Access Point management in VLAN other than native

Similar Messages

• Wlc management port can't trunk other than native vlan

  Hello,
  Ihave installed my first WLC 5508 with this topology :
  WLC Connected trought distrubtion SFP 1Gb port to Core Switch port configured as Trunk port permetting 3 Wireless VLAN :
  - Management WLC, Wireless Voice and Wireless Data Vlan (native Vlan is management WLAN).
  - I have created 2 dynamic interface on WLC regarding my Wireless VLAN :
  10.7.1.0/24 : Defaut Management Virtual Interface when installing WLC +
  10.7.6.0/24 : Voice Virtual Interface and
  10.7.2.0/24 : Wireless Data Virtual Interface trought GUI.
  DHCP configured on each dynamic interface is the L3 vlan interface for equal VLAN subent for CORE SWITCH contining IP DHCP Pool.
  WLC Management Inerface IP adress is : 10.7.1.10/24
  I Have  create 2 WLAN with SSID named Data  ID 1 & Voice ID2.
  I have create and AP Groupe named APGRP1 containing the AP registered on WLC and using both SSID WLAN.
  Both AP are connected to Switch acess port configured as access port to native management WLC VLAN.
  I have create 3 IP DHCP pool on Core switch with related L3 Interfaces for Inter VLAN routing.
  Problem: when I try to connect from laptop to Data SSID  I get IP Address from management WLC VLAN a non DATA VLAN.
  the same case from Wireless IP Phone configured with Voice SSID.
  What can I modifie that permet to both device to get IP address from the correct VLAN?
  Thnks

  Hi Adil,
  Q1 >> AP access port on the switch must be configured on an Access port mode or trunk mode?
  ANS - The  LWAPP/ CAPWAP APs connected to the switchport should be a Access port not trunk.
  Q2>> if the first case, setting the port on, the same VLAN like WLC Management VLAN will support other WLAN Vlans (voice and data)?
  ANS - Yes it does support, since the traffic which involes the WLAN will be inside the LWAPP/CAPWAP logical tunnel.
  Q3>> I will verify the interface mapping between WLAN and Dynamic Interfaces and i will tell you.
  ANS - I will be waiting for your response!!
  lemme know if this answered your question..
  Regards
  Surendra
  ====
  Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull

• Cisco Access point management vlan

  Hi All, 
  I have  all my switches configured to run on native vlan 500 and management on vlan 10 
  with the cisco access point , if I make 500 native or another word trunk untagged vlan then I can't access the router using the BVI interface which is meant to have ip from vlan 10.
  vlan 10 is the management network across our business and all management ips are on that range.
  what are the possible solutions?

  When you connect the access point to the wired LAN, the access point links to the network using a bridge virtual interface (BVI) that it creates automatically. Instead of tracking separate IP addresses for the access point's Ethernet and radio ports, the network uses the BVI.
  When you assign an IP address to the access point using the CLI, you must assign the address to the BVI. Beginning in privileged EXEC mode, follow these steps to assign an IP address to the access point's BVI:
  Step 1 
  configure terminal
  Enter global configuration mode.
  Step 2 
  interface bvi1
  Enter interface configuration mode for the BVI.
  Step 3 
  ip address address
  mask
  Assign an IP address and address mask to the BVI. Note If you are connected to the access point using a Telnet session, you lose your connection to the access point when you assign a new IP address to the BVI. If you need to continue configuring the access point using Telnet, use the new IP address to open another Telnet session to the access point.

• Smart tunnel used for access other than native application?

  Dear all,
  i have a question about smart tunnel. my situation is, i need to  access to the server on certain IP address that using a port (example : port 5007) that is native for the application. that application is customized application just for my company.
  Question is :
  1. can i use smart tunnel to access the application for that particular port (ex : port 5007, 8476) ?
  2. i have so many grup servers (other than group server A) with so many costumized application with native port . is there any other way for me to access to that IP without using smart tunnel? because this project requirement is
  Clientless application access using application/Agent in user's PC, such as RDP, SSH & Native Application and ohers.
  Group Server A
  IP                                     Port
  10.194.24.99
  5007, 80, 9593, 9594, 9595
  10.194.22.99
  82
  192.9.1.99
  23, 449, 8470, 8476, 9470, 9476, 992
  My ASA is 9.1.3 and my ASDM is 7.1.3
  Please kindly to help, any reponse i appreciated
  source : http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/tunnel.pdf

  See http://www.mozilla.org/projects/netlib/PortBanning.html
  * http://kb.mozillazine.org/network.security.ports.banned.override

• SG300-28 poor performance other than native vlan.

  We have a single SG300-28 in L2 mode with 1.1.1.8
  3 vlans
  3 virtual interfaces and 1 parent interface configured on the sonic firewall
  Switch(trunk allow all)-->sonic( 1 parent interface and 3 virtual IP's)
  vlan 10  192.168.10.1
  vlan 20  192.168.20.1
  vlan 30  192.168.30.1
  vlan 1   192.168.99.1 (parent interface)
  Cisco switch mgmt IP 192.168.99.2
  When PC connected to access port of switch with pvid ( 10 or 20 or 30) performance to internet is slow.
  When PC connected to access port of switch with pvid ( 1) performance is as expected.
  PC is able to connect to firewall and get DHCP configuration automatically based on the port which vlan is configured.
  We connected PC directtly to firewall and performance is good irrespective whcih vlan tag was set by PC using realtek utilitiy. Based on the tag set
  PC automatically got DHCP IP for that vlan from firewall. This tells us that the performance problem is isolated to Switch.
  Please advise what could be done.
  I will update to 1.1.2 and test out. So far this switch has been  PITA.

  Hi Dave,
                  As per your email I did  within switchperformance for clients in vlan 10 and also native vlan. There is no perfromance difference.
  As per setup couple of ports in access vlan 10,20,30 etc and rest in native. Port 24 which is trunked to allow all vlan is connected to Sonic FW. Please see attached ttcp results and show tech.
  When I say performance to WAN is poor through firewall it means that webpage from speedtest.net is slow and other webistes like gmail load very slowly (almost unusable)
  Thank you,
  Sreenath.

• WS-2924-XL-EN switch has VLANs other than 1 in ADMIN SHUTDOWN STATE

  I have configured this on a 2900XL before and I did not have any problem. Today I went to configure a 2900XL. I went into VLAN DATABASE and said
  vlan 40 name building4
  and then exit.
  I went to config terminal and configured:
  interface fa0/24
  switchport access vlan 40
  switchport mode access
  no shut
  int vlan40
  no shut
  end
  Now when I do show run it shows a shutdown statement under VLAN 40 and
  show int vlan 40 shows that it is administratively down.
  What am I doing wrong?

  Remember this is a layer 2 switch . You can only have one layer 3 SVI active at one time and it will shutdown all others . The ip is to manage the switch only and has no routing function . If you want to use vlan 40 as the management vlan then you have to manually shutdown vlan 1 or whatever vlan is currently up and then "no shut" vlan 40 . Obviously then your ip addressing and default gateway would have to be in the correct subnet of the layer 3 router supporting this switch.

• CSA MC 6 - How can I create an SSL Certificate that points to a name other than the hostname?

  I have just installed CSA MC 6.0.2.  My company has a bunch of customer's that are on different domains.  We are all linked through VPN tunnels and would like to have all the agents point to a specific URL for updates rather than the hostname of the machine.
  FQDN:                    testserver.abc123.internal
  URL:                       thisserver.abc123.com
  We already have everything setup so that the clients can reach thisserver.abc123.com but I need to create a certificate with this name without changing the server's hostname.  We also don't wnat update their host files.  Any ideas?
  If anyone could help I would greatly appreciate it as we're looking to start upgrading the agents on all servers ASAP.
  Thank you,
  Cory

  What about putting the CSAMC in your DMZ and allowing those ports through your firewall?
  The nice thing is it allows hosts to communicate with the MC no matter where they are.
  You'd have to open up 80 to the MC for software updates but we haven't had any problems in 6 years with that setup.
  Tom

• How to access list of a site other than host web

  Hi All
  I have to create SP Provider hosted app, which needs to reads a list from a particular site i.e if my app is install in site 1 having URL http://server/sites/site1 and the list which needs to access is in site 2 having URL
  http://server/sites/site2.
  I am not getting how can I implement this functionality using CSOM.

  Hi,
  With .NET Managed Client Object Model, as the code will be executed in the web project of this Provider Hosted App, we can use the SharePointOnlineCredentials object as below to
  access another site collection in online environment:
  http://www.vrdmn.com/2013/01/authenticating-net-client-object-model.html
  For on premises environment, you can use NetworkCredential object:
  https://msdn.microsoft.com/en-us/library/system.net.networkcredential.aspx?f=255&MSPPError=-2147217396
  Thanks
  Patrick Liang
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• Access a manage bean through other bean/validator

  Hello
  I want to access a session managed bean from a Validator i created.
  I did added that to my faces-config.xml :
       <referenced-bean>
            <referenced-bean-name>userDetails</referenced-bean-name>
            <referenced-bean-class>com.ibm.manageBeans.UserDetails</referenced-bean-class>          
       </referenced-bean>
  but how do i access the bean within the validator class ??
  Thanks

  I found why this happen but i can't fix it :
  It happen because the validator class is invoking
  before the bean's setters are.
  So naturally the validator get a null when he uses
  the getters.
  What should I do in such a case ?Based on what you have written I imagine you are expecting the bean's values to be set from values in the request? If you are just acting on one value, i.e. the thing you are validating then that value is passed into the validator method, you do not need to get it from a bean.

• Problem in Accessing Admin services using users other than administrator

  Hi,
  I am working on SAP MII 12.1. I have a reuirement to get list of users for a particular role from the system for display in a dropdown. I am using the URL :
  /XMII/Illuminator?Service=admin&mode=UserList&Group=[Param.1]&Content-Type=text/xml
  But I am getting error while logging through a different user (user who does not have Administrator role).
  I tried to call this url as aXML query, through transaction and also through web service, but it's showing following error:
  You do not have permission to access service Admin
  Please let me know how can I use this url for any user who does not have administrator role.
  Thanks,
  Anubhuti

  Hi,
  The problem got resolved by giving the role privileges to access the Admin services through UME. Earlier I couldn't find the way to provide this access in 12.1.
  Thanks,
  Anubhuti

• Not a single app will run after updating to 5 (other than native apps)

  I have just updated to iOS5 and of my 60+ non native apps (Navigo, Facebook etc) not a single one will run.
  Is anyone else experiencing?
  Thanks,
  Derek

  Go to the app store and update all apps that are available for update.  There are several releases for iOS5.  Once I did this, all my apps started working again (even ones that didn't need updating).

• Any way to manage text messages other than individually on the phone?

  In preparation for switching to a replacement phone, I'd like to go thru my older text messages and dump/delete the ones I no longer need. The only way I have been doing it so far is to go into each thread and manually delete each un-needed message.   I have done a few text threads on the phone and it's very time consuming that way.  If I could just delete the whole text thread, it would be easy & quicker, but there are some text messages in each thread that I need to hang onto. 
  Is there any sort of tool or utility that I can sort thru texts when plugged into my PC, and mark which to delete and which to keep?
  As I said, it can be done on the phone, but it's very time intensive to go thru each message thread.  I have to delete the un-needed messages one at a time.
  Thank you in advance.

  What a great phone to have, mattt181.
  Now that you have Verizon Messages installed, you should be able to access Verizon messages from your computer http://vz.to/1ybUH4M.
  TamaraH_VZW
  Follow us on Twitter @VZWSupport
  If my response answered your question please click the "Correct Answer" button under my response. This ensures others can benefit from our conversation. Thanks in advance for your help with this!!

• I cannot access Firefox at all anymore other than a blank screen and a "Firefox is not responding" message.

  I updated the versions of both Firefox and Adobe and now I cannot access Firefox at all. There is a blank screen with Mozilla Firefox top left. A couple of seconds later "(not responding)" appears. An attempt to close the window results in a box with the message "Firefox is not responding"

  You may need to delete the Firefox program folder before (re)installing the latest Firefox.<br />
  In case you still have problems after installing then check your security software.
  A possible cause is security software (firewall) that blocks or restricts Firefox or the plugin-container process without informing you, possibly after detecting changes (update) to the Firefox program.
  Remove all rules for Firefox from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox and the plugin-container process and the updater process.
  See:
  *https://support.mozilla.org/kb/Server+not+found
  *https://support.mozilla.org/kb/Firewalls
  *http://kb.mozillazine.org/Browser_will_not_start_up

• Wireless MAC Filter more than 80 router are access point required

  We needed router are access points Wireless MAC Filter more than 80 product required.

  Use real wireless security with WPA2/AES and forget about the wireless mac filter.

• LAP Access Point - trunk or switchport ?

  Hi Folks.
  I always thought that an access point (unless configured not to) would tunnel back to the controller, so would be connected to a switchport in the same VLAN as the management interface. However, if you apply smartport, it configures the port as a trunk port.
  Which is the correct way to go ?
  Many thanks,
  NM

  Hi, Surendra.
  Thanks for the reply, however it doesn't really answer the question. I can set the port to be a trunk port and the access point will get an IP address if there is DHCP on the default VLAN and it will be fine if the access point management port is also on the same VLAN.
  Or I can set it to be a switch port in the native VLAN 1, where the curreent management ports are and there is DHCP.
  The question is, "If best practice tells us to use a switchport for access points, why does the smartport role make the switch port a trunk port ?"
  That's what I want to know, there must be a reason for it.
  NM