Hello all,
we're using IAP-225's and IAP-325's for remote offices.
Technically we use both the network ports. Eth0 for management (vlan 10) and specific vlans (vlan 20/30) used by the wifi. Eth1 for guest wired (vlan 30) access. Guest-wired access is used by putting unknown computers in vlan 300, which pipes it to eth1.
This means that both the wired ports are connected with the same switch. Now when the AP is fully booted, we can use both ports without any problems, but if the AP reboots, then the switch triggers a loop-protect or a spanning-tree BPDU-protect on one of the ports. This is more likely because it is send on port 1 and the switch receives it back on port 2 (which indeed is a loop.)
I think that the AP has both eth ports in some kind of bridging mode at the boot, which triggers this reaction on the switch.
Here are some of the configs for more information:
Port 1 of the Switch, connected with ETH0 of AP
interface 8
tagged vlan 20,30
untagged vlan 10
spanning-tree bpdu-protection
loop-protect
exit
Port 2 of the Switch, connected with ETH1 of AP
interface 6
no power-over-ethernet
untagged vlan 300
spanning-tree bpdu-protection
loop-protect
exit
Does anyone reconize these problems? Is there maybe a AP Boot command to disable eth1 untill fully booted or something like that?
thanks for the help :)