Controllerless Networks

I need to convert a bridge that is setup between 2 AP387 APs.

It is currently mounted and in operation and passing traffic between the portal and the point.

Now I need to convert this to what it should have been configured when it was originally setup. It is now an access port and I need to get this changed to a trunk port so that traffic can be passed through what we call a public network and we can manage the network on another network.

Is there any resource available that documents that process?

Both portal and point are currently setup with dhcp.

So far I think I need do the following:

1. Change the vlan on the switch port the portal AP is plugged into to the management vlan and hopefully the portal and the point will grab their new IP addresses.
2. Change point to static IP then change portal to static IP.
3. Change the point config from access to trunk which will probably mean I lose communication with the point.
4. Change the config of the portal to trunk, which will probably mean losing communication with the portal.
5. Change the switch port from access to trunk and hopefully everything will talk.

These are the steps I was going to use on the point first then the portal:

uplink-vlan <VLAN ID> (this is the VLAN the AP listens on)

ip-address <ip-address> <subnet-mask> <nexthop-ip-address> <dns-ip-address> <domain-name>

conf t
wired-port-profile Mesh_Portal_Uplink-wpp
switchport-mode trunk
allowed-vlan <list of VLANs or "all">
native-vlan <port Native VLAN>
trusted
no shutdown
type employee
auth-server InternalServer
captive-portal disable
no dot1x
exit

enet0-port-profile Mesh_Portal_Uplink-wpp
enet1-port-profile Mesh_Portal_Uplink-wpp

exit
commit apply

I have what I believe are the steps documented but all pieces are in place and I don't want to have to take down the portal and point to get this done. Both pieces are currently about 20 feet high.

I appreciate any input.

Don't attempt to set static IP addresses until after you've done all of the VLAN changes and verified everything still works.

Are you planning on managing the APs on the switch port's configured native VLAN?  Are the IAPs configured as standalone or in a VC cluster?

The configuration of the wired port on the mesh point has no determination on what VLAN the mesh point pulls an IP from, that is entirely based on the configured management VLAN.  By default the management VLAN and "uplink switch port native VLAN" are the same value.

I need to convert a bridge that is setup between 2 AP387 APs.

It is currently mounted and in operation and passing traffic between the portal and the point.

Now I need to convert this to what it should have been configured when it was originally setup. It is now an access port and I need to get this changed to a trunk port so that traffic can be passed through what we call a public network and we can manage the network on another network.

Is there any resource available that documents that process?

Both portal and point are currently setup with dhcp.

So far I think I need do the following:

1. Change the vlan on the switch port the portal AP is plugged into to the management vlan and hopefully the portal and the point will grab their new IP addresses.
2. Change point to static IP then change portal to static IP.
3. Change the point config from access to trunk which will probably mean I lose communication with the point.
4. Change the config of the portal to trunk, which will probably mean losing communication with the portal.
5. Change the switch port from access to trunk and hopefully everything will talk.

These are the steps I was going to use on the point first then the portal:

uplink-vlan <VLAN ID> (this is the VLAN the AP listens on)

ip-address <ip-address> <subnet-mask> <nexthop-ip-address> <dns-ip-address> <domain-name>

conf t
wired-port-profile Mesh_Portal_Uplink-wpp
switchport-mode trunk
allowed-vlan <list of VLANs or "all">
native-vlan <port Native VLAN>
trusted
no shutdown
type employee
auth-server InternalServer
captive-portal disable
no dot1x
exit

enet0-port-profile Mesh_Portal_Uplink-wpp
enet1-port-profile Mesh_Portal_Uplink-wpp

exit
commit apply

I have what I believe are the steps documented but all pieces are in place and I don't want to have to take down the portal and point to get this done. Both pieces are currently about 20 feet high.

I appreciate any input.

Thanks for the response.

Yes I want to manage the APs on the native vlan. The IAPs are setup as a VC with the portal AP as the master. Originally we were just going to let all traffic pass through as an access port but now we want to put the device that is plugged into the point AP on a public only vlan. If we do that then we won't be able to manage it which is why we need to do a trunk port with the native vlan on the management vlan.

Don't attempt to set static IP addresses until after you've done all of the VLAN changes and verified everything still works.

Are you planning on managing the APs on the switch port's configured native VLAN?  Are the IAPs configured as standalone or in a VC cluster?

The configuration of the wired port on the mesh point has no determination on what VLAN the mesh point pulls an IP from, that is entirely based on the configured management VLAN.  By default the management VLAN and "uplink switch port native VLAN" are the same value.

I need to convert a bridge that is setup between 2 AP387 APs.

It is currently mounted and in operation and passing traffic between the portal and the point.

Now I need to convert this to what it should have been configured when it was originally setup. It is now an access port and I need to get this changed to a trunk port so that traffic can be passed through what we call a public network and we can manage the network on another network.

Is there any resource available that documents that process?

Both portal and point are currently setup with dhcp.

So far I think I need do the following:

1. Change the vlan on the switch port the portal AP is plugged into to the management vlan and hopefully the portal and the point will grab their new IP addresses.
2. Change point to static IP then change portal to static IP.
3. Change the point config from access to trunk which will probably mean I lose communication with the point.
4. Change the config of the portal to trunk, which will probably mean losing communication with the portal.
5. Change the switch port from access to trunk and hopefully everything will talk.

These are the steps I was going to use on the point first then the portal:

uplink-vlan <VLAN ID> (this is the VLAN the AP listens on)

ip-address <ip-address> <subnet-mask> <nexthop-ip-address> <dns-ip-address> <domain-name>

conf t
wired-port-profile Mesh_Portal_Uplink-wpp
switchport-mode trunk
allowed-vlan <list of VLANs or "all">
native-vlan <port Native VLAN>
trusted
no shutdown
type employee
auth-server InternalServer
captive-portal disable
no dot1x
exit

enet0-port-profile Mesh_Portal_Uplink-wpp
enet1-port-profile Mesh_Portal_Uplink-wpp

exit
commit apply

I have what I believe are the steps documented but all pieces are in place and I don't want to have to take down the portal and point to get this done. Both pieces are currently about 20 feet high.

I appreciate any input.

1. Change the switch port to trunk mode, set native VLAN to the desired management VLAN
2. Reboot APs, they should come up with management IPs in the native/management VLAN, but the APs think they are still on VLAN 1
3. On the VC, set the "Uplink switch native VLAN" to match what is configured on the switch, AP now knows the native VLAN and the management IP is tied to that VID
4. Create a new downlink access mode wired-port-profile that provides the required VLAN and assign to the port that your device is plugged in to
   1. The mesh portal should ignore the VLAN settings unless a separate configuration is done that tells the AP to strictly honor the VLAN settings.

If you have a couple of APs that you can test this process with, I highly recommend doing so before attempting on the production units.

Thanks for the response.

Yes I want to manage the APs on the native vlan. The IAPs are setup as a VC with the portal AP as the master. Originally we were just going to let all traffic pass through as an access port but now we want to put the device that is plugged into the point AP on a public only vlan. If we do that then we won't be able to manage it which is why we need to do a trunk port with the native vlan on the management vlan.

Don't attempt to set static IP addresses until after you've done all of the VLAN changes and verified everything still works.

Are you planning on managing the APs on the switch port's configured native VLAN?  Are the IAPs configured as standalone or in a VC cluster?

The configuration of the wired port on the mesh point has no determination on what VLAN the mesh point pulls an IP from, that is entirely based on the configured management VLAN.  By default the management VLAN and "uplink switch port native VLAN" are the same value.

I need to convert a bridge that is setup between 2 AP387 APs.

It is currently mounted and in operation and passing traffic between the portal and the point.

Now I need to convert this to what it should have been configured when it was originally setup. It is now an access port and I need to get this changed to a trunk port so that traffic can be passed through what we call a public network and we can manage the network on another network.

Is there any resource available that documents that process?

Both portal and point are currently setup with dhcp.

So far I think I need do the following:

1. Change the vlan on the switch port the portal AP is plugged into to the management vlan and hopefully the portal and the point will grab their new IP addresses.
2. Change point to static IP then change portal to static IP.
3. Change the point config from access to trunk which will probably mean I lose communication with the point.
4. Change the config of the portal to trunk, which will probably mean losing communication with the portal.
5. Change the switch port from access to trunk and hopefully everything will talk.

These are the steps I was going to use on the point first then the portal:

uplink-vlan <VLAN ID> (this is the VLAN the AP listens on)

ip-address <ip-address> <subnet-mask> <nexthop-ip-address> <dns-ip-address> <domain-name>

conf t
wired-port-profile Mesh_Portal_Uplink-wpp
switchport-mode trunk
allowed-vlan <list of VLANs or "all">
native-vlan <port Native VLAN>
trusted
no shutdown
type employee
auth-server InternalServer
captive-portal disable
no dot1x
exit

enet0-port-profile Mesh_Portal_Uplink-wpp
enet1-port-profile Mesh_Portal_Uplink-wpp

exit
commit apply

I have what I believe are the steps documented but all pieces are in place and I don't want to have to take down the portal and point to get this done. Both pieces are currently about 20 feet high.

I appreciate any input.

I need to convert a bridge that is setup between 2 AP387 APs.

It is currently mounted and in operation and passing traffic between the portal and the point.

Now I need to convert this to what it should have been configured when it was originally setup. It is now an access port and I need to get this changed to a trunk port so that traffic can be passed through what we call a public network and we can manage the network on another network.

Is there any resource available that documents that process?

Both portal and point are currently setup with dhcp.

So far I think I need do the following:

1. Change the vlan on the switch port the portal AP is plugged into to the management vlan and hopefully the portal and the point will grab their new IP addresses.
2. Change point to static IP then change portal to static IP.
3. Change the point config from access to trunk which will probably mean I lose communication with the point.
4. Change the config of the portal to trunk, which will probably mean losing communication with the portal.
5. Change the switch port from access to trunk and hopefully everything will talk.

These are the steps I was going to use on the point first then the portal:

uplink-vlan <VLAN ID> (this is the VLAN the AP listens on)

ip-address <ip-address> <subnet-mask> <nexthop-ip-address> <dns-ip-address> <domain-name>

conf t
wired-port-profile Mesh_Portal_Uplink-wpp
switchport-mode trunk
allowed-vlan <list of VLANs or "all">
native-vlan <port Native VLAN>
trusted
no shutdown
type employee
auth-server InternalServer
captive-portal disable
no dot1x
exit

enet0-port-profile Mesh_Portal_Uplink-wpp
enet1-port-profile Mesh_Portal_Uplink-wpp

exit
commit apply

I have what I believe are the steps documented but all pieces are in place and I don't want to have to take down the portal and point to get this done. Both pieces are currently about 20 feet high.

I appreciate any input.

I configured 2 AP387's as a bridge and they connect fine to each other.

I have a network profile with enet0 setup as a access  port. Everything works fine. Traffic passes through enet0 to a laptop plugged in on the point.

If I change the network profile to a trunk port, I can't get an IP address on the point AP.

I was thinking that the configuration should be that the uplink on the enet0 port on the portal side should be to a trunk port and the downlink enet0 port on the point side should be an access port. I would assume you'd want a trunk port on both sides if it was going to a switch. This configuration is just to a single device on the point enet0 port.

Am I on the right track and how would I configure something like this?

I need to convert a bridge that is setup between 2 AP387 APs.

It is currently mounted and in operation and passing traffic between the portal and the point.

Now I need to convert this to what it should have been configured when it was originally setup. It is now an access port and I need to get this changed to a trunk port so that traffic can be passed through what we call a public network and we can manage the network on another network.

Is there any resource available that documents that process?

Both portal and point are currently setup with dhcp.

So far I think I need do the following:

1. Change the vlan on the switch port the portal AP is plugged into to the management vlan and hopefully the portal and the point will grab their new IP addresses.
2. Change point to static IP then change portal to static IP.
3. Change the point config from access to trunk which will probably mean I lose communication with the point.
4. Change the config of the portal to trunk, which will probably mean losing communication with the portal.
5. Change the switch port from access to trunk and hopefully everything will talk.

These are the steps I was going to use on the point first then the portal:

uplink-vlan <VLAN ID> (this is the VLAN the AP listens on)

ip-address <ip-address> <subnet-mask> <nexthop-ip-address> <dns-ip-address> <domain-name>

conf t
wired-port-profile Mesh_Portal_Uplink-wpp
switchport-mode trunk
allowed-vlan <list of VLANs or "all">
native-vlan <port Native VLAN>
trusted
no shutdown
type employee
auth-server InternalServer
captive-portal disable
no dot1x
exit

enet0-port-profile Mesh_Portal_Uplink-wpp
enet1-port-profile Mesh_Portal_Uplink-wpp

exit
commit apply

I have what I believe are the steps documented but all pieces are in place and I don't want to have to take down the portal and point to get this done. Both pieces are currently about 20 feet high.

I appreciate any input.