VLAN1 is a bit a strange thing on some types of equipment. I believe that technically you can tag VLAN id 1, but Instant APs consider VLAN 1 as untagged/native.
Since I started working in networking, I teached myself to avoid the use of VLAN1, and consider it as 'unconfigured'. Also because when you add new switches to your network, all ports by default are in VLAN1, which by this approach will not be functional until you configured the switch explicitly for another VLAN. You may try to get rid of VLAN1 in your environment.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Jul 11, 2024 04:54 PM
From: Pheynnx
Subject: Switch native VLAN and IAP management VLAN
Is this still the best case though? I have 12 Aruba IAP-215-US access points; they are all behind trunk ports with native 1, tagged: 2, 3, 100.
I want to move the Aruba's onto DHCP in VLAN100 for management, they currently are grabbing DHCP from VLAN 1 (native). The instant virtual contoller has a uplink management vlan option per access point and per vitrual controller. I could set that setting to vlan 100 to move them over right?
I have seen that it is recommened to set the native vlan on the trunk to your management vlan; in this case 100*. And I can see the benifit to that, like if an access point was system reset for some reason, it would grab VLAN100 natively again and not get stuck in VLAN 1. But my concern is having tagged VLAN 1 traffic over the trunks but also untagged VLAN 1 traffic on the network else where, as our switches use a native untagged VLAN 1. Would this be an issue?
Original Message:
Sent: Feb 05, 2018 05:39 AM
From: Herman Robers
Subject: Switch native VLAN and IAP management VLAN
Set your management VLAN 800 as native/untagged on the switch ports that connect the IAPs.
It is not recommended to change the Management VLAN id in the IAP for the reasons you mention and more. If you need a specific VLAN on your infrastructure (800 in your case) to be the management VLAN for the IAP's, just put that as untagged/native on the IAP uplink ports. The IAP will internally see it as native VLAN and will not have notice of the actual VLAN id, but does not need that either.
Here an example for Aruba switches, where the AP connected to port 1 is assigned VLAN10 for management:
sw-workshop-01# show running-config interface 1Running configuration:interface 1 tagged vlan 11-14 untagged vlan 10
There is NO management VLAN configuration on the IAP side, leave that option default.