Trying to help a friend get his gear setup for home network. Ran into problem connecting to aruba from network unless I change the switch port to Access port VLAN1 (instead of Trunk like I want)


Using Luxul ABR-5000 router connected to Luxul XMS-2624P switch connected to Aruba Instant IAP-225.

We have VLANs 1,10,20,30 setup.


VLAN 1: 192.168.0.x /24

VLAN 10: 192.168.1.x /24, SSID: WLAN-1

VLAN 20: 192.168.2.x / 24, SSID: WLAN-2

VLAN 30: 192.168.3.x /24, SSID: WLAN-3


Default VLAN on Luxul switch is VLAN 1


When Trunking all VLANs on switch port (1) connected to the Aruba (E0), the SSID's for all WiFi clients work as expected. However, I cannot get to Aruba's IP address.


If I change the switch port 1 to Access instead of Trunk mode, and set it to VLAN 1, then I can reach the Aruba from the network. However, the SSID's stop serving DHCP for the other VLAN / SSIDs (as expected since its not trunking). I'm thinking this works because the Luxul switches do not tag VLAN 1 by default and aruba can process the untagged frame on its management VLAN 1.


After some reading, I'm guessing I need to set up the switch port 1 to Trunk for all VLANs, but remove VLAN 1 'tagging' from the trunk for the Aruba, so it becomes native-VLAN for the trunk. At that point, I am thinking I should be able to get the aruba from network and it still serve up IPs for the SSIDs. I think this will work because Aruba apparently doesn't know how to process VLAN 1 tagging from the swtich as VLAN 1 is its default management VLAN. Does this sound right or am I missing something?

So related to the above, but as a separate question 2... If I want to assign the same Aruba to be reachable on IP address to /24 on VLAN 30 instead of VLAN 1, I am wondering what steps I need.


My present thinking is

- Change the Aruba AP IP / Subnet to /24

- Remove VLAN 30 Egress tagging from the Trunk switch port aruba connected to

- Other?


The default management VLAN on the ARuba is still VLAN 1. The network schema I want to use for it is on VLAN 30. Do I need to now switch the management VLAN on the aruba to VLAN 30 as well?


If so, is that done on the AP config > Uplink tab > Management VLAN or somewhere else?


Final thought, will doing this force me to change the management VLAN for the switches to VLAN 30 as well, or will I be able to leave them on VLAN 1 as they default to?


Update to close out the above.


Luxul brand switches apparently can only be in management VLAN 1. So my resolution was to move the Aruba back to VLAN 1 for management (used it's default which reads VLAN 0 under the up-link > Management VLAN tab) static assign an IP / Subnet for that VLAN to the Aruba, then on switch port for the AP, found that I could use one of the following:

- Trunk mode (802.1q) and remove VLAN 1 tags from Egress

- Hybrid mode and remove VLAN 1 tags from Egress


Just a related tip if anyone using Luxul router, ensure you have inter-vlan routing enabled on the Luxul router, as that is what allows a non-management vlan to route to VLAN 1 apparently per Luxul support. Note, it does not allow acutal inter-VLAN routing say from 100 to 200, which I thought was a surprise.


So, resolved.

