Controllerless Networks

This community is currently in a read-only state due to a maintenance window. For more info click here
Reply
Highlighted
New Contributor

Configure two IAP 335 for hierarchical deployment

Hi all, I have two IAP 335(Lets call them IAP-1 & IAP-2), and I want to build a network which statisfy some requirements.

I have two WAN ethernet link(Lets call them WAN1 & 2) and I divide my LAN into 3 VLANs(Lets call them VLAN1-3), in which WAN1 is divided into VLAN1&2 and WAN2 is treated as VLAN3.

What is difficult to handle is, due to the limitation of cable, for WAN1(VLAN1&2), I have to connect the router to port ETH0 on IAP-1 and use port ETH1 to connect to the switch. However, WAN2(VLAN3) is connected to the switch directly.

I want to reach the goal that two IAP 335 broadcast 3 different SSIDs which carry 3 VLANs and these two IAP 335 work as a cluster(IAP-1 as master and IAP-2 as slave).

My configuration is as follows:

Switch:
Port 1: Connect to IAP-1
Port Mode: Trunk
PVID: 11(IAP Private VLAN)
Untagged: 11
Tagged: 1,2

Port 2: Connect to IAP-2
Port Mode: Trunk
PVID: 11(IAP Private VLAN)
Untagged: 11
Tagged: 1,2,3

Port 3: Connect to WAN2
Port Mode: Access
PVID: 3
Untagged: 3
IAP-1:
Port ETH0: Connect to WAN1
Wired Profile:
Mode: Trunk
Client Assigned
Native VLAN: 1
Allowed VLAN: 1,2

Port ETH1: Connect to Switch Port 1
Wired Profile:
Mode: Trunk
DHCP Pool(Local, VLAN ID:11)
Allowed VLAN: all

IAP-2:
Port ETH0: Connect to Switch Port 2
No Configuration (As a slave)

Wireless:
SSID1: Static VLAN 1, Client Assigned
SSID2: Static VLAN 2, Client Assigned
SSID3: Static VLAN 3, Client Assigned

On VLAN 1&2&3, clients get IP addresses from WAN.

I somehow knew that this is called "hierarchical deployment", but I'm confused that I can get IP address and reach WAN1 when I connected to SSID1 & 2, but I cannot reach WAN2 when I connected to SSID3. Another problem is the IAPs automatically reboot after a few minutes.

To be more obvious, I drew a graph of my topology.

20200817193333.jpg

Can any one tell me what's wrong with my configuration and how can I solve these problems? Is there any CLI command I can use for debug?

Thanks in advance!

InstantOS Version: 8.6.0.4_74969

 

PS: I noticed that since InstantOS 8.6, a new CLI command 

uplink-enforce-wired-port-vlan-setting

is added to the users manual, but there is few explanation of this command, and it seems like have some relationship with my problem. Anybody knows what is the function of this command?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: