?
Solved

Cisco vlan controller configuration

Posted on 2011-10-27
4
Medium Priority
?
1,932 Views
Last Modified: 2012-05-12
Hello i have a little problem regarding my guest access on a Cisco 2504 WLAN controller.

So i have a cisco 3560 In front and in this scenario a non configurable router after 3560

My mgmt net is on 172.17.29.0/24 with 3560 on 172.17.29.2 and mgmt net on 172.17.29.3 and a dhcp on 172.17.29.2

The other net is on 172.17.27.0/24 with the non configurable router on 172.17.27.2. And i have a dynamic interface on my wlan controller on 172.17.27.3 and a dhcp on 172.17.27.2

So the 172.17.29.0/24 net is working like a charm although i cannot get the 172.17.27.0 net to work. First of all i cannot ping the interface of the vlan controller from my switch, although if i place a laptop in the same subnet i can ping it from the switch. Internet also works from the laptop. When i try the wlan on the interface i doesn´t get an ip and i cannot ping the dhcp server or router from the controller on 172.17.27.2. which of course is why i do not get an ip.

the 3560 got an default route of 0.0.0.0 0.0.0.0 172.17.27.2.

i also wonder if it is possible to be able o ping 172.17.27.0 from 172.17.29.0 without first going to the router which in this case is non configurable.

0
Comment
Question by:ptopservicedesk
  • 2
  • 2
4 Comments
 
LVL 15

Expert Comment

by:Frabble
ID: 37049561
I take it the WLAN controller is plugged into the 3560? If it is then the port needs to be configured as a trunk and allowed to pass the VLAN used by the 172.17.27.0/24 network. The controller dynamic interface also needs to have the VLAN ID the same number of the switch VLAN if the traffic is tagged.

When you say non configurable router do you mean you don't have access to it? To ping betwen the two networks you need something to route between them and it's not clear what is doing this. I assume the router is the gateway for the 172.17.27.0 network (172.17.27.2) but what is the gateway for the 172.17.29.0 network?

You say the 3560 is configured for 172.17.29.2; if it is not configured for ip routing then you need a default gateway entry otherwise a route of last resort, either way the address needs to be 172.17.29.* and not 172.17.27.2
0
 

Author Comment

by:ptopservicedesk
ID: 37055112
Hi, yes it looks like this.
WLAN Controller (172.17.29.3 mgmt interface) (172.17.27.3 dynamic interface)
        |
   C3560 Ip addresses (172.17.29.2 default gateway for 172.17.29.0/24) (172.27.27.253)
        |
    ISP Router on 172.17.27.2 (Internet)

So The WLAN Controller is connected to the C3560, Switch ports are trunk with dot1q encap. Vlan tagging is 20 on wlan controller and switch for mgmt interface and 1 on dynamic interface on controller and switchport. Both are able to reach internet in the current config.

SO the router is gateway for the 172.17.27.0 network and the c3560 is router for the 172.17.29.0 network. I really would like the c3560 to be the router for all networks but traffic has to go through ISP router which is non configurable.

C3560 is configured for ip routing but my only route is 0.0.0.0 0.0.0.0 172.17.27.2 so networks are able to reach internet. What routes needs to be there?

As you might notice I am not a network technician but I am trying my best ;)

0
 
LVL 15

Accepted Solution

by:
Frabble earned 2000 total points
ID: 37059514
A Cisco trunk has what is called the native VLAN and this traffic is untagged. If showing a port configuration doesn't list this then it is using the default VLAN 1. If you have entered 1 for the VLAN ID on the WLAN controller dynamic interface then you have configured the traffic to be tagged and so have a mismatch. You'll fix this problem by simply removing the VLAN ID on the dynamic interface configuration for this VLAN.

You've made the routing more clear but I can't see how the 172.17.29.0/24 has successful internet access unless your ISP has configured their router to also NAT this range and has a static routing entry for this network to 172.17.27.253 or you're running a routing protocol to advertise this network, or, the 3560 NATs to a 172.17.27 address.
It's possible to have the 3560 route directly between your two networks but your ISP will also have make configuration changes to their router.
0
 

Author Comment

by:ptopservicedesk
ID: 37061347
Frabble, you have saved my Day. thanks alot.. when i untagged my vlan 1 in the controller everything worked.

Of course not the connection between VLAN:s but that was more of curiosity. If the 3560 was able to do that on it´s own which it wasn´t.

Both nets work perfectly towards internet. 172.17.29.0/24 net has the Switch as it´s default gateway and also switch as dhcp. after that the default route of 0.0.0.0 0.0.0.0 172.17.27.2 tells how it will reach the gateway towards internet. or does it seem strange to you? I could post my config if you would like. Otherwise a big thanks to you!!!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question