Solved

need help with configuring cisco aironet AP's in existing cisco vlan environment.

Posted on 2014-02-03
1
1,047 Views
Last Modified: 2014-02-13
need help with configuring cisco aironet AP's in existing cisco vlan environment.
My switches (core 3750x and 2960) have a
default vlan1 (native)
vlan2 WIFI
vlan3 VOIP

Servers and computers are member from the default vlan1 (native) . I used no command on the switches regarding vlan1 so it is still untagged.
Purpose it to use vlan2 for the WIFI access points, they need to communicate with the computers and servers from vlan1 but i am not familiar with the best setup and configuration.Ip routing is enabled and working on the switches.
All the vlans are also tunneled to a remote site.
I give the bvi1 interface  from the AP and address from the subnet vlan1 and add the rule encapsulation dot1q native.
Do i need to configure another wired interface from the AP (interface GigabitEthernet0.1 or interface GigabitEthernet0.2) also or can i use only the bvi1 for management and data traffic?
The AP's are connected to a trunk port on which only allow vlan1&2 traffic is allowed (switchport trunk allowed vlan add 1,2)
It is obvious to create an ssid and link it to vlan2 and i don't need multiple ssid's.
Are commands as bridge 1 route ip needed?
ip-default gateway is the router interface from vlan1.
With my current config the wifi client have access to the remote site but no internet access,i still need to test  the routing.
Thank you for your help
Last-configurationAP1-XPRTS.doc
0
Comment
Question by:antwerp2007
1 Comment
 
LVL 5

Accepted Solution

by:
Martin Tarlink earned 500 total points
ID: 39831489
Below I pasted one of my old configuration, I had two SSID, but in your case you will need only one, I assume you dont want to open voice vlan over Wifi.
ANd if you can change your vlan from Vlan 1 to soemthing else as it is not recommended to use default Vlan 1

dot11 syslog
dot11 vlan-name SSIDname1 vlan 2
dot11 vlan-nameSSIDname2vlan 3
!
dot11 ssid WIFI-OPEN
   vlan 2
   authentication open 
   mbssid guest-mode
   information-element ssidl
!
dot11 ssid WIFI-SECURED
  vlan 3
   authentication open 
   authentication key-management wpa
   guest-mode
   mbssid guest-mode
   wpa-psk ascii 7 xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx
   information-element ssidl wps
!
dot11 network-map


!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!

bridge irb
!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption mode ciphers tkip 
 !        
 encryptionvlan 3 mode ciphers tkip 
 !
 ssid WIFI-OPEN
 !
 ssid WIFI-SECURED
 !
 mbssid
 speed  basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
 channel 2412
 station-role root
 l2-filter bridge-group-acl
 no cdp enable
 infrastructure-client
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
interface Dot11Radio0.2
 encapsulation dot1Q 2
 no ip route-cache
 bridge-group 2
 bridge-group 2 subscriber-loop-control
 bridge-group 2 block-unknown-source
 no bridge-group 2 source-learning
 no bridge-group 2 unicast-flooding
 bridge-group 2 spanning-disabled
!
interface Dot11Radio0.3
 encapsulation dot1Q 3
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.11
 encapsulation dot1Q 11 native
 no ip route-cache
 bridge-group 11
 bridge-group 11 subscriber-loop-control
 bridge-group 11 block-unknown-source
 no bridge-group 11 source-learning
 no bridge-group 11 unicast-flooding
 bridge-group 11 spanning-disabled
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
interface Dot11Radio1
 no ip address
 no ip route-cache
 !
 encryption mode ciphers tkip 
 !
 encryptionvlan 3 mode ciphers tkip 
 !
 ssid WIFI-OPEN
 !
 ssid WIFI-SECURED
 !
 dfs band 3 block
 mbssid
 speed  basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
 channel dfs
 station-role root
 l2-filter bridge-group-acl
 no cdp enable
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
interface Dot11Radio1.2
 encapsulation dot1Q 2
 no ip route-cache
 bridge-group 2
 bridge-group 2 subscriber-loop-control
 bridge-group 2 block-unknown-source
 no bridge-group 2 source-learning
 no bridge-group 2 unicast-flooding
 bridge-group 2 spanning-disabled
!
interface Dot11Radio1.3
 encapsulation dot1Q 3
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1.11
 encapsulation dot1Q 110 native
 no ip route-cache
 bridge-group 11
 bridge-group 11 subscriber-loop-control
 bridge-group 11 block-unknown-source
 no bridge-group 11 source-learning
 no bridge-group 11 unicast-flooding
 bridge-group 11 spanning-disabled
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
interface FastEthernet0.2
 encapsulation dot1Q 2
 no ip route-cache
 bridge-group 2
 no bridge-group 2 source-learning
 bridge-group 2 spanning-disabled
!
interface FastEthernet0.3
 encapsulation dot1Q 3
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface FastEthernet0.11
 encapsulation dot1Q 11 native
 no ip route-cache
 bridge-group 11
 no bridge-group 11 source-learning
 bridge-group 11 spanning-disabled
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
interface BVI1
 ip address 10.10.10.77 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.10.10.1
ip http server
ip http authentication aaa
ip http secure-server

bridge 1 route ip
!
!
!
line con 0
line vty 0 4
!
end

Open in new window

0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Some sers suddenly getting error popup msg 28 93
Blacked by spamhaus? 26 70
Ping and real time 48 55
Price for Fiber 13 33
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question