• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 941
  • Last Modified:

AP 1130 vlan doesn't exist on radio-802.11a (via GUI)

Hello All,

I just reconfigured new AP 1130. I have two ssids. One works One also works but I get a public IP when I get on instead of one of the vlans. When I use GUI I get the "vlan 4 doesn't exist on radio-802.11a see services - vlan) which I did. Both radio buttons are checked. Can anyone see what might be the issue here? See below config. We're talking about vlan4 and the ssid for it is swecoustest

e_AP#test aaa group radius xx  xxxxxxx leg
Attempting authentication test to server-group radius using radius
User was successfully authenticated.






Current configuration : 6856 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Suzlon_Elgin_MainOffice_AP
!
logging rate-limit console 9
enable secret 5xxxxxxxxxxxxxxxxx.
enable password 7 xxxxxxxxxxx
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius RAD_EAP
 server xxxxxxx auth-port 1812 acct-port 1646
 server xxxxxxx auth-port 1812 acct-port 1813
 server xxxxxxx auth-port 1812 acct-port 1813
!
aaa authentication login default group tacacs+ local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login eap-method group radius
aaa authentication login EAP group RAD_EAP
aaa authorization network default group RAD_EAP
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
!
!
dot11 mbssid
dot11 syslog
!
dot11 ssid SWECOGUESTTEST
   vlan 5
   authentication open
   authentication key-management wpa
   mbssid guest-mode dtim-period 75
   wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxx
!
dot11 ssid SWECOUSTEST
   vlan 4
   authentication open eap EAP
   authentication key-management wpa
   accounting acct_methods
   guest-mode
   mbssid guest-mode
!
!
crypto pki trustpoint TP-self-signed-3491121958
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3491121958
 revocation-check none
 rsakeypair TP-self-signed-3491121958
!
!
crypto pki certificate chain TP-self-signed-3491121958
 certificate self-signed 01
  quit
username Cisco password 7 xxxxxxxxxx
!
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 4 mode ciphers aes-ccm
 !
 encryption vlan 5 mode ciphers tkip
 !
 ssid SWECOGUESTTEST
 !
 ssid SWECOUSTEST
 !
 speed  basic-1.0 basic-2.0 basic-5.5 basic-11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0
 channel 2412
 station-role root
 world-mode dot11d country-code US indoor
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.4
 encapsulation dot1Q 4
 no ip route-cache
 bridge-group 4
 bridge-group 4 subscriber-loop-control
 bridge-group 4 block-unknown-source
 no bridge-group 4 source-learning
 no bridge-group 4 unicast-flooding
 bridge-group 4 spanning-disabled
!
interface Dot11Radio0.5
 encapsulation dot1Q 5
 no ip route-cache
 bridge-group 5
 bridge-group 5 subscriber-loop-control
 bridge-group 5 block-unknown-source
 no bridge-group 5 source-learning
 no bridge-group 5 unicast-flooding
 bridge-group 5 spanning-disabled
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 !
 encryption vlan 4 mode ciphers aes-ccm
 !
 encryption vlan 5 mode ciphers tkip
 !
 ssid SWECOGUESTTEST
 !
 ssid SWECOUSTEST
 !
 dfs band 3 block
 channel dfs
 station-role root
 world-mode dot11d country-code US indoor
!
interface Dot11Radio1.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1.4
 encapsulation dot1Q 4
 no ip route-cache
 bridge-group 4
 bridge-group 4 subscriber-loop-control
 bridge-group 4 block-unknown-source
 no bridge-group 4 source-learning
 no bridge-group 4 unicast-flooding
 bridge-group 4 spanning-disabled
!
interface Dot11Radio1.5
 encapsulation dot1Q 5
 no ip route-cache
 bridge-group 5
 bridge-group 5 subscriber-loop-control
 bridge-group 5 block-unknown-source
 no bridge-group 5 source-learning
 no bridge-group 5 unicast-flooding
 bridge-group 5 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface FastEthernet0.4
 encapsulation dot1Q 4
 no ip route-cache
 bridge-group 4
 no bridge-group 4 source-learning
 bridge-group 4 spanning-disabled
!
interface FastEthernet0.5
 encapsulation dot1Q 5
 no ip route-cache
 bridge-group 5
 no bridge-group 5 source-learning
 bridge-group 5 spanning-disabled
!
interface BVI1
 ip address xxxxxxxx 255.255.255.0
 no ip route-cache
!
ip default-gateway xxxxxxxxxxxx
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server host xxxxxxx auth-port 1812 acct-port 1813 key 7 xxxxxxxxxxx
radius-server host xxxxxxxx auth-port 1812 acct-port 1813 key 7 xxxxxxxxx
bridge 1 route ip
0
Shark Attack
Asked:
Shark Attack
1 Solution
 
Shark AttackNetwork adminAuthor Commented:
Just to keep everyone up to date, there was an issue with vlans. I have put the AP on a different vlan and it worked. thanks all
0

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now