Solved

Extending network to 2 new buildings using Aironet 1532Is

Posted on 2014-03-21
10
1,730 Views
Last Modified: 2014-03-24
I'm looking for some guidance on configuring 3 autonomous Cisco
Aironet 1532Is. We have 2 new buildings at the corporate campus and we are trying to extend the corporate network to those 2 buildings with Wi-Fi (just want to use Wi-Fi as a layer 2 bridge to the new buildings). I should add that the 2 buildings have wired infrastructure we are just trying to span the distance from the main building with Wi-Fi and then the APs that are located in those buildings are going to be plugged into a Catalyst switch.
What's the best way to go about setting this up ?

thanks
0
Comment
Question by:aackar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39946004
This is simple in theory, but could be awkward depending on what you have at each side.

With a single VLAN this is easy.  You just configure a SSID on the 5GHz radio and set one AP to Root Bridge and the other AP to Non-Root Bridge mode.

However, with more than one VLAN you have to create each VLAN on the APs as well as on the switches.  They won't automatically be trunked across the link if the AP doesn't know about them.  This is obviously important if you have a lot of VLANs and it's an absolute nightmare to do in the CLI if you have more than a handful.

Have you already bought the 1532 APs?
0
 

Author Comment

by:aackar
ID: 39946036
I have already purchased 3 autonomous 1532 APs. I have 3 VLANs in total. I want to configure a point to multi-point Ethernet bridge. Any links you know off to any useful documents that could help me save some time on this?
0
 

Author Comment

by:aackar
ID: 39946065
I'm obviously reading a bunch of Cisco docs but any links to anything that goes step by step for configuring a point to multi-point Ethernet bridge on these APs?
0
Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39946108
Try this, substituting the <SSID> and <PRESHAREDKEY> with your own values...

Root Bridge

conf t
dot11 ssid <SSID>
 vlan 10
 authentication open
 authentication key-management wpa version 2
 wpa-psk ascii <PRESHAREDKEY>
!
interface Dot11Radio1
 encryption vlan 10 mode ciphers aes-ccm
 ssid <SSID>
 station-role root bridge
 no shutdown
!
interface Dot11Radio1.10
 encapsulation dot1q native 10
 bridge-group 1
!
interface Dot1Radio1.20
 encapsulation dot1q 20
 bridge-group 2
!
interface Dot11Radio1.30
 encapsulation dot1q 30
 bridge-group 3
!
interface GigabitEthernet0.10
 encapsulation dot1q 10 native
 bridge-group 1
!
interface GigabitEthernet0.20
 encapsulation dot1q 10
 bridge-group 2
!
interface GigabitEthernet0.30
 encapsulation dot1q 30
 bridge-group 3
!
interface BVI1
 ip address 10.0.0.1 255.255.255.0
 no shutdown
!
end

Open in new window


Non-Root Bridge

conf t
dot11 ssid <SSID>
 vlan 10
 authentication open
 authentication key-management wpa version 2
 wpa-psk ascii <PRESHAREDKEY>
!
interface Dot11Radio1
 encryption vlan 10 mode ciphers aes-ccm
 ssid <SSID>
 station-role non-root bridge
 no shutdown
!
interface Dot11Radio1.10
 encapsulation dot1q native 10
 bridge-group 1
!
interface Dot1Radio1.20
 encapsulation dot1q 20
 bridge-group 2
!
interface Dot11Radio1.30
 encapsulation dot1q 30
 bridge-group 3
!
interface GigabitEthernet0.10
 encapsulation dot1q 10 native
 bridge-group 1
!
interface GigabitEthernet0.20
 encapsulation dot1q 10
 bridge-group 2
!
interface GigabitEthernet0.30
 encapsulation dot1q 30
 bridge-group 3
!
interface BVI1
 ip address 10.0.0.2 255.255.255.0
 no shutdown
!
end

Open in new window

0
 

Author Comment

by:aackar
ID: 39946223
great. Let me ask you this, the root bridge in this scenario is going to be at the main building here at the corporate campus and will be directly attached to the wired Ethernet network where there are 3 VLANs. The other 2 APs in this point to multi-point configuration are going to be attached to wired networks as well but will only contain endpoints like laptops, desktops etc. so those 2 wired networks will all be in just one VLAN. Should I just configure one VLAN on 2 those 2 APs or should I still have all 3? It's layer 2 so  you would think it wouldn't matter as far as routing but I"m not sure.
0
 

Author Comment

by:aackar
ID: 39951157
I followed your suggestion and got 2 APs to associate with each other and one can ping the other but the remote one can't ping the default gateway which should be possible since this is a on layer 2. So from the remote AP I can ping the BVI1 interface on the one that's plugged into the corporate network but I can't ping anything else on the corporate network.
Any ideas?
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39951218
What configuration do you have on the switch at the root end?  Is the switchport where the root connects configured as a trunk?
0
 

Author Comment

by:aackar
ID: 39951318
it does connect to a trunk port. Other than that other ports have a data and voice vlan and are then there is a trunk port to the next switch.
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39951336
Can you post the config you've put on the root, and the switchport config?
0
 

Author Comment

by:aackar
ID: 39951414
ok, I have reloaded the AP and it works now.
0

Featured Post

Webinar June 1st - Attacking Ransomware  

The global cyberattack that corrupted hundreds of thousands of computer systems on May 12th had a face, name, & price tag that we’ve seen all too often in recent years: Ransomware. With the stakes – and costs – of a ransomware attack higher than ever, is your business prepared ?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Transparency shows that a company is the kind of business that it wants people to think it is.
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question