Wireless Access

 View Only
  • 1.  AP125 ENET1 VLANs tunneling to Controller

    Posted Sep 12, 2020 10:13 AM

    Hi,

    I have 3200 Controller running ArubaOS 6.4.4.22 at HQ and RAP 125 at branch office.  What I am trying to do is bridge some VLANs across the the internet so both sides would be in same VLAN broadcast domain.  On the Controller interface 1/0 is set as trunk mode and 1/3 is the WAN link.  The config has these settings:

     

    interface gigabitethernet 1/0
    description "Trunked-VLANS"
    trusted vlan 9
    switchport mode trunk
    switchport trunk allowed vlan 9,502
    no spanning-tree

     

    interface gigabitethernet 1/3
    description "WAN"
    trusted
    trusted vlan 1
    ip access-group "controller-protection-acl" session
    no spanning-tree

     

    ap wired-ap-profile "RAP-wired-ap"
    wired-ap-enable
    trusted
    switchport mode trunk
    switchport trunk allowed vlan 9

     

    ap wired-port-profile "RAP-wired-ap"
    wired-ap-profile "RAP-wired-ap"

     

    # show vlan

    VLAN CONFIGURATION
    ------------------
    VLAN Description Ports AAA Profile
    ---- ----------- ----- -----------
    1 Default GE1/1-3 Pc0-7 N/A
    9 VLAN0009 GE1/0 N/A
    502 VLAN0502 GE1/0 N/A

     

    #show trunk

    Trunk Port Table
    -----------------
    Port Vlans Allowed Vlans Active Native Vlan
    ---- ------------- ------------ -----------
    GE1/0 9,502 9,502 1

     

    But it shows "Forward-mode" as none:

    #show ap port status ap-name 00:1a:1e:c9:69:42

    AP "00:1a:1e:c9:69:42" Port Status (updated every 60 seconds)
    -------------------------------------------------------------
    Port MAC Type Forward Mode Admin Oper Speed Duplex 802.3az PoE STP TX-Packets TX-Bytes RX-Packets RX-Bytes
    ---- --- ---- ------------ ----- ---- ----- ------ ------- --- --- ---------- -------- ---------- --------
    0 00:1a:1e:c9:69:42 GE N/A enabled up 1 Gb/s full N/A N/A N/A 132329 30476225 190493 80675531
    1 00:1a:1e:c9:69:43 GE none enabled up 100 Mb/s full N/A N/A N/A 9 1177 42848 3155680

     

    RAP125 ENET1 is connected to a trunk port at branch office.  I assigned a laptop with a static VLAN 9 IP but can't pass traffic to Controller.  From Controller I can ping nodes in VLAN 9.  What am I missing?  TIA!

     

    LT



  • 2.  RE: AP125 ENET1 VLANs tunneling to Controller

    Posted Sep 12, 2020 03:38 PM

    Hi,

     

    From checking the below config, the RAP wired port is expecting a tagged vlan so if you connect your laptop it will not work. You need to either connect the laptop to a switch that has vlan 9 tagged all the way to the RAP port or  you need to set the native vlan to 9 or change the mode to access vlan 9.

     

    ap wired-ap-profile "RAP-wired-ap"
    wired-ap-enable
    trusted
    switchport mode trunk
    switchport trunk allowed vlan 9



  • 3.  RE: AP125 ENET1 VLANs tunneling to Controller

    Posted Sep 12, 2020 10:00 PM

    Yes, sorry I my laptop is connected to a Cisco switch (access port).  RAP ENET1 connected to trunk port on Cisco.

     

    LT