Question- Use case of Uplink VLAN Monitoring feature and how does IAP detects mismatched VLAN?
Environment- This article applies to Instant Access Point running 4.0 and above
Consider when a Client VLAN is configured on the IAP, which is not allowed or configured on the IAP’s uplink device; any client which connects to such an SSID will not be able to obtain an IP address. In this scenario this feature triggers the VLAN alert whenever a client connects to a SSID whose VLAN is not in allowed list of upstream device. This upstream device can be a switch directly connected to IAP or behind a tunnel. No CLI or GUI changes requried with respect to this feature. A VLAN alert along with DHCP alert will be disaplayed when client is unable to obtain the IP address if the connected SSID is configured with the mismatched VLAN.
Below command will help find the list of verified VLANs on the IAP:
VLAN X as Verified, when an IAP receives any packet with VLAN X tag from the upstream device. This indicates that VLAN X is in allowed VLAN list of upstream device. Hence VLAN Alert is not generated.
VLAN Y as not Verified, when an IAP has not received any packet with VLAN Y tag from the upstream device. This indicates that VLAN Y is not in allowed VLAN list of upstream device. Hence an alert is generated for such a VLAN when a client is trying to connect to the SSID(with VLAN Y configured) and unable to obtain the IP address.
Expected Alert via WEB UI and CLI: