[c-nsp] Need help adding a device to an existing vlan

Steven Pfister SPfister at dps.k12.oh.us
Fri Feb 6 14:48:48 EST 2009 

I'm sure this is something simple, but I'm not quite seeing it...

I need some help adding a device to an existing, recently created vlan. 

Here is the fragment of our network:

[core 4507] -> [8540] -> [3550] -> [1230 WAP]

[configuration excerpts are below]

The 1230 access point described is attached to our network, and is functioning properly. Recently, I tried to add another 3550 (in another part of the building), and a 1230 access point, copying the first configuration as the model. The vlan 99 (the user workstations) worked right away, but vlan 199 (the wireless access points) I cannot get working.

I can still get to the first access point, but am having trouble with the new one:

- it's unreachable when connected to the new switch, but I can get to it when connected to the first switch
- I can get to the vlan 199 default gateway from the new switch, and can get to the first access point from the new switch, but I can't get to the new access point, even when logged into the new switch.
- If I assign an ip address to the vlan 199 interface, I can get to the new access point from the new switch, but then I can't get to the vlan's default gateway or to the first access point.

Can someone help me find where the problem is? Do I need to allow vlan 1 on the interface on the core 4507?

Thanks for your help!

--Steve

Here are configuration fragments of each:

4507 (vtp server, domain ADM_VTP):
----------------------------------

interface GigabitEthernet1/1
 description Trunk to 8540
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 40,51,99,199,997,998
 switchport mode trunk
 switchport nonegotiate
 no logging event link-status
 qos trust dscp
 tx-queue 3
   priority high
!
interface Vlan199
 description ADM WLAN Management
 ip address 192.168.199.1 255.255.255.0
 ip helper-address 10.99.20.62
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no ip mroute-cache
end

8540 (vtp client, domain ADM_VTP):
----------------------------------

interface GigabitEthernet1/0/0
 description Fiber to 99-c45-clan1
 no ip address
 no ip redirects
 no ip proxy-arp
 no cdp enable
!
interface GigabitEthernet1/0/0.1
 description Native VLAN
 encapsulation dot1Q 1 native
 no ip redirects
 no ip proxy-arp
!
interface GigabitEthernet1/0/0.40
 description Security VLAN
 encapsulation dot1Q 40
 no ip redirects
 no ip proxy-arp
 no cdp enable
 bridge-group 40
!
interface GigabitEthernet1/0/0.51
 description Voice Network
 encapsulation dot1Q 51
 no ip redirects
 no ip proxy-arp
 no cdp enable
 bridge-group 51
!
interface GigabitEthernet1/0/0.99
 description ADM LAN Access VLAN
 encapsulation dot1Q 99
 no ip redirects
 no ip proxy-arp
 no cdp enable
 bridge-group 99
!
interface GigabitEthernet1/0/0.199
 description Admin WLAN Management
 encapsulation dot1Q 199
 no ip redirects
 no ip proxy-arp
 no cdp enable
 bridge-group 199
!
interface GigabitEthernet1/0/0.997
 description ADM IVDL
 encapsulation dot1Q 997
 no ip redirects
 no ip proxy-arp
 bridge-group 97
!
interface GigabitEthernet1/0/0.998
 description Admin WLAN
 encapsulation dot1Q 998
 no ip redirects
 no ip proxy-arp
 bridge-group 98
!
interface GigabitEthernet1/0/2
 description Fiber to 3550
 no ip address
 no ip redirects
 no ip proxy-arp
 no cdp enable
!
interface GigabitEthernet1/0/2.1
 description Native VLAN
 encapsulation dot1Q 1 native
 no ip redirects
 no ip proxy-arp
!
interface GigabitEthernet1/0/2.99
 description ADM LAN Access VLAN
 encapsulation dot1Q 99
 no ip redirects
 no ip proxy-arp
 no cdp enable
 bridge-group 99
!
interface GigabitEthernet1/0/2.199
 description Admin WLAN Management
 encapsulation dot1Q 199
 no ip redirects
 no ip proxy-arp
 bridge-group 199
!
interface GigabitEthernet1/0/2.998
 description Admin WLAN
 encapsulation dot1Q 998
 no ip redirects
 no ip proxy-arp
 bridge-group 98
!
interface BVI199
 description Admin WLAN Management
 ip address 192.168.199.2 255.255.255.0
end

3550 (vtp client, domain ADM_VTP):
---------------------------------

interface GigabitEthernet0/1
 description to 99-c85-catm1
 switchport trunk encapsulation dot1q
 switchport mode trunk
 no ip address
!
interface GigabitEthernet0/2
 switchport mode dynamic desirable
 no ip address
 shutdown
!
interface Vlan1
 no ip address
 no ip route-cache
!
interface Vlan99
 ip address 10.99.20.211 255.255.248.0
 no ip route-cache
 ntp broadcast client
!
interface Vlan199
 no ip address
!
interface FastEthernet0/38
  description to 1230 WAP
 switchport access vlan 199
 switchport trunk encapsulation dot1q
 switchport mode trunk
 no ip address
 no snmp trap link-status
 storm-control broadcast level 1.00
 storm-control multicast level 2.00
 storm-control unicast level 5.00
end


Steve Pfister
Technical Coordinator, 
The Office of Information Technology
Dayton Public Schools
115 S. Ludlow St. 
Dayton, OH 45402
 
Office (937) 542-3149
Cell (937) 673-6779
Direct Connect: 137*131747*8
Email spfister at dps.k12.oh.us

More information about the cisco-nsp mailing list