[c-nsp] Access Point & 2 SSID's Trunked to Vlan's

Tue Dec 18 15:35:32 EST 2007

Here is what we have configured on some of our switch ports. You may
want to also consider upgrading your aps to the latest version IOS. What
version IOS are you running?

interface Fas0/4
switchport trunk encapsulation dot1q
switchport trunk native vlan xxx
switchport trunk allowed vlan 1,2,3,1002-1005
switchport mode trunk
no spanning-tree portfast

Anna Spaunhorst 

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Tom Storey
Sent: Wednesday, December 05, 2007 6:24 PM
To: Dan Letkeman
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Access Point & 2 SSID's Trunked to Vlan's

> Hello,
>
> I'm new to using access points and what I would like to do is setup an
> 1131ag with a trunk to a 2960 switch, then have two different ssid's
which
> would be mapped to two different vlan's on the 2960.  Does anyone have
an
> example config for something like this?
>
> Thanks,
> Dan.

This is the config Im currently using between a 3524XL and 1242AG, the
config should be fairly similar if not exactly the same for a 1131AG.

Switch port:

interface FastEthernet0/4
 description ** Trunk to Fa0 on ap1 **
 duplex full
 speed 100
 switchport trunk encapsulation dot1q
 switchport multi vlan 3,5
 switchport mode trunk
!

AP specifics:

dot11 vlan-name open-vlan vlan 5
dot11 vlan-name closed-vlan vlan 3
!
dot11 ssid open-wlan
   vlan open-vlan
   authentication open
   mbssid guest-mode
!
dot11 ssid closed-wlan
   vlan closed-vlan
   authentication open
   authentication key-management wpa
   mbssid guest-mode
   wpa-psk ascii xxxxxxxxxx
!
bridge irb
!
interface Dot11Radio0
 description ** 802.11b/g Radio **
 no ip address
 no ip route-cache
 load-interval 30
 !
 encryption vlan closed-vlan mode ciphers aes-ccm
 !
 ssid open-wlan
 !
 ssid closed-wlan
 !
 mbssid
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
36.0 48.0 54.0
 station-role root
 bridge-group 1
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.3
 encapsulation dot1Q 3
 no ip route-cache
 bridge-group 3
 bridge-group 3 subscriber-loop-control
 bridge-group 3 block-unknown-source
 no bridge-group 3 source-learning
 no bridge-group 3 unicast-flooding
 bridge-group 3 spanning-disabled
!
interface Dot11Radio0.5
 encapsulation dot1Q 5
 no ip route-cache
 bridge-group 5
 bridge-group 5 subscriber-loop-control
 bridge-group 5 block-unknown-source
 no bridge-group 5 source-learning
 no bridge-group 5 unicast-flooding
 bridge-group 5 spanning-disabled
!
interface Dot11Radio1
 description ** 802.11a Radio **
 no ip address
 no ip route-cache
 load-interval 30
 !
 encryption vlan closed-vlan mode ciphers aes-ccm
 !
 ssid open-wlan
 !
 ssid closed-wlan
 !
 no dfs band block
 mbssid
 speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
 channel dfs
 station-role root
 bridge-group 1
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1.3
 encapsulation dot1Q 3
 no ip route-cache
 bridge-group 3
 bridge-group 3 subscriber-loop-control
 bridge-group 3 block-unknown-source
 no bridge-group 3 source-learning
 no bridge-group 3 unicast-flooding
 bridge-group 3 spanning-disabled
!
interface Dot11Radio1.5
 encapsulation dot1Q 5
 no ip route-cache
 bridge-group 5
 bridge-group 5 subscriber-loop-control
 bridge-group 5 block-unknown-source
 no bridge-group 5 source-learning
 no bridge-group 5 unicast-flooding
 bridge-group 5 spanning-disabled
!
interface FastEthernet0
 description ** Trunk to Fa0/4 on sw1 **
 no ip address
 no ip route-cache
 load-interval 30
 speed 100
 full-duplex
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
 hold-queue 160 in
!
interface FastEthernet0.3
 encapsulation dot1Q 3
 no ip route-cache
 bridge-group 3
 no bridge-group 3 source-learning
 bridge-group 3 spanning-disabled
!
interface FastEthernet0.5
 encapsulation dot1Q 5
 no ip route-cache
 bridge-group 5
 no bridge-group 5 source-learning
 bridge-group 5 spanning-disabled
!
interface BVI1
 description ** Management Interface **
 ip address 172.25.84.8 255.255.255.240
 no ip route-cache
!
bridge 1 route ip
!

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/