Cisco WLC 2504 & Netgear gs724T

On the original setup, how where the ports of the WLC configured?  And how where the ports on the 3560 configured?  Can you ping the new switch from other devices on your network?

i am using the same vlan ip scope set up on the netgear as i did on the cisco switch. everything aside from the WLC thats on a trunked port (vlan 10)  on the netgear is on vlan 1. i can ping the other workstations and server fine since they are on the same vlan 1 and 192.168.1.0/24 scope . no other vlans had been configured until i created vlan 10 which is for the WLC; 10.10.10.1/24. the cisco switch will not be connected on the network.

Can you show the config from the original Cisco switch and what you have on the Netgear switch now, please?

Craig i wont be using the cisco switch on the network though,i am trying to get this to work only with the netgear and cisco wlc. since i work more with cisco switches the CLI made it easier for me to set up the trunk port where the controller is connected and have it up and running.BTW ive read some of your previous EE solutions before with wlc though ,thanks. i wont have access to the hardware today though.

I understand, ElFierro.  There's a reason that I'm asking to see your Cisco switch config though.  I'd like to see what your trunk config was on the Cisco switch so I can convert that to Netgear-speak for you.

If I can't see the Cisco config I need to know:

1) What is the management interface on the WLC using as its native VLAN ID?
2) Which VLANs do you want to trunk to the WLC?

This is undoubtedly a tagging issue.  It's a bit different to configure the Netgear switch as you need to configure the Untagged, Tagged and PVID values per port so it's a bit confusing.  To try to clarify for you though, if the WLC's management interface uses VLAN ID 0, that's untagged, so your PVID for the WLC's port(s) or LAG needs to be the VLAN ID for whatever VLAN you want the WLC to be on.  If the WLC's management VLAN ID is anything other than 0 you need to tag the packets going to the WLC from the switch, so you set your PVID to something different than what the WLC's management VLAN ID is set to.

Craig thanks for the input but lets start from scratch, lets say the cisco switch never existed...the only vlan on the netgear switch is vlan1(192.168.1.0/24)..enabled routing on the switch....
now i have  port 1of the wlc conntected on port 23 of the netgear switch. port 23 will be trunked or tagged right? assigned a "T"

step 1 is to create the vlan 10, assign it a ip 10.10.10.1/24. ,add port 23 to the vlan membership,asign the pvid 10? where does this vlan id 0 go?

i set the wlc 10.10.10.100 for the management,gateway was 10.10.10.1

and yes speaking cisco to netgear is a bit confusing :)

yeah that "T" is evil...ok so all other devices are working fine off the default vlan1. i am only going to have 1 ap connected to port 3 or 4 off the wlc. i just want to make sure i can access the wlc from a workstation that has a 192.168.1.xx address. not to get away from the topic but
i will be using the internal wlc dhcp scope to dish out ips for the several wireless clients.

"make sure there's no 'U' on VLAN 1 in the port 23 box." what should it be set to null or T?


yes i set the vlan id on the management int to 10.

 i made arrangements with the office so i will get my hands on the hardware in a couple of hours, it sucks seeing the config but not actually trying the configs on hardware.
thanks again

Ok, so do you want the WLC on VLAN 10, or the wireless clients?

yes thats the only vlan that i created specifically for the wlc, the ap will be piggy backin off the wlc poe ports since the netgear isnt a poe switch

You shouldn't use the WLC for PoE in recent code. Cisco actually advise against it now.

It's still not clear to me though. Do you want the WLC, AP and clients to be on VLAN 10?

Damn dude u threw another wrench in the mix.. :-)  ..there is a 8 port poe switch available at the office,its a netgear :-/.doesnt have L3 capabilites but u can create vlans.  Which clients do u mean? Are we talkin about all other hardwired workstations and server? This means moving all ports from vlan1 to vlan 10?
Also the code on the wlc is 7.6

:-)

I'm talking about wireless clients.  You can put them on the normal VLAN and put the WLC on VLAN 10 or you can put the clients on VLAN 10 with the WLC, or you can put the WLC on VLAN 10 and clients on a new VLAN... It's up to you. Either way you can leave the wired clients where they are.

Ok cool..yeah I'm just gonna keep the wlc,ap,and "wireless" clients on vlan 10

Craig, here are some snapshots.correction the wlc was plugged into port 22 not 23. That was assumption originally but the rest of the config is the same
20160905_135502.jpg
20160905_135450.jpg
20160905_135439.jpg
20160905_135421.jpg

still no access :-/ ..I plugged my laptop on port 18 which is part of vlan1.
Heres the routing table info
20160905_143202.jpg
20160905_143141.jpg

You need an IP on the switch for VLAN 1 and VLAN 10, or you need a router with the same. You need something to route traffic between the two VLANs.

This switch has L3 capabilities..i enabled routing.where would u set the vlan 1 ip on these things?

This will show you...

http://kb.netgear.com/app/answers/detail/a_id/24755/~/how-do-i-configure-vlan-routing-on-a-smart-switch%3F?cid=wmt_netgear_organic

So on port 18 where my laptop is plugged i changed the port pvid to 10 and changed the port on vlan 1 to null. Changed the port on vlan 10 to "u" and i am able to connect since im on the same vlan. Im on the controller but obviously i cant intervlan route.ima check the firmware on the switch and keep u posted

Firmware on the switch should be good.  You've got the Routing tab so you can do what you need from there.

Yeah its a check box thats set to enabled. In theory enabling the box from no to yes should work, kinda like running the ip routing command on a Cisco MLS. Im still reading through the manuals on netgears site. I'll keep ya posted

Ok.so i created another vlan for shits n giggles.vlan 20 10.10.20.1/24..when thru the same progression and i was able to get from vlan 20 to 10. Ok so intervlan routing works but why doesnt it work for the default vlan1.do i need to move everyone off vlan1 and to another one lets say vlan100? Whats the least destructive way though cuz lots of devices are using a 192.168.1.0/24 address. The default router ip is 192.168.1.254

You need to be using the switch as the default gateway on VLAN 1.  At the moment I'm guessing you have a internet router on VLAN 1 and you're using that as the default gateway for all of the wired clients.

Depending on the router you could use IP redirect to push wired clients on VLAN 1 to the switch if they want to get to VLAN 10, but as I say, that depends on the router.

It may be better for you to put the internet router onto its own VLAN and set the switch to use the router as its default gateway, then point everyone at the switch using its relevant VLAN addresses, so for example...

VLAN 1 switch IP 10.10.1.1 255.255.255.0
VLAN 10 switch IP 10.10.10.1 255.255.255.0
VLAN 20 switch IP 192.168.1.253 255.255.255.252
Router IP 192.168.1.254 255.255.255.252

Put a static route on the router pointing 10.0.0.0 255.0.0.0 at 192.168.0.2
Put a static route on the switch pointing 0.0.0.0 0.0.0.0 at 192.168.0.1

Yes the default router ip is on vlan1 since no vlans were ever created until Saturday and today.the internet router doesn't have that capability.but thats what i kinda figured,i just was lookin for the least destructive method since there are a dozen static ips including the domain controller which is running dhcp. I will have to rethink and reengineer this project with a few beers.

Thanks for all your help Craig

No probs!  A few beers is always great to get a project kicked-off :-)