[c-nsp] Can't pick up ip address--cisco 1200 ap

Graham Wooden graham at g-rock.net
Sun Aug 2 16:17:21 EDT 2009


Well, without a VLAN aware switch you are dumping tagged VLAN traffic into
an interface that won't do anything with it, and in turn won't pass you
traffic to your "sub interfaces" on your AP.

So to move forward, you really need to have the AP plugged into a VLAN aware
switch, with the port setup for dot1q and allowing these two vlans.
Then set up some other ports on the switch to handle the untagged traffic
for these two vlans and put your DHCP server(s) on it.  Or if you running
your DHCP server on a router, you can sub interface out the router and make
that switchport dot1q as well.

Make sense?  Again, without the proper handling of the traffic leaving the
AP, traffic won't go in properlly as well.

HTH,

-graham


>> From: snort bsd <snortbsd at yahoo.com.au>
>> Subject: Re: [c-nsp] Can't pick up ip address--cisco 1200 ap
>> To: "cisco-nsp" <cisco-nsp at puck.nether.net>, "Graham Wooden"
>> <graham at g-rock.net>
>> Received: Sunday, 2 August, 2009, 11:08 AM
>> 
>> Thanks for reply.
>> 
>> No, we have no VLAN aware switch connecting to it yet. We
>> want to use it to replace the linksys wireless router we are
>> using.
>> 
>> The idea is that some of mobile user connecting to VLAN 10
>> via wireless and some  of mobile users connecting to
>> VLAN 20. Users on both VLANs could get to internet but
>> access different resources internally (with VLAN aware
>> switches).
>> 
>> One problem a time...:)
>> 
>> _Dave
>> 
>> --- On Sun, 2/8/09, Graham Wooden <graham at g-rock.net>
>> wrote:
>> 
>>> From: Graham Wooden <graham at g-rock.net>
>>> Subject: Re: [c-nsp] Can't pick up ip address--cisco
>> 1200 ap
>>> To: "snort bsd" <snortbsd at yahoo.com.au>,
>> "cisco-nsp" <cisco-nsp at puck.nether.net>
>>> Received: Sunday, 2 August, 2009, 10:22 AM
>>> Hi there,
>>> 
>>> Your switch port that the AP is connected to - is it
>> in
>>> trunk mode?
>>> Like "switchport trunk encap dot1q" ?
>>> 
>>> 
>>> On 8/1/09 4:52 PM, "snort bsd" <snortbsd at yahoo.com.au>
>>> wrote:
>>> 
>>>> 
>>>> Hi: all:
>>>> 
>>>> I got ciscoAP 1200 configured and can connect it
>> via
>>> wireless without
>>>> problems. But the system connecting to the AP
>> can't
>>> pick up any IP address.
>>>> 
>>>> dot11 ssid lab vlan 20
>>>>     vlan 20
>>>>     max-associations 10
>>>>     authentication open
>>>>     authentication key-management wpa
>>>>     guest-mode
>>>>     mbssid guest-mode
>>>>     wpa-psk ascii 7 "whatever key"
>>>>     information-element ssidl wps
>>>> !
>>>> dot11 ssid test vlan 10
>>>>     vlan 10
>>>>     max-associations 10
>>>>     authentication open
>>>>     authentication key-management wpa
>>>>     mbssid guest-mode
>>>>     wpa-psk ascii 7 "whatever key"
>>>>     information-element ssidl wps
>>>> 
>>>> what else I didn't do right?
>>>> 
>>>> Thanks
>>>> 
>>>> 
>>>>        
>>>> 
>>> 
>> 
_____________________________________________________________________________>>
_
>>>> ______
>>>> Access Yahoo!7 Mail on your mobile. Anytime.
>>> Anywhere.
>>>> Show me how: http://au.mobile.yahoo.com/mail
>>>> _______________________________________________
>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>> 
>>> 
>>> 
>> 
>> 
>>      
>> _____________________________________________________________________________
>> _______
>> Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
>> Show me how: http://au.mobile.yahoo.com/mail
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>> 
> 
> 
>       
> ______________________________________________________________________________
> ______
> Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
> Show me how: http://au.mobile.yahoo.com/mail




More information about the cisco-nsp mailing list