Wireless Access

Reply
Occasional Contributor II
Posts: 47
Registered: ‎10-25-2016

WLC's and AP's on the same subnet/VLAN ?

Hello,

 

I have 2 x WLC 7205 and 62 AP's to implement, and I am starting with Aruba technology.

I read many topics about that, but I still have a doubt ...

Would it be better to have :

- VLAN X for the WLC's management, VLAN Y for the AP's and VLAN Z for clients

or 

- VLAN X for WLC's management and the AP's, VLAN Y for clients ?

 

Thank you,

AL

MVP
Posts: 4,307
Registered: ‎07-20-2011

Re: WLC's and AP's on the same subnet/VLAN ?

I would go with this option :
"VLAN X for the WLC's management, VLAN Y for the AP's and VLAN Z for clients"

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 47
Registered: ‎10-25-2016

Re: WLC's and AP's on the same subnet/VLAN ?

Thank you very much. I'll go for this solution then.

 

On the switch part,

- Access ports for the AP's, with only the VLAN Y?

- Trunk port for the WLC, with the 3 VLANs, right ?

 

Thank you,

AL

MVP
Posts: 4,307
Registered: ‎07-20-2011

Re: WLC's and AP's on the same subnet/VLAN ?

Access ports for the AP's, with only the VLAN Y?
Yes if that's the only wired devices you are expecting to connect to the swiychports

- Trunk port for the WLC, with the 3 VLANs, right ?
Only WLC and clients VLAN , do you have an external dhcp sever for the APs?

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 47
Registered: ‎10-25-2016

Re: WLC's and AP's on the same subnet/VLAN ?

Alright, yes the AP's will have their dedicated VLAN, then they will be the only devices for this VLAN.

 

We did not decide yet if we go for an external DHCP server or internally to the WLC, does it make any change on the trunkport configuration ?

 

AL

MVP
Posts: 4,307
Registered: ‎07-20-2011

Re: WLC's and AP's on the same subnet/VLAN ?

If the controller is the dhcp server then you need to add the AP VLAN to the trunk

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 47
Registered: ‎10-25-2016

Re: WLC's and AP's on the same subnet/VLAN ?

Ok perfect, I think we will use the WLC as DHCP server then.

Thank you for all these informations !

Frequent Contributor II
Posts: 131
Registered: ‎05-31-2015

Re: WLC's and AP's on the same subnet/VLAN ?

Please familiarise yourself with the limitations for DHCP on the controller. Aruba recommend an external DHCP server.

Occasional Contributor II
Posts: 47
Registered: ‎10-25-2016

Re: WLC's and AP's on the same subnet/VLAN ?

Well right now I have :

 

- VLAN 100 for management - 172.16.100.0

- VLAN 101 for AP's - 172.16.101.0

- VLAN 102 for corporate clients - 172.16.102.0

- VLAN 103 for guest clients - 172.16.103.0

 

The WLC is connected to a cisco switch, in the moment I am trying to make it very simple.

Here is the config of my trunk on the WLC :

 

interface gigabitethernet 0/0/0
description "***Uplink-to-Switch***"
trusted
trusted vlan 100-103
switchport mode trunk
switchport trunk allowed vlan 100-103

 

I also have these interfaces configured :

 

interface vlan 100
ip address 172.16.100.1 255.255.255.0
!
interface vlan 101
ip address 172.16.101.1 255.255.255.0
!
interface vlan 102
ip address 172.16.102.1 255.255.255.0
!
interface vlan 103
ip address 172.16.103.1 255.255.255.0

 

Here is the config on the trunk port on the switch :

 

interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk

switchport trunk allowed vlan 100,101,102,103 

 

DHCP scopes are configured on the switch.

 

Does it look ok.. ? 

 

I have 3 problems...

- when I directly plugg an AP on a switchport (in access vlan 101) It gets an IP on the range 172.16.101.0 but it never joins the WLC... I don't get it... I tried to configure option 43 on the DHCP scope but It didn't help.

 

- If I plugg my laptop on a switchport (in access vlan 101), I get an IP in the range 172.16.101.0 and I can access the WLC on his Interface vlsn 101. But the goal is to only allow the management subnet 172.16.100.0 to access the WLC, is there a way to block the access from the VLANs 101, 102 and 103 ?

 

- Do I need to configure a native VLAN on the trunks ?

 

AL

MVP
Posts: 4,307
Registered: ‎07-20-2011

Re: WLC's and AP's on the same subnet/VLAN ?

You need to configure native VLAN 100

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: