Question:
I am deploying WS-C3560X-48PF-S a wireless network with
multiple SSID's - 1242 trunked to 3560. 3560 trunked to 2811 subifs. Native
VLAN 99 set at every point. Wireless clients can connect to SSID fine, but do
not get DHCP from the router. The switch can ping BVI interface on AP (VLAN
99), and its own VLAN 99 of course, but cannot reach router loopback, 99, or
subifs. Phones and desktop PC's in their respective VLAN's work fine and
connect with DHCP etc. I am stumped. Seeing as the switch can ping the AP, but
clients on the AP cannot ping the switch or router, or get DHCP, I am assuming
there is a problem with the switch rather than the AP.
SWITCH
vlan 21
name VLAN-21-WLAN
!
vlan 22
name VLAN-22-GUEST-WLAN
!
vlan 99
name VLAN-99-NETMGT
!
interface Loopback0
description loopback
ip address 192.102.10.2 255.255.255.255
no ip route-cache
!
interface FastEthernet0/47
description to AP 1
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport trunk allowed vlan
21,22,40,41,51,99
switchport mode trunk
!
interface FastEthernet0/48
description to 2811 fa0/0
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport trunk allowed vlan 12,20-22,30,40,41,50,51,60,99
switchport mode trunk
!
!
interface Vlan99
ip address 192.102.99.2 255.255.255.192
no ip route-cache
ROUTER
!
ip dhcp pool VLAN-21-WLAN
network 192.102.21.0 255.255.255.192
default-router 192.102.21.1
dns-server 61.88.88.88 192.102.21.1 8.8.8 .8
lease 7
!
ip dhcp pool VLAN-22-GUEST-WLAN
network 192.102.22.0 255.255.255.0
default-router 192.102.22.1
dns-server 61.88.88.88 192.102.21.1 8.8.8 .8
!
interface Loopback0
description L,OP,Rothwell,4022
ip address 192.102.10.1 255.255.255.192
!
interface FastEthernet0/0
description to SW 0/48
no ip address
no ip redirects
ip flow ingress
ip nat inside
ip virtual-reassembly in
duplex auto
speed 100
!
interface FastEthernet0/0.21
description VLAN-21-WLAN
encapsulation dot1Q 21
ip address 192.102.21.1 255.255.255.192
no ip redirects
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
!
interface FastEthernet0/0.22
description VLAN-22-GUEST-WLAN
encapsulation dot1Q 22
ip address 192.102.22.1 255.255.255.0
no ip redirects
no ip proxy-arp
ip flow ingress
!
interface FastEthernet0/0.99
description VLAN-99-NETMGT,OP,Rothwell,4022
encapsulation dot1Q 99 native
no ip redirects
no ip proxy-arp
ip flow ingress
AP
dot11 ssid Guest Connect
vlan 22
authentication open
authentication key-management wpa
guest-mode
mbssid guest-mode
wpa-psk ascii 7 XXXXX
!
dot11 ssid Corporate Connect
vlan 21
authentication open
!
nterface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 21 key 1 size 128bit 7 XXXX
transmit-key
encryption vlan 21 mode wep mandatory
!
encryption mode ciphers tkip
!
encryption vlan 22 mode ciphers tkip
!
ssid Guest Connect
!
ssid Corporate Connect
!
mbssid
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.21
encapsulation dot1Q 21
no ip route-cache
bridge-group 21
bridge-group 21 subscriber-loop-control
bridge-group 21 block-unknown-source
no bridge-group 21 source-learning
no bridge-group 21 unicast-flooding
bridge-group 21 spanning-disabled
!
interface Dot11Radio0.22
encapsulation dot1Q 22
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
!
!
interface FastEthernet0.21
encapsulation dot1Q 21
no ip route-cache
!
interface FastEthernet0.22
encapsulation dot1Q 22
no ip route-cache
!
interface FastEthernet0.99
encapsulation dot1Q 99 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 192.102.99.3 255.255.255.192
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
Answer:
You need to assign your bridge-groups under
the subinterfaces for f0 as well. Your native has it, but the other two do
not...
!
!
interface FastEthernet0.21
encapsulation dot1Q 21
bridge-group 21
no ip route-cache
!
interface FastEthernet0.22
encapsulation dot1Q 22
bridge-group 2
no ip WS-C3560X-48PF-S Price route-cache
没有评论:
发表评论