First off, my preference for configuring the AP-387s is in standalone mode, where each AP is managed separately rather than through a virtual controller. This requires configuring the "Clusterless Mesh" values on each AP with matching values. One of the primary benefits of this is clarity of configuration when configuring the wired port profiles. Also makes firmware upgrades easier, although you won't be doing a whole lot of that on this model.
If all you need to pass through the bridge is a single VLAN and you don't mind managing the AP-387s in that same network, then just configure the switchport as an access port with the required VLAN and everything works.
If you want to manage the APs in a VLAN separate from whatever is being used on the Ethernet side of the point, then the easiest is to configure the switchport connected to the portal as a trunk with the native VLAN set to whatever VLAN you want to manage the APs in. The default wired profile on the portal is fine as that is configured as a trunk that allows all VLANs already. If you are managing the APs in a native VLAN of anything other than VID 1, then you must configure the "uplink switch native VLAN" on the APs to match the native VID of the switchport. Once you have the portal talking in the proper VLAN, and the point meshing back to the portal and pulling an IP in the same network, then you can configure a wired port profile on the point to provide trunk or access, whichever you want to do.
------------------------------
Carson Hulcher, ACEX#110
------------------------------
Original Message:
Sent: Apr 08, 2024 10:59 PM
From: jsvanscoyk
Subject: Convert Controlless AP387 Bridge from access port to trunk port
I configured 2 AP387's as a bridge and they connect fine to each other.
I have a network profile with enet0 setup as a access port. Everything works fine. Traffic passes through enet0 to a laptop plugged in on the point.
If I change the network profile to a trunk port, I can't get an IP address on the point AP.
I was thinking that the configuration should be that the uplink on the enet0 port on the portal side should be to a trunk port and the downlink enet0 port on the point side should be an access port. I would assume you'd want a trunk port on both sides if it was going to a switch. This configuration is just to a single device on the point enet0 port.
Am I on the right track and how would I configure something like this?
Original Message:
Sent: Mar 07, 2024 10:04 AM
From: jsvanscoyk
Subject: Convert Controlless AP387 Bridge from access port to trunk port
I need to convert a bridge that is setup between 2 AP387 APs.
It is currently mounted and in operation and passing traffic between the portal and the point.
Now I need to convert this to what it should have been configured when it was originally setup. It is now an access port and I need to get this changed to a trunk port so that traffic can be passed through what we call a public network and we can manage the network on another network.
Is there any resource available that documents that process?
Both portal and point are currently setup with dhcp.
So far I think I need do the following:
- Change the vlan on the switch port the portal AP is plugged into to the management vlan and hopefully the portal and the point will grab their new IP addresses.
- Change point to static IP then change portal to static IP.
- Change the point config from access to trunk which will probably mean I lose communication with the point.
- Change the config of the portal to trunk, which will probably mean losing communication with the portal.
- Change the switch port from access to trunk and hopefully everything will talk.
These are the steps I was going to use on the point first then the portal:
uplink-vlan <VLAN ID> (this is the VLAN the AP listens on)
ip-address <ip-address> <subnet-mask> <nexthop-ip-address> <dns-ip-address> <domain-name>
conf t
wired-port-profile Mesh_Portal_Uplink-wpp
switchport-mode trunk
allowed-vlan <list of VLANs or "all">
native-vlan <port Native VLAN>
trusted
no shutdown
type employee
auth-server InternalServer
captive-portal disable
no dot1x
exit
enet0-port-profile Mesh_Portal_Uplink-wpp
enet1-port-profile Mesh_Portal_Uplink-wpp
exit
commit apply
I have what I believe are the steps documented but all pieces are in place and I don't want to have to take down the portal and point to get this done. Both pieces are currently about 20 feet high.
I appreciate any input.