the WLAN.

I would set up an SSID on Building A router (VLAN 1) and see if you can connect to rule out any issue with that router. Also, make sure that the SSID on Building B router is associated to VLAN 1 for private LAN.

You may want to open a case with support to have someone take a look at the configurations. That would be the fastest and easiest way to resolve all issues. You can find a number to call at the following URL:

www.cisco.com/go/sbsc

Support hours are 9am-6pm M-F (Your time)

- Marty

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: