Point to Multipoint Bridge Cisco 1532i

Basically these WAPs will not be having clients connect.  They will be strictly for P2P bridging.  So in that case do I not even need the acoma ssid?  I wasn't sure about that.  I do want to encrypt the data across the P2P ssid.

Also what bridge options do I need to enable on the sub interfaces?

You only need one SSID for the link then.

Bridge options are:

bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding

Select allOpen in new window

Change the number to suit each bridge group.

So then I just configure the encryption on the ssid bridging and remove the ssid acoma and then apply the bridging ssid to the dot11 0?

Yep

So I should have those 4 items applied to bridge group 1 and bridge group 10?

Thanks for your great help on this!

Technically, yes they need to be there but saying that, the AP should enter them automatically.  If you put the config you have now on the APs you might find that they're already there when you do a show run.

Also one other question.  When I apply vlan 1 to ssid bridging it will only let me do vlan 1 or vlan 10.  Does that mean that VLAN 10 won't work with that ssid in bridging mode?

You apply the VLAN to the bridging SSID so that you can pass management traffic to/from the bridges.  If you attached VLAN10 to the SSID you'd have to put an IP address from VLAN10 on each AP in order to manage it.

When you configure multiple VLANs on the APs you don't have to attach them to SSIDs - this is how you trunk VLANs in a bridge configuration.

Gotcha.  So the VLAN info is passed through the trunking with the virtual interfaces on the Gig E and dot11 0 Radio as well as the trunk ports settings on the switches.

Exactly right!

Great! Thanks again for all your help!

Excellent Advice!

My pleasure :-)