Point to Multipoint Bridge Cisco 1532i

I am going to be implementing a point to multipoint bridge with 1 root and 2 non root bridges that are Cisco 1532i waps in autonomous mode.  I have default vlan and vlan 10. Could someone look over these configs and see if I have set them up correctly?
wap-1532-rootbridgecfg.docx
wap-1532-nonrootbridgecfg.docx
DaveKall42Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Craig BeckCommented:
They're not quite right.

1] You haven't attached the acoma SSID to VLAN10.  If you don't attach ALL SSIDs to a VLAN ID those SSIDs with no VLAN ID won't work.

2] The bridging SSID is wide-open.  If that's your P2P SSID you want to secure that or all traffic passing between the two 1532s will be unencrypted.

3] You've configured the guest-mode parameter on the acoma SSID at the non-root bridge, but not at the root.  That will broadcast the SSID from the non-root AP but not the root AP.  However, putting the AP in bridge mode won't allow clients to connect.  If the APs are purely for bridging this is OK.

4] You've not enabled some of the bridge options for each subinterface.  This isn't essential but may cause issues depending on what you have at each end of the link.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DaveKall42Author Commented:
Basically these WAPs will not be having clients connect.  They will be strictly for P2P bridging.  So in that case do I not even need the acoma ssid?  I wasn't sure about that.  I do want to encrypt the data across the P2P ssid.
0
DaveKall42Author Commented:
Also what bridge options do I need to enable on the sub interfaces?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Craig BeckCommented:
You only need one SSID for the link then.

Bridge options are:

bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding

Open in new window


Change the number to suit each bridge group.
0
DaveKall42Author Commented:
So then I just configure the encryption on the ssid bridging and remove the ssid acoma and then apply the bridging ssid to the dot11 0?
0
Craig BeckCommented:
Yep
0
DaveKall42Author Commented:
So I should have those 4 items applied to bridge group 1 and bridge group 10?

Thanks for your great help on this!
0
Craig BeckCommented:
Technically, yes they need to be there but saying that, the AP should enter them automatically.  If you put the config you have now on the APs you might find that they're already there when you do a show run.
0
DaveKall42Author Commented:
Also one other question.  When I apply vlan 1 to ssid bridging it will only let me do vlan 1 or vlan 10.  Does that mean that VLAN 10 won't work with that ssid in bridging mode?
0
Craig BeckCommented:
You apply the VLAN to the bridging SSID so that you can pass management traffic to/from the bridges.  If you attached VLAN10 to the SSID you'd have to put an IP address from VLAN10 on each AP in order to manage it.

When you configure multiple VLANs on the APs you don't have to attach them to SSIDs - this is how you trunk VLANs in a bridge configuration.
0
DaveKall42Author Commented:
Gotcha.  So the VLAN info is passed through the trunking with the virtual interfaces on the Gig E and dot11 0 Radio as well as the trunk ports settings on the switches.
0
Craig BeckCommented:
Exactly right!
0
DaveKall42Author Commented:
Great! Thanks again for all your help!
0
DaveKall42Author Commented:
Excellent Advice!
0
Craig BeckCommented:
My pleasure :-)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.