Controllerless Networks

CedricC · ‎05-12-2016

Hi,

Currently I have issues configuring 4 IAP-215 for 4 seperate rooms.
The WLAN requirements include a internal WLAN and a guest WLAN where guest traffic is isolated.

Firstly, below is the existing network.
Do note that the VLAN is defined per room.

3750X Port 1 -> SG100 [VLAN 31 | 10.30.1.0 /24 (255.255.255.0)]
3750X Port 2 -> SG100 [VLAN 32 | 10.30.2.0 /24 (255.255.255.0)]
3750X Port 3 -> SG100 [VLAN 33 | 10.30.3.0 /24 (255.255.255.0)]
3750X Port 4 -> SG100 [VLAN 34 | 10.30.4.0 /24 (255.255.255.0)]

3750X: Cisco Catalyst 3750X
SG100: Cisco Small Business SG 100 series unmanaged switch

Each IAP has been configured a static IP to each room (10.30.x.33) and uplink management VLAN as 34 and virtual controller IP is set to 10.30.4.32.

The issue encountered is that the IAPs are unable to contact the virtual controller.

How should I go about the configuration and allow the IAPs to be managed by the virtual controller?

I do have 2 alternatives which I would like to avoid mainly due to it requiring re-wiring:

Alternative 1:
Connect IAPs in the following:
3750X Port 5-8 -> IAP-215 [VLAN 35 | 10.30.5.0 /24 (255.255.255.0)] for "internal" WLAN
Define [VLAN 65 | 192.168.65.0 /24 (255.255.255.0)] for guest VLAN on the 3750X and assign it to the guest WLAN on the virtual controller

Alternative 2:
Wait for June release of AOS which includes Mesh point / portal.
Master uplink IAP connected to SG100 in either rooms and the other IAPs (mesh point) to be connected through mesh portal.
Define [VLAN 65 | 192.168.65.0 /24 (255.255.255.0)] for guest VLAN on the 3750X and assign it to the guest WLAN on the virtual controller

Thank you

cjoseph · ‎05-12-2016

You should make VLAN 34 the untagged VLAN on those ports so that the APs can just come up on that VLAN. That would be referred to as VLAN 1 on the IAPs. They should come up and see each other easily, in that situation.

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************

CedricC · ‎05-12-2016

Hi Collin,

If I understand correctly, in summary:
Configure on the 3750X VLAN 34 untagged to port 4.
IAP configure management uplink to VLAN 34
No changes to be set on the virtual controller VLAN.

Thank you

cjoseph · ‎05-12-2016

So, I don't know where you are in the configuration. If you had all 4 ports on the juniper with vlan 34 untagged, all the IAPs new out the box would see each other and the IP address they would get would be considered vlan 1 on the IAPs. You would still have the other vlan on all of the trunks. Any reason you are dedicating a single /24 to each ap?

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************

CedricC · ‎05-12-2016

Hi Colin,

Maybe I should have mentioned this earlier:

Each /24 subnet in VLANs 31 - 34 is for user data access in each room (there are 4 rooms)
Downstream from the Cisco 3750X where the VLANs are configured, there is a Cisco small business SG100 series switch in each room which is physicaly connected to ports 1 to 4 on the Cisco 3750X via Cat 5e
From the SG100, all ports (except 1) is patched to the user's desk port for LAN access via Cat 5e.
Each IAP-215 is connected to the SG100 in each room
Thus, phycially, you will see as follows: 3750X -> SG100 -> IAP-215 / user's PC via cat 5e

Thank you

cjoseph · ‎05-12-2016

Do you plan to have the same SSID in every room?

Can a user in one room see the SSID in another room or roam?

The answer to those two questions will determine how this is designed.

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************

CedricC · ‎05-12-2016

Hi Colin,

The plan is to have 2 SSIDs:

Internal SSID for employees
Guest SSID for visitors guest where traffic is isolated
Both SSIDs to be broadcasted across all IAPs and user's are expected to roam.

Thank you

cjoseph · ‎05-12-2016

If users have a different subnet depending on what room they are in, would it be possible to roam?

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************

CedricC · ‎05-12-2016

Hi Colin,

Here's the topology:

Note that the red cables are fibre cables.

Each VLAN from VLAN 31 - 34 corresponds per room.

IAPs are intended to connected to the unmanaged SG100 switches in each room.

Of course as originally mentioned, if this is not possible, the idea would be to wire the IAPs in each room directly to the Cisco 3750X.

Controllerless Networks

IAP-215 (RoW) in different VLAN and subnet

IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Re: IAP-215 (RoW) in different VLAN and subnet

Follow Us