Multiple Vlans on a Wireless Cisco Air 1200 AP

Hello,

I have a Cisco Air 1200 Wireless AP and I would like to run two separate vlans that should match to two wi-fi networks that thte AP is advertising - my problem is that my AP does Not show the two separate wi-fi networks as per config attached and if i set the switch port where the AP is connected to as trunk i loose all access connectivity to the AP as well as clients can not obtain ip address throught dhcp.

At present with the attached settings vlan 42 only is working and clients can only see 1 wi-fi network called WIFI1 - WIFI2 does not show as adertised WIFI2???

Can you please help with the missing links:) Thank you
WIRELESSX2VLANSX2SSIDS.txt
TrepExeAsked:
Who is Participating?
 
Craig BeckCommented:
Latest IOS is 12.3(8).JEE

http://www.cisco.com/cisco/software/release.html?mdfid=277026213&softwareid=284180979&release=12.3.8-JEE&relind=AVAILABLE&rellifecycle=ED&reltype=latest

The upgrade process is quite simple - just browse to the AP and go to the System Software menu on the left, then select the Software Upgrade item.  Browse to the new IOS image TAR file and let it upgrade.

Make sure you disable your browser's popup blocker first though!
0
 
wingateslCommented:
On the switch you should have only
interface GigabitEthernet
 description WIRELESS VLANS 42+70
 switchport trunk encapsulation dot1q
 switchport mode trunk
 mls qos trust device cisco-phone
 mls qos trust cos
 auto qos voip cisco-phone
 spanning-tree portfast

Open in new window

On the access point you need to enable guest-mode on the second ssid.
ssid WIFI2
 guest-mode

Open in new window

0
 
Craig BeckCommented:
wingatesl has it, apart from the AP config...

You can't configure guest-mode on two SSIDs simultaneously.  You need to configure mbssid guest-mode instead, like this...

ssid WIFI1
 mbssid guest-mode
!
ssid WIFI2
 mbssid guest-mode

Open in new window

0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
wingateslCommented:
argh, it was a rough morning... give me some slack ;)
0
 
TrepExeAuthor Commented:
Thank you guys - will test and provide feedback asap:)
0
 
TrepExeAuthor Commented:
Hello,

It does Not give me the option to set mbssid guest-mode as advised above:

AP(config-if-ssid)#?
ssid configuration commands:
  accounting             radius accounting
  authentication       authentication method
  exit                        Exit from ssid sub mode
  guest-mode           guest ssid
  infrastructure-ssid ssid used to associate to other infrastructure devices
  ip                           IP options
  max-associations    set maximum associations for ssid
  no                          Negate a command or set its defaults
  vlan                        bind ssid to vlan
  wpa-psk                  Configure Wi-Fi Protected Access pre-shared key


=========================

Cisco Internetwork Operating System Software
IOS (tm) C1200 Software (C1200-K9W7-M), Version 12.2(11)JA1, EARLY DEPLOYMENT RELEASE SOFTWARE

==========================

Any ideas as to how I can achieve that?
0
 
TrepExeAuthor Commented:
Hi, following my last update i mangaged to do ssid mbssid Wifi1 and 2 but it will not let me have both in guest-mode - allows me to set guest-mode only onder a single ssid or ssid mbssied:

interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 70 mode ciphers tkip
 !
 encryption mode ciphers tkip
 !
 encryption vlan 42 mode ciphers tkip
 !
 ssid mbssid Wifi1
    vlan 42
    authentication open
    authentication key-management wpa
    wpa-psk ascii 7 1420431F0A5C727A362D
 !
 ssid mbssid Wifi2
    vlan 70
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 7 03330A1F0057791D5C0C15004247

Thank you for your time!!!
0
 
TrepExeAuthor Commented:
Following my last update - on the switch port as per attached config and suggested trunk config:

I can Not ping the AP on Wifi1 vlan 42 unless i add - Spare_Old_Wol2(config-if)#switchport trunk native vlan 42 - under the trunk switchport config???

If i have the switchport config as:

interface GigabitEthernet
 description WIRELESS VLANS 42+70
 switchport trunk encapsulation dot1q
 switchport mode trunk
 mls qos trust device cisco-phone
 mls qos trust cos
 auto qos voip cisco-phone
 spanning-tree portfast

I can not ping the AP bvi address which is vlan 42??? Any ideas please - really appreciated! Thanks
0
 
Craig BeckCommented:
The switchport needs the native VLAN to be whatever VLAN the BVI interface is attached to on the AP.

The switchport config you have at the moment implies that VLAN1 is the native VLAN, and not VLAN42.
0
 
TrepExeAuthor Commented:
Please ignore my update: by: TrepExePosted on 2012-08-22 at 13:59:25ID: 38320284:

Unable to setup mbssids in order to advertise two separate ssids connected to two separate vlans going back and forth both ways through the switchport trunk.

As you can see from my previous update before the one above - I do not get the option to setup a mbssid in order to have both ssids in guest mode as suggested above.

Can you please help? Thanks
0
 
Craig BeckCommented:
Can you post the SHOW VERSION output from your AP?
0
 
TrepExeAuthor Commented:
Hi Craigbeck,

Please find the show version info below:


Cisco Internetwork Operating System Software
IOS (tm) C1200 Software (C1200-K9W7-M), Version 12.2(11)JA1, EARLY DEPLOYMENT RE                                LEASE SOFTWARE (fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Mon 07-Jul-03 13:48 by ccai
Image text-base: 0x00003000, data-base: 0x004D46F4

ROM: Bootstrap program is C1200 boot loader
BOOTLDR: C1200 Boot Loader (C1200-BOOT-M) Version 12.2(8)JA, EARLY DEPLOYMENT RE                                LEASE SOFTWARE (fc1)

HQSRVROOMWIRELESS uptime is 4 weeks, 6 days, 21 hours, 40 minutes
System returned to ROM by power-on
System restarted at 13:43:45 GMT Mon Aug 6 2012
System image file is "flash:/c1200-k9w7-mx.122-11.JA1/c1200-k9w7-mx.122-11.JA1"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-AP1230B-E-K9     (PowerPC405GP) processor (revision A0) with 14326K/2048K bytes of memory.
Processor board ID FOC07351ARX
PowerPC405GP CPU at 196Mhz, revision number 0x00C4
Last reset from power-on
Bridging software.
1 FastEthernet/IEEE 802.3 interface(s)
1 802.11 Radio(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:0D:BC:48:86:C2
Part Number                          : 73-8704-03
PCA Assembly Number                  : 800-23211-03
PCA Revision Number                  : A0
PCB Serial Number                    : FOC07351ARX
Top Assembly Part Number             : 800-23209-03
Top Assembly Serial Number           : FHK0737J1TK
Top Revision Number                  : A0
Product/Model Number                 : AIR-AP1230B-E-K9

Configuration register is 0xF

Thank you
0
 
Craig BeckCommented:
Hmmm I would suggest upgrading the IOS on the APs.  There are several features implemented in later versions which would possibly achieve what you're after.
0
 
TrepExeAuthor Commented:
Hi,

Can you please confirm the latest ios for this AP and download link if possible - would you point me in the right direction as to the ios upgrade process and main points to bear in mind... can't seem to be able to locate these within the cisco website at present. Thank you
0
 
TrepExeAuthor Commented:
Thank you, Do I have to register with Cisco support in order to be able to download as it is not letting me download the updated ios without a cisco support contract? Is the only way to get these downloads getting a Cisco support contract paid for?

Thank you,

Once I have the updated ios I will install and test functionality and update this post with results in order to complete/ finish it.
0
 
Craig BeckCommented:
Yes you need a SmartNet contract to download the images from Cisco.

There are unofficial downloads available but obviously I'm not allowed to tell you where to get them!
0
 
TrepExeAuthor Commented:
Thank you, will go through the motions and provide feedback on here.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.