Wireless Access

Reply
Contributor I

Multiple VLAN in Virtual AP

Hi,

 

If you add multiple VLAN's in the VLAN field in the Virtual AP. How does that work (in 6.1.3.1)?

I know you can use VLAN name/pools under VLAN in the configuration, but that is not an option for this setup.

 

Short background, 50 branch offices, one central controller. All SSID must be bridge mode. So Campus with CPS.

We do not want to have more than 250 clients on one network. Some places need 500 clients. So 2 /24 networks.

 

My first thought was to add two VLAN's on the VAP, but that doesn't seem to work.

I got two VLANs on the VAP, 1 DHCP IP address in each VLAN. First client gets an IP from the first VLAN in the list, second client do not get an IP address.

Tried both bridge and tunnel mode.

 

So why can you add multiple VLAN in the VAP?

And should my setup work?

-------------------------------------------------------------------------------------
Christian Nilsson, Network Services
ACMA, ACMP, AWMP, Aruba Instructor, ACMX #159
Guru Elite

Re: Multiple VLAN in Virtual AP


christian-ns wrote:

Hi,

 

If you add multiple VLAN's in the VLAN field in the Virtual AP. How does that work (in 6.1.3.1)?

I know you can use VLAN name/pools under VLAN in the configuration, but that is not an option for this setup.

 

Short background, 50 branch offices, one central controller. All SSID must be bridge mode. So Campus with CPS.

We do not want to have more than 250 clients on one network. Some places need 500 clients. So 2 /24 networks.

 

My first thought was to add two VLAN's on the VAP, but that doesn't seem to work.

I got two VLANs on the VAP, 1 DHCP IP address in each VLAN. First client gets an IP from the first VLAN in the list, second client do not get an IP address.

Tried both bridge and tunnel mode.

 

So why can you add multiple VLAN in the VAP?

And should my setup work?


If you are using multiple VLANs on a VAP in bridged mode, it is tagging the client traffic and sending it to the ethernet port of the AP.  If the VLAN that the user ends up in is not on a trunk that the AP is in, it will be dropped by the switch.  A strategy would be to tag the client traffic with the same VLAN as the default-vlan in the AP system profile so that it would simply bridge the traffic to the same VLAN as the AP.  That way the client will simply get an ip address on the same subnet as the AP, which will change, based on where the AP is, but it does not force you to make a custom configuration for different sites.  If you plan your wired subnets okay, you should not have a problem.

 

 If you want more space to bridge clients to different vlans, however, you need to put those access points on trunks.

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: Multiple VLAN in Virtual AP


cjoseph wrote:

If you are using multiple VLANs on a VAP in bridged mode, it is tagging the client traffic and sending it to the ethernet port of the AP.  If the VLAN that the user ends up in is not on a trunk that the AP is in, it will be dropped by the switch.  A strategy would be to tag the client traffic with the same VLAN as the default-vlan in the AP system profile so that it would simply bridge the traffic to the same VLAN as the AP.  That way the client will simply get an ip address on the same subnet as the AP, which will change, based on where the AP is, but it does not force you to make a custom configuration for different sites.  If you plan your wired subnets okay, you should not have a problem.

 

 If you want more space to bridge clients to different vlans, however, you need to put those access points on trunks.

 

 


Can't use the same VLAN as the AP.

The port the AP connects to is a trunk (on a S2500), with AP VLAN as native, and all other VLAN tagged.

And we are using the same VLAN ID on all sites, so should be 1 VAP per type of client for all sites, so no custom config for different sites.

For this particular test, I have configured the VLAN field in the VAP as 102-103 (also on the trunk port in switch as tagged members).

I works great on VLAN 102, but I looks like the AP never tags traffic on VLAN 103.

How will the AP know when to send traffic to VLAN 102 or VLAN 103, when both is in the VAP?


 

-------------------------------------------------------------------------------------
Christian Nilsson, Network Services
ACMA, ACMP, AWMP, Aruba Instructor, ACMX #159
Guru Elite

Re: Multiple VLAN in Virtual AP

Unfortunately, VLAN pooling is not supported in bridge mode :(



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: Multiple VLAN in Virtual AP


cjoseph wrote:

Unfortunately, VLAN pooling is not supported in bridge mode :(


 
Ok, I knew that VLAN name (with pool enabled) wasn't supported.

 

So if you add multiple VLAN in the VLAN field, that is VLAN pool (but without a name)?

 

Anyway, guess my only way in this case is to use a bigger subnet, like /23.

-------------------------------------------------------------------------------------
Christian Nilsson, Network Services
ACMA, ACMP, AWMP, Aruba Instructor, ACMX #159
Aruba Employee

Re: Multiple VLAN in Virtual AP

If you SSID is in bridge mode, you can only have 1 VLAN assigned, so yes, you have to make the subnet larger.

Contributor I

Re: Multiple VLAN in Virtual AP

Thank you for that straightforward answer

-------------------------------------------------------------------------------------
Christian Nilsson, Network Services
ACMA, ACMP, AWMP, Aruba Instructor, ACMX #159
New Contributor

Re: Multiple VLAN in Virtual AP

What if you are in tunnel mode?  I have a similar configuration in that I have 4 vlans assigned to the SSID in tunnel mode.  My clients connect to one vlan, which is out of IP addresses, and never switch over to the second vlan.

Cheers,

Cole.

Guru Elite

Re: Multiple VLAN in Virtual AP

As long as the VLAN is configured and exists on the local mobility controller, it should distribute users on all VLANs, as long as you have all the VLANs listed in the Virtual AP profile.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor I

Re: Multiple VLAN in Virtual AP

Colin

 

Do you know how the contoller decides which vlan it chooses to put the client on?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: