AP-1131AG: 2 VLANs/SSIDs, switch port configuration?
We're setting up a (seemingly) simple deployment of some APs, and want 2 SSIDs...one will have Pre-Shared WEP and one will be open and broadcast (with access-lists on the router). My question is how to set up the switch port to match my AP, in order for it to pass both VLANs (in this case I've setup WLAN100=VLAN100 and WLAN101=VLAN101)...Do I have to configure trunking on that switchport? Thanks for any links or answers on this!!!
Hi Vince,
Here is a great doc that goes over this concept in detail. You will need to configure Trunking on the switchport. Have a look at what yours might look like;
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk native vlan 1
switchport trunk allowed vlan 1,100,101
From this excellent doc;
Using VLANs with Cisco Aironet Wireless Equipment
http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml#clic2935xl
Hope this helps!
Rob
Similar Messages
-
Switch port configuration for 3500i AP
Hi,
We are due to install a brand new enterprise WLAN based on the WiSM2 platform, 3502i AP and WCS. The APs will be plugged into the 2960S-24TPS-L.
I have scanned over all documentation and cannot for the life of me find a recommended switch port configuration for connecting the AP to the switch in terms of speed / duplex etc. For example, should I just configure the port to auto detect, or is forcing the speed / duplex the way to go. I could also do with knowing other best practice configurations for AP connectivity.
Any help would be greatly appreciated.
Chris.The AP comes online with just auto detect, but I want to know if there are any benefits to forcing this to 1Gbps / Full duplex, or even if this is the right way to go. I suspect auto detect is the best method.
-
ESX/VMWare Switch Port Configuration
Does anyone know how to configure a 3560 switch port that is connecting to an ESX host with multiple VM's??
Hi Jason,
Most of the time people will configure the port as a trunk to the ESX host. So on the 3560 you can just do:
switchport trunk encap dot1q
switchport mode trunk
This will allow your VMs to be in different vlans if you would like.
Chad Peterson
CCIE 23213
Network Consulting Engineer
.:|:.:|:.
CISCO
PDI Data Center
http://www.cisco.com/go/pdihelpdesk -
How to get Networking Switch Port Configuration (I guess SNMP4j will help)
Greetings :)
We have extreme Summit 450e switches installed in our organization. approximately 2000 desktops are connected to these switches.
Now, I want to make a utility to get info from these switches, for example, which IP, MAC etc is running on a particular switch port. I want to extract these kind of info from all switches and export it into a database.
Any help, how to start this work.
Thanks...> Any help, how to start this work.
First research what programmable interfaces it supports. That includes any management API including SNMP, TCP and HTTP.
And then from that figure out what you want to do with it.
After you do both of the above then you start looking to java to program the solution. -
Tandberg C20 switch port configuration
Is there a recommended switch port setting (3750x) for connecting a Tandberg C-Series (20,40,60)?
Smartports?
Port-Security?
Access-port only?The AP comes online with just auto detect, but I want to know if there are any benefits to forcing this to 1Gbps / Full duplex, or even if this is the right way to go. I suspect auto detect is the best method.
-
Cisco switch 300 configure vlan and ports
Hi i need help
i cant see the vlan on port vlan membership
i did create the vlan and i did configure the port the access
but when i try to port vlan membership to tell which port to wich vlan i cant see the vlan i have created in the list
thanks to helpHi,
This forum is focusing on the issues related Windows Server.
To get better help, please post your question on the forum of cisco.
Here is the address,
https://supportforums.cisco.com/
Best Regards.
Steven Lee
TechNet Community Support -
Hi,
I'm following this
guide I'm getting an error when running the below command:
Set-VMNetworkAdapterVlan -vmname PurpleVM1 -Isolated -PrimaryVlanId 2 –SecondaryVlanId 4
Generates the following error:
Set-VMNetworkAdapterVlan : The operation failed.
Failed while applying switch port settings 'Ethernet Switch Port VLAN Settings' on switch 'New Virtual Switch': One or
more arguments are invalid (0x80070057).
A parameter that is not valid was passed to the operation.
Does anyone know why this is happening?
taHi TomG101,
It seems that there is a configuration conflict on the virtual switch port .
Also I tested the command on my lab , it works .
For troubleshooting please create a new virtual switch then try to configure again .
Any further information please feel free to let us know .
Best Regards
Elton Ji
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Switch Port Trunk allowed Vlan
Hi Guys
Request your help on my query :
I have a distribution switch and access switch and port channel between them.
Dist switch is the VTP server
lets assum I have 25 vlan
when I do show vlan brief on the access switch I can see all 25 vlans listed now
no when I configure switch port trunk allowed vlan (ex : permitting 10 vlans )on the link connecting to access switch at Dist switch
Dist switch po1 -- connecting to - po Access switch
Dist switch #
int po1
switch port trunk alllowed vlan x,x,x,x,x,x,x,x,x,
After permitting 10 vlan through trunk allowed vlan and then when I do show vlan brief on the access switch , I should see only the 10 vlan whcih I have permiited right ?
Thanks in advanceHi,
John is absolutely correct - even if you do not permit a VLAN on a trunk, it can still provide communication among local ports on a switch that are all assigned to the same VLAN.
I have a feeling that your original question was focused on a different aspect, though: You probably expected that if you exclude some VLANs from trunks, these VLANs will not be propagated via VTP to surrounding switches. Sadly, this is not the case. The switchport trunk allowed vlan command only affects data traffic in individual VLANs but it has no impact on the operation of VTP protocol. The VTP still advertises all VLANs, regardless of which VLANs are allowed on a trunk. To put it plainly, in a VTP domain, all server/client switches will know about all VLANs. THere is no legal possibility of having a single VTP domain consisting of server/client switch and yet have the switches differ in their VLAN database contents. It's as easy as that: one VTP domain = one big common VLAN database.
Best regards,
Peter -
Private VLAN Promiscuous Trunk Port - Switches which support this function
Can anyone confirm if the "Private VLAN Promiscuous Trunk Port" feature is supported in any lower end switches such as Nexus 5548/5672 or 4500X? According to the feature navigator support seems to be restricted to the Catalyst 4500 range (excluding the 4500X) as shown below. If the feature is going to be supported in the Cat 3850 this would be good to know, thanks
4500x Yes
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/release/note/OL_26674-01.html
Nexus 5k Yes
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/layer2/521_n1_3/b_5k_Layer2_Config_521N13/b_5k_Layer2_Config_521N13_chapter_0100.html
3850s
They dont support pvs at all yet
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/vlan/configuration_guide/b_vlan_3se_3850_cg/b_vlan_3se_3850_cg_chapter_0100.html
Restrictions for VLANs
The following are restrictions for VLANs:
The switch supports per-VLAN spanning-tree plus (PVST+) or rapid PVST+ with a maximum of 128 spanning-tree instances. One spanning-tree instance is allowed per VLAN.
The switch supports IEEE 802.1Q trunking methods for sending VLAN traffic over Ethernet ports.
Configuring an interface VLAN router's MAC address is not supported. The interface VLAN already has an MAC address assigned by default.
Private VLANs are not supported on the switch.
You cannot have a switch stack containing a mix of Catalyst 3850 and Catalyst 3650 switches. -
Routed port configured as native vlan
I have attached a diagram with this discussion. First please have a look at it.
The thing is; I had seen on design recently. There was more than 20 sub interfaces with IP address assigned in a router which was connected to
a switch. The port was obviously a trunk port as it was supposed to make a flow for more than 20 vlans. The confusion part for me is: there
was IP address in the actual physical interface too. I didn't understand why its there in the first place.
Would somebody share me the scoop??
Thank You in advance.Hi Ganesh.,
To be frank I dont see any reason to have the ip address on the main interface. It is just like having native vlan concept.
Please find below testing:
Example:
I have router connecting to the Switch.
Router---F0/1--------------------F0/1---Switch
Router f0/1- ip address 50.0.0.1 /24---
f0/.1---ip address 10.0.0.2/24
f0/.2--ip address 20.0.0.2/24
f0/.3- ip address 30.0.0.3/24
Switch
F0/1--Switch port mode trunk----switch trunk encap dot1q --Switch trunk native vlan 50.>>> configuring native vlan as 50.
vlan 10--ip address 10.0.0.1/24
vlan 20---ip address 20.0.0.1/24
vlan 30 -ip address 30.0.0.1/24
vlan 50--ip address 50.0.0.2/24
Now you will have reachability to all the network. Were in Vlan 50 is your native vlan now.
HTH
Regards
Inayath. -
Configure interface vlan on switch 3524 XL
Hi all,
I have an old switch C3524 running image "C3500XL-c3h2s-mz-120.5.2-xu". I had successfully created vlan 120 but when I config "interface vlan 120" as follows:
swicth # conf t
switch(config-subif)#interface vlan 120
switch(config-subif)#ip address 172.10.10.1 255.255.255.0
switch(config-subif)#no shut
then show run does not see this interface. Show vlan indicates vlan 120 is active.
Please help. thank you.you're right. I just shut down interface vlan 10 (interface vlan 1 is down already) then interface vlan 120 comes up. Question is: if I need to configure several ports: some in vlan 10 and some in vlan 120 then should I have interface vlan 10 up too ?
Thank you very much. -
Configure a different DHCP pool on a 1921 Router for a VLAN 2960 switch
Hello guys,
I have a cisco 1921 router with the LAN interface connected to a Cisco 2960 switch.
My 2960 switch is configured to work in VLANs
What I would like to do is create IP pools for each VLAN in my switch.
This will allow a PC on a VLAN to get an IP in a different subnet as PCs connected in other VLANs
thanks!
Martini sent the wrong switch configuration
here is the right one
Current configuration : 6892 bytes
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Switch
boot-start-marker
boot-end-marker
enable secret 5 $1$VuOI$5qvm59Nk9BBuIBqYRmAJW.
no aaa new-model
clock timezone UTC -4
switch 1 provision ws-c2960s-48lps-l
authentication mac-move permit
ip subnet-zero
vtp mode transparent
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
vlan internal allocation policy ascending
vlan 2
name Administracion
vlan 3
name Micros
vlan 4
name VoIP
vlan 5
name WiFi-Publico
vlan 6
name Otros
vlan 7
name Libres
interface FastEthernet0
description Management Port
no ip address
interface GigabitEthernet1/0/1
switchport mode trunk
interface GigabitEthernet1/0/2
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/3
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/4
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/5
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/6
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/7
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/8
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/9
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/10
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/11
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/12
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/13
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/14
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/15
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/16
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/17
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/18
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/19
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/20
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/21
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/22
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/23
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/24
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/25
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/26
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/27
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/28
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/29
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/30
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/31
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/32
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/33
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/34
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/35
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/36
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/37
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/38
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/39
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/40
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/41
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/42
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/43
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/44
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/45
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/46
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/47
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/48
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/49
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/50
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/51
switchport access vlan 7
switchport mode access
interface GigabitEthernet1/0/52
switchport access vlan 7
switchport mode access
interface Vlan1
no ip address
ip http server
ip http secure-server
ip sla enable reaction-alerts
line con 0
line vty 0 4
login
line vty 5 15
login
end -
Is it possible to configure the switch port to mode trunk if I m going to put a Pc on that port?
If the answer is yes then what are the adventages and the disadventages of doing this. I've proof this with real switches and configuring the ports as trunk with a pc and the pc can ping other pc that are on the same Vlan or configure as trunk. I would like to know why does that happend?
Hi,
It may work, you can configure an interface connecting to host as a trunk link but only if you want that host to receive data from multiple vlans since trunks allowed all vlans per default.
Usually, on a switch you configure vlans to logically devide the users and to avoid flooding all the users with all the information from multiple vlans which they do not need and which causes unnecessary burden on the ports carrying traffic.
Hope this helps. -
Currently we have the following
Cat 4003 with VLAN trunking turned on to multiple switches. Each port in those exterior switches is assigned to a vlan(we have about 60 different vlans).
What I would like to do is on those exterior switches have two vlans assigned to it.
We'd like to create a single IP Phone VLAN(let's call it 999) that can span our entire enterprise and would have dhcp deployed on it.
Each port is connected to an IP phone which has a 2 port switch in them. One port to the wall, one to the pc.
The switch ports on those phones support vlan tagging
How would setup an exterior switch to access 2 vlans that connect to 2 port switch on an IP phone?To facilitate ease of deployment, use VTP so that you can centrally create the vlans and propagate to each exterior switch. Now I believe you already do have a layer 3 engine or router that does routing between all these vlans. What switches are used on teh exterior ? This is to find out if voice vlan support is available.
In cat switches, voice vlan is created using command,
set port auxiliaryvlan vlan
In IOS based switches,
int fa0/1
switchport mode trunk
switchport trunk encap dot1q
switchport trunk native vlan
switchport voice vlan
switchport priority cos extend 0
or
int fa0/1
switchport mode access
switchport access vlan
switchport voice vlan
I am not sure about support of voice/aux vlan in 4003. We will have check your other switch models/ software versions to determine support for this command. -
LMS 4.2 - How do I find switch ports that are configured as trunks.
I've been tasked with finding all switch ports that are configured as Trunks. We plan to use LMS 4.2 to push (via Netconfig) new interface level commands to all user (non-trunked) ports. From my experience, this poses a problem because we do not know which ports are configured as trunks -vs- user ports.
Using Netconfig is not going to be easy since there is no way to script this. It would be great if I could run a show command on a switch and then have CWSI peform a change based upon the output.
In other words, we need a way to run a job based upon the output of a command.
Is there a section of LMS that I could use for help with this?
Thanks,You need to go to Monitoring>Dashboard. Here Just click the switch in the Llisted device and then click the interface you will find the all the down and Up interface with type of configuration (i.e. Trunk or Access.)
Maybe you are looking for
-
How do you design a software well?
Hi people, I am hoping you can join me in this discussion and provide me tips as to being a better software developer. I am sure your vast experiences can give me the way to a best practice in terms of programming, development, and system design. Hop
-
How do I change the font and size of text fields in creation of and image gallery? I am able to change color. I have Lightroom 3. Thanks.
-
What is the role of java in the netweaver platform
Hi All sapnetweaver platform is the integration of the java and abap.then what is the role of java in that netweaver platform regards Sunil
-
Inheritance in a Relational Database
Hi Now I've some problem in mapping my class hierarchy in relational database table. How to express inheritance relationship in database? Any advice appreciated victor
-
Separating heavy duty business process from web application
I'm working with a web application that just runs in a Servlet container, Jetty actually. I'm wondering what the best way to separate resource intensive processes, such as a search indexing process, from the main web application. These resource inten