Wireless Access

Reply
Frequent Contributor I

tagging vlans behind RAPs

What is the correct way to tag a vlan behind a RAP running multiple VLANs? 

 

is there a way to do it with forward mode set to split-tunnling?

 

Running AOS 6.1.3.4

Regular Contributor I

Re: tagging vlans behind RAPs

Are you wanting your wireless traffic to be bridged to the local vlans and not tunnelled to the controller?

Frequent Contributor I

Re: tagging vlans behind RAPs

Sorry i didn't specify this before, I want wired traffic for VOIP phones tagged back to the controller through a RAP.

Guru Elite

Re: tagging vlans behind RAPs

Take a look at the thread here:  http://community.arubanetworks.com/t5/Remote-Networking/Avaya-Wired-Phone-Not-Connecting-on-RAP-2-eth1/m-p/7807/highlight/true#M443 for a config.

 

Also, please look at the Voice Support for Fixed Telecommuter Deployments VRD on the page here http://www.arubanetworks.com/technology/reference-design-guides/ for more information.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I

Re: tagging vlans behind RAPs

For wired access, try this (exmple for VLAN 1000)

Regular Contributor I

Re: tagging vlans behind RAPs

You will need to create a wired AP profile and a AP wired port profile.  This is where you will set the port on the RAP to be trunked or access and which VLAN(s) that port will be in.  You will then need to bind those profiles to the AP system profile for the group the RAPs are in.

Frequent Contributor I

Re: tagging vlans behind RAPs

thanks for all the responses folks.

 

I have ports e0 and e1 setup as followed ( 100 is data vlan, 110 is voice.):

 

ap wired-ap-profile "default"
   wired-ap-enable
   forward-mode split-tunnel
   switchport mode trunk
   switchport trunk native vlan 100
   switchport trunk allowed vlan 100,110

 

 

does this look right?

 

both my e0 and e1 interfaces as setup like this. Does it matter how my e0 port is setup, or just e1?

Guru Elite

Re: tagging vlans behind RAPs

My advice is to get it working using regular tunnel first.

Split tunnel on wired requires you to make the port untrusted, and have the initial role of the aaa profile assigned have the split tunneling rules. First make sure pure tunnel works trusted, because it is a preliminary step.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I

Re: tagging vlans behind RAPs

Ok, I will try in tunneled mode first.

 

Reading ArubaOS6.1user guide it talks about how to tag ports when the forward mode is set to bridge, but what about when the forward mode is set to tunnel or split-tunnel? Does what is specified below out of the User Guide only apply when the forward mode is set to bridge? or not?

 

"Configure bridging on the Ethernet port
Use the following procedure to configure bridging on the Ethernet port via the WebUI.
1. Navigate to the Configuration > Wireless > AP Configuration > AP Group window.
2. Click the Edit button by the AP group name with the wired ap profile you want to edit.
3. Under the Profiles list, expand the AP menu, then select Wired AP profile. The settings for the
currently selected wired AP profile appear.
You can use a different wired AP profile by selecting a profile from the Wired AP profile drop-down
list.
4. Under Profile Details, do the following:
a. Select the Wired AP enable check box. This option is not selected by default.
b. From the Forward mode drop-down list, select bridge.
c. Optionally, from the Switchport mode drop-down list, select access or trunk. These options only
apply to bridge mode configurations.
 Access mode forwards untagged packets received on the port to the controller and they appear on
the configured access mode VLAN. Tagged packets are dropped. All packets received from the
controller and sent via this port are untagged. Define the access mode VLAN in the Access mode
VLAN field.
 Trunk mode contains a list of allowed VLANs. Any packet received on the port that is tagged with
an allowed VLAN is forwarded to the controller. Untagged packets are forwarded to the controller
on the configured Native VLAN. Packets received from the controller and sent out the port remain
tagged unless the tag value in the packet is the Native VLAN, in which case the tag is removed.
Define the Native VLAN in the Trunk mode native VLAN field and the other allowed VLANs in
the Trunk mode allowed VLANs field.
d. Optionally, select Trusted to configure this as a trusted port.
5. Click Apply."

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: