07-30-2019 10:14 AM - edited 07-30-2019 10:38 AM
Trying to help a friend get his gear setup for home network. Ran into problem connecting to aruba from network unless I change the switch port to Access port VLAN1 (instead of Trunk like I want)
Using Luxul ABR-5000 router connected to Luxul XMS-2624P switch connected to Aruba Instant IAP-225.
We have VLANs 1,10,20,30 setup.
VLAN 1: 192.168.0.x /24
VLAN 10: 192.168.1.x /24, SSID: WLAN-1
VLAN 20: 192.168.2.x / 24, SSID: WLAN-2
VLAN 30: 192.168.3.x /24, SSID: WLAN-3
Default VLAN on Luxul switch is VLAN 1
When Trunking all VLANs on switch port (1) connected to the Aruba (E0), the SSID's for all WiFi clients work as expected. However, I cannot get to Aruba's IP address.
If I change the switch port 1 to Access instead of Trunk mode, and set it to VLAN 1, then I can reach the Aruba from the network. However, the SSID's stop serving DHCP for the other VLAN / SSIDs (as expected since its not trunking). I'm thinking this works because the Luxul switches do not tag VLAN 1 by default and aruba can process the untagged frame on its management VLAN 1.
After some reading, I'm guessing I need to set up the switch port 1 to Trunk for all VLANs, but remove VLAN 1 'tagging' from the trunk for the Aruba, so it becomes native-VLAN for the trunk. At that point, I am thinking I should be able to get the aruba from network and it still serve up IPs for the SSIDs. I think this will work because Aruba apparently doesn't know how to process VLAN 1 tagging from the swtich as VLAN 1 is its default management VLAN. Does this sound right or am I missing something?
Solved! Go to Solution.
Re: Connect to IAP from network over Luxul switch Trunk link to IAP-225
07-30-2019 10:30 AM
So related to the above, but as a separate question 2... If I want to assign the same Aruba to be reachable on IP address to 192.168.3.2 /24 on VLAN 30 instead of VLAN 1, I am wondering what steps I need.
My present thinking is
- Change the Aruba AP IP / Subnet to 192.168.3.2 /24
- Remove VLAN 30 Egress tagging from the Trunk switch port aruba connected to
The default management VLAN on the ARuba is still VLAN 1. The network schema I want to use for it is on VLAN 30. Do I need to now switch the management VLAN on the aruba to VLAN 30 as well?
If so, is that done on the AP config > Uplink tab > Management VLAN or somewhere else?
Final thought, will doing this force me to change the management VLAN for the switches to VLAN 30 as well, or will I be able to leave them on VLAN 1 as they default to?
08-07-2019 06:34 AM
Update to close out the above.
Luxul brand switches apparently can only be in management VLAN 1. So my resolution was to move the Aruba back to VLAN 1 for management (used it's default which reads VLAN 0 under the up-link > Management VLAN tab) static assign an IP / Subnet for that VLAN to the Aruba, then on switch port for the AP, found that I could use one of the following:
- Trunk mode (802.1q) and remove VLAN 1 tags from Egress
- Hybrid mode and remove VLAN 1 tags from Egress
Just a related tip if anyone using Luxul router, ensure you have inter-vlan routing enabled on the Luxul router, as that is what allows a non-management vlan to route to VLAN 1 apparently per Luxul support. Note, it does not allow acutal inter-VLAN routing say from 100 to 200, which I thought was a surprise.