Communication between 2 Vlans

  • 0
  • 1
  • Question
  • Updated 3 years ago

I am trying to get our wireless network communicating with a specific Vlan.  So our wireless network is setup with a vlan as well.  I have ipforwarding enabled for both vlans. What am I missing?

Just a little more information:  If I am connected to the network via wired connection, I can ping a device on our 114 vlan.  If I am connected to the network via wireless (118 vlan), then I cannot ping that same device.

Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Doug Hyde

Doug Hyde, Technical Support Manager

  • 20,710 Points 20k badge 2x thumb
Hello Beth, 

Could you give us a little more detail on the products you are working with? 

Thanks, 

Doug 
(Edited)
Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb

Our Core switch is stacked Summit X460G2 and the edge switches are Summit X440's.

Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb
Our wireless controllers are Cisco 5508's
Photo of Doug Jaquays

Doug Jaquays

  • 222 Points 100 badge 2x thumb
Beth,

  I would look at what information you have for subnet/routing at both the wireless controllers and on the wireless clients (DHCP config?).  

  Can you plug your laptop/device into a wired port on vlan 118, manually configure an ip/subnet/gateway that matches what the wireless clients should have and ping your VLAN 114 device?
Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb

Our wireless is configured for DHCP on both controllers and clients.  On the Extreme side we do not have any ports that are configured just for the 118 Vlan. 

It is strange because if on what we call our Finishing side, which has its own edge switch, we cannot ping the 114 vlan from wireless.  However, if we are standing in certain areas on our Extrusion side, there are some areas that the wireless communication to the 114 vlan works and areas that don't.

When our main core was yet Cisco, everything worked as it should, even after we swapped out all Cisco edge switches with the edge Extreme.  Now that we moved our main core over to Extreme, it does not.  I am assuming it is configuration on the Extreme core but not sure what is missing.

I do not believe that it is configuration with the access points or the controllers.


Thoughts?

Thanks, Beth

Photo of Doug Jaquays

Doug Jaquays

  • 222 Points 100 badge 2x thumb
Can you post the results of show vlan and show iproute from the core and the edge switches? You can sanitize the IPs as long as it's easy to tell the different subnets apart still and the logic stays accurate.
Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb

Here is the core:


telnet session telnet0 on /dev/ptyb0


login: admin
password:

ExtremeXOS
Copyright (C) 1996-2015 Extreme Networks. All rights reserved.
This product is protected by one or more US patents listed at http://www.extremenetworks.com/patents along with their foreign counterparts.
==============================================================================

Press the <tab> or '?' key at any time for completions.
Remember to save your configuration changes.


Slot-1 Main-96.1 # show vlan
-----------------------------------------------------------------------------------------------
Name            VID  Protocol Addr       Flags                         Proto  Ports  Virtual
                                                                              Active router
                                                                              /Total
-----------------------------------------------------------------------------------------------
Default         1    --------------------------------T---------------- ANY    0 /8   VR-Default
Mgmt            4095 ------------------------------------------------- ANY    0 /1   VR-Mgmt
v100            100  10.128.100.1   /24  -f--------------------------- ANY    33/79  VR-Default
v101            101  10.128.101.1   /24  -f--------------------------- ANY    12/14  VR-Default
v102            102  10.128.102.1   /24  -f--------------------------- ANY    12/15  VR-Default
v103            103  10.128.103.1   /24  -f--------------------------- ANY    12/14  VR-Default
v104            104  10.128.104.1   /24  -f--------------------------- ANY    12/14  VR-Default
v105            105  10.128.105.1   /24  -f--------------------------- ANY    16/19  VR-Default
v106            106  10.128.106.1   /24  -f--------------------------- ANY    12/14  VR-Default
v107            107  10.128.107.1   /24  -f--------------------------- ANY    12/14  VR-Default
v108            108  10.128.108.1   /24  -f--------------------------- ANY    12/14  VR-Default
v109            109  10.128.109.1   /24  -f--------------------------- ANY    12/14  VR-Default
v110            110  10.128.110.1   /24  -f--------------------------- ANY    12/14  VR-Default
v111            111  10.128.111.1   /24  -f--------------------------- ANY    13/15  VR-Default
v112            112  10.128.112.1   /24  -f--------------------------- ANY    12/14  VR-Default
v113            113  10.128.0.1     /22  -f--------------------------- ANY    12/14  VR-Default
v114            114  10.128.114.1   /23  -f--------------------------- ANY    12/15  VR-Default
v118            118  10.128.118.1   /24  -f--------------------------- ANY    12/14  VR-Default
v120            120  10.128.120.1   /24  -f--------------------------- ANY    13/15  VR-Default
v200            200  10.128.200.1   /24  -f--------------------------- ANY    3 /5   VR-Default
v211            211  10.128.211.1   /24  -f--------------------------- ANY    4 /8   VR-Default
v300            300  ------------------------------------------------- ANY    13/17  VR-Default
v50             50   10.128.8.1     /21  -f--------------------------- ANY    25/28  VR-Default
v600            600  ------------------------------------------------- ANY    14/20  VR-Default
v666            4069 192.168.1.1    /24  ----------------------------- ANY    0 /1   VR-Default
-----------------------------------------------------------------------------------------------
Flags : (B) BFD Enabled, (c) 802.1ad customer VLAN, (C) EAPS Control VLAN,
        (d) Dynamically created VLAN, (D) VLAN Admin Disabled,
        (e) CES Configured, (E) ESRP Enabled, (f) IP Forwarding Enabled,
        (F) Learning Disabled, (h) TRILL Enabled, (i) ISIS Enabled,
        (I) Inter-Switch Connection VLAN for MLAG, (k) PTP Configured,
        (l) MPLS Enabled, (L) Loopback Enabled, (m) IPmc Forwarding Enabled,
        (M) Translation Member VLAN or Subscriber VLAN, (n) IP Multinetting Enabled,
        (N) Network Login VLAN, (o) OSPF Enabled, (O) Flooding Disabled,
        (p) PIM Enabled, (P) EAPS protected VLAN, (r) RIP Enabled,
        (R) Sub-VLAN IP Range Configured, (s) Sub-VLAN, (S) Super-VLAN,
        (t) Translation VLAN or Network VLAN, (T) Member of STP Domain,
        (v) VRRP Enabled, (V) VPLS Enabled, (W) VPWS Enabled, (Z) OpenFlow Enabled

Total number of VLAN(s) : 25
Slot-1 Main-96.2 # show iproute
Ori  Destination        Gateway         Mtr  Flags         VLAN       Duration
#s   Default Route      10.128.211.11   1    UG---S-um--f- v211       37d:18h:12m:3s
#d   10.128.0.0/22      10.128.0.1      1    U------um--f- v113       37d:18h:12m:8s
#d   10.128.8.0/21      10.128.8.1      1    U------um--f- v50        37d:18h:12m:8s
#d   10.128.100.0/24    10.128.100.1    1    U------um--f- v100       37d:18h:12m:8s
#d   10.128.101.0/24    10.128.101.1    1    U------um--f- v101       37d:18h:12m:8s
#d   10.128.102.0/24    10.128.102.1    1    U------um--f- v102       37d:18h:12m:8s
#d   10.128.103.0/24    10.128.103.1    1    U------um--f- v103       37d:18h:12m:8s
#d   10.128.104.0/24    10.128.104.1    1    U------um--f- v104       37d:18h:12m:8s
#d   10.128.105.0/24    10.128.105.1    1    U------um--f- v105       37d:18h:12m:8s
#d   10.128.106.0/24    10.128.106.1    1    U------um--f- v106       37d:18h:12m:8s
#d   10.128.107.0/24    10.128.107.1    1    U------um--f- v107       37d:18h:12m:8s
#d   10.128.108.0/24    10.128.108.1    1    U------um--f- v108       37d:18h:12m:8s
#d   10.128.109.0/24    10.128.109.1    1    U------um--f- v109       37d:18h:12m:8s
#d   10.128.110.0/24    10.128.110.1    1    U------um--f- v110       37d:18h:12m:8s
#d   10.128.111.0/24    10.128.111.1    1    U------um--f- v111       37d:18h:12m:8s
#d   10.128.112.0/24    10.128.112.1    1    U------um--f- v112       37d:18h:12m:8s
#d   10.128.114.0/23    10.128.114.1    1    U------um--f- v114       37d:18h:12m:8s
#d   10.128.118.0/24    10.128.118.1    1    U------um--f- v118       5d:19h:18m:25s
#d   10.128.120.0/24    10.128.120.1    1    U------um--f- v120       37d:18h:12m:8s
#d   10.128.200.0/24    10.128.200.1    1    U------um--f- v200       28d:21h:35m:13s
#d   10.128.211.0/24    10.128.211.1    1    U------um--f- v211       37d:18h:12m:8s
 d   192.168.1.0/24     192.168.1.1     1    -------um---- v666       37d:18h:12m:8s

Origin(Ori): (b) BlackHole, (be) EBGP, (bg) BGP, (bi) IBGP, (bo) BOOTP,
       (ct) CBT, (d) Direct, (df) DownIF, (dv) DVMRP, (e1) ISISL1Ext,
       (e2) ISISL2Ext, (h) Hardcoded, (i) ICMP, (i1) ISISL1 (i2) ISISL2,
       (is) ISIS, (mb) MBGP, (mbe) MBGPExt, (mbi) MBGPInter, (mp) MPLS Lsp,
       (mo) MOSPF (o) OSPF, (o1) OSPFExt1, (o2) OSPFExt2,
       (oa) OSPFIntra, (oe) OSPFAsExt, (or) OSPFInter, (pd) PIM-DM, (ps) PIM-SM,
       (r) RIP, (ra) RtAdvrt, (s) Static, (sv) SLB_VIP, (un) UnKnown,
       (*) Preferred unicast route (@) Preferred multicast route,
       (#) Preferred unicast and multicast route.

Flags: (b) BFD protection requested, (B) BlackHole, (c) Compressed, (D) Dynamic,
       (f) Provided to FIB, (G) Gateway, (H) Host Route, (l) Calculated LDP LSP,
       (L) Matching LDP LSP, (m) Multicast, (p) BFD protection active, (P) LPM-routing,
       (R) Modified, (s) Static LSP, (S) Static, (t) Calculated RSVP-TE LSP,
       (T) Matching RSVP-TE LSP, (u) Unicast, (U) Up, (3) L3VPN Route.

MPLS Label: (S) Bottom of Label Stack
Mask distribution:
     1 default routes                1 routes at length 21
     1 routes at length 22           1 routes at length 23
    18 routes at length 24

Route Origin distribution:
    21 routes from Direct               1 routes from Static


Total number of routes = 22
Total number of compressed routes = 0

Slot-1 Main-96.3 #

Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb

Here is our Finishing switch that we cannot ping the 114 vlan from the wireless vlan 118:


telnet session telnet0 on /dev/ptyb0


login: admin
password:

ExtremeXOS
Copyright (C) 1996-2015 Extreme Networks. All rights reserved.
This product is protected by one or more US patents listed at http://www.extremenetworks.com/patents along with their foreign counterparts.
==============================================================================

Press the <tab> or '?' key at any time for completions.
Remember to save your configuration changes.


Finishing-48.1 # show vlan
-----------------------------------------------------------------------------------------------
Name            VID  Protocol Addr       Flags                         Proto  Ports  Virtual
                                                                              Active router
                                                                              /Total
-----------------------------------------------------------------------------------------------
Default         1    ------------------------------------------------- ANY    0 /0   VR-Default
Mgmt            4095 ------------------------------------------------- ANY    0 /1   VR-Mgmt
v105            105  10.128.105.14  /24  ----------------------------- ANY    4 /6   VR-Default
v112            112  ------------------------------------------------- ANY    17/32  VR-Default
v114            114  ------------------------------------------------- ANY    12/13  VR-Default
v115            115  ------------------------------------------------- ANY    11/11  VR-Default
v118            118  ------------------------------------------------- ANY    0 /0   VR-Default
v300            300  ------------------------------------------------- ANY    1 /2   VR-Default
v50             50   ------------------------------------------------- ANY    3 /5   VR-Default
-----------------------------------------------------------------------------------------------
Flags : (B) BFD Enabled, (c) 802.1ad customer VLAN, (C) EAPS Control VLAN,
        (d) Dynamically created VLAN, (D) VLAN Admin Disabled,
        (e) CES Configured, (E) ESRP Enabled, (f) IP Forwarding Enabled,
        (F) Learning Disabled, (h) TRILL Enabled, (i) ISIS Enabled,
        (I) Inter-Switch Connection VLAN for MLAG, (k) PTP Configured,
        (l) MPLS Enabled, (L) Loopback Enabled, (m) IPmc Forwarding Enabled,
        (M) Translation Member VLAN or Subscriber VLAN, (n) IP Multinetting Enabled,
        (N) Network Login VLAN, (o) OSPF Enabled, (O) Flooding Disabled,
        (p) PIM Enabled, (P) EAPS protected VLAN, (r) RIP Enabled,
        (R) Sub-VLAN IP Range Configured, (s) Sub-VLAN, (S) Super-VLAN,
        (t) Translation VLAN or Network VLAN, (T) Member of STP Domain,
        (v) VRRP Enabled, (V) VPLS Enabled, (W) VPWS Enabled, (Z) OpenFlow Enabled

Total number of VLAN(s) : 9
Finishing-48.2 # show iproute
Ori  Destination        Gateway         Mtr  Flags         VLAN       Duration
#s   Default Route      10.128.105.1    1    UG---S-um--f- v105       64d:8h:34m:6s
#d   10.128.105.0/24    10.128.105.14   1    U------um--f- v105       64d:8h:34m:7s

Origin(Ori): (b) BlackHole, (be) EBGP, (bg) BGP, (bi) IBGP, (bo) BOOTP,
       (ct) CBT, (d) Direct, (df) DownIF, (dv) DVMRP, (e1) ISISL1Ext,
       (e2) ISISL2Ext, (h) Hardcoded, (i) ICMP, (i1) ISISL1 (i2) ISISL2,
       (is) ISIS, (mb) MBGP, (mbe) MBGPExt, (mbi) MBGPInter, (mp) MPLS Lsp,
       (mo) MOSPF (o) OSPF, (o1) OSPFExt1, (o2) OSPFExt2,
       (oa) OSPFIntra, (oe) OSPFAsExt, (or) OSPFInter, (pd) PIM-DM, (ps) PIM-SM,
       (r) RIP, (ra) RtAdvrt, (s) Static, (sv) SLB_VIP, (un) UnKnown,
       (*) Preferred unicast route (@) Preferred multicast route,
       (#) Preferred unicast and multicast route.

Flags: (b) BFD protection requested, (B) BlackHole, (c) Compressed, (D) Dynamic,
       (f) Provided to FIB, (G) Gateway, (H) Host Route, (l) Calculated LDP LSP,
       (L) Matching LDP LSP, (m) Multicast, (p) BFD protection active, (P) LPM-routing,
       (R) Modified, (s) Static LSP, (S) Static, (t) Calculated RSVP-TE LSP,
       (T) Matching RSVP-TE LSP, (u) Unicast, (U) Up, (3) L3VPN Route.

MPLS Label: (S) Bottom of Label Stack
Mask distribution:
     1 default routes                1 routes at length 24


Route Origin distribution:
     1 routes from Direct               1 routes from Static


Total number of routes = 2
Total number of compressed routes = 0

Finishing-48.3 #

Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb

This edge switch has sporatic connections from the wireless to the 114 vlan:



telnet session telnet0 on /dev/ptyb0


login: admin
password:

ExtremeXOS
Copyright (C) 1996-2013 Extreme Networks. All rights reserved.
Protected by US Patent Nos: 6,678,248; 6,104,700; 6,766,482; 6,618,388; 6,034,957; 6,859,438; 6,912,592; 6,954,436; 6,977,891; 6,980,550; 6,981,174; 7,003,705; 7,017,082; 7,046,665; 7,126,923; 7,142,509; 7,149,217; 7,152,124; 7,154,861; 7,245,619; 7,245,629; 7,269,135; 7,448,045; 7,447,777; 7,453,874; 7,463,628; 7,483,370; 7,499,679; 7,502,374; 7,539,750; 7,522,516; 7,546,480; 7,552,275; 7,554,978; 7,558,273; 7,568,107; 7,577,996; 7,581,024; 7,580,409; 7,580,350; 7,584,262; 7,599,292; 7,602,721; 7,606,249; 7,606,240; 7,606,263; 7,613,209; 7,619,971; 7,646,773; 7,646,770; 7,649,879; 7,657,619; 7,657,635; 7,660,259; 7,660,894; 7,668,969; 7,672,228; 7,675,915; 7,689,678; 7,693,158; 7,710,993; 7,719,968; 7,724,734; 7,724,669; 7,733,899; 7,752,338; 7,773,507; 7,783,733; 7,792,058; 7,813,348; 7,814,204; 7,817,549; 7,817,633; 7,822,038; 7,822,032; 7,821,931; 7,823,199; 7,822,033; 7,835,348; 7,843,927; 7,856,019; 7,860,006; 7,889,750; 7,889,658; 7,894,451; 7,903,666; 7,908,431; 7,912,091; 7,936,764; 7,936,687; 7,944,942; 7,983,192; 7,990,850; 8,000,344; 8,055,800; 8,059,658; 8,072,887; 8,085,779; 8,107,383; 8,117,336; 8,117,657; 8,135,007; 8,139,583; 8,159,936; 8,160,074; 8,161,270; 8,174,980; 8,204,070; 8,208,418; 8,233,474; 8,255,996; 8,274,974; 8,279,874; 8,295,188.
==============================================================================

Press the <tab> or '?' key at any time for completions.
Remember to save your configuration changes.


Extrusion-48.1 # show vlan
---------------------------------------------------------------------------------------------
Name            VID  Protocol Addr       Flags                       Proto  Ports  Virtual
                                                                            Active router
                                                                            /Total
---------------------------------------------------------------------------------------------
Default         1    ------------------------------------------------ ANY    0 /0   VR-Default
Mgmt            4095 ------------------------------------------------ ANY    0 /1   VR-Mgmt
v105            105  10.128.105.9   /24  ---------------------------- ANY    4 /6   VR-Default
v106            106  ------------------------------------------------ ANY    10/23  VR-Default
v114            114  ------------------------------------------------ ANY    15/22  VR-Default
v118            118  ------------------------------------------------ ANY    0 /0   VR-Default
v200            200  ------------------------------------------------ ANY    1 /3   VR-Default
v300            300  ------------------------------------------------ ANY    1 /2   VR-Default
v50             50   ------------------------------------------------ ANY    3 /4   VR-Default
---------------------------------------------------------------------------------------------
Flags : (B) BFD Enabled, (c) 802.1ad customer VLAN, (C) EAPS Control VLAN,
        (d) Dynamically created VLAN, (D) VLAN Admin Disabled,
        (e) CES Configured, (E) ESRP Enabled, (f) IP Forwarding Enabled,
        (F) Learning Disabled, (i) ISIS Enabled, (I) Inter-Switch Connection VLAN for MLAG,
        (k) PTP Configured, (l) MPLS Enabled, (L) Loopback Enabled,
        (m) IPmc Forwarding Enabled, (M) Translation Member VLAN or Subscriber VLAN,
        (n) IP Multinetting Enabled, (N) Network Login VLAN, (o) OSPF Enabled,
        (O) Flooding Disabled, (p) PIM Enabled, (P) EAPS protected VLAN,
        (r) RIP Enabled, (R) Sub-VLAN IP Range Configured,
        (s) Sub-VLAN, (S) Super-VLAN, (t) Translation VLAN or Network VLAN,
        (T) Member of STP Domain, (v) VRRP Enabled, (V) VPLS Enabled, (W) VPWS Enabled,
        (Z) OpenFlow Enabled

Total number of VLAN(s) : 9
Extrusion-48.2 # show iproute
Ori  Destination        Gateway         Mtr  Flags         VLAN       Duration
#s   Default Route      10.128.105.1    1    UG---S-um--f- v105       91d:17h:50m:49s
#d   10.128.105.0/24    10.128.105.9    1    U------um--f- v105       64d:19h:18m:41s

Origin(Ori): (b) BlackHole, (be) EBGP, (bg) BGP, (bi) IBGP, (bo) BOOTP
       (ct) CBT, (d) Direct, (df) DownIF, (dv) DVMRP, (e1) ISISL1Ext
       (e2) ISISL2Ext, (h) Hardcoded, (i) ICMP, (i1) ISISL1 (i2) ISISL2
       (is) ISIS, (mb) MBGP, (mbe) MBGPExt, (mbi) MBGPInter, (mp) MPLS Lsp
       (mo) MOSPF (o) OSPF, (o1) OSPFExt1, (o2) OSPFExt2
       (oa) OSPFIntra, (oe) OSPFAsExt, (or) OSPFInter, (pd) PIM-DM, (ps) PIM-SM
       (r) RIP, (ra) RtAdvrt, (s) Static, (sv) SLB_VIP, (un) UnKnown
       (*) Preferred unicast route (@) Preferred multicast route
       (#) Preferred unicast and multicast route

Flags: (B) BlackHole, (b) BFD protection requested, (c) Compressed, (D) Dynamic
       (f) Provided to FIB, (G) Gateway, (H) Host Route, (L) Matching LDP LSP
       (l) Calculated LDP LSP, (3) L3VPN Route, (m) Multicast, (P) LPM-routing
       (p) BFD protection active, (R) Modified, (S) Static, (s) Static LSP
       (T) Matching RSVP-TE LSP, (t) Calculated RSVP-TE LSP, (u) Unicast, (U) Up

MPLS Label: (S) Bottom of Label Stack
Mask distribution:
     1 default routes                1 routes at length 24


Route Origin distribution:
     1 routes from Direct               1 routes from Static


Total number of routes = 2
Total number of compressed routes = 0

Extrusion-48.3 #

Photo of Doug Jaquays

Doug Jaquays

  • 222 Points 100 badge 2x thumb
Well, my initial thought was maybe there's an issue with routing traffic back to the wireless clients.

Now I'm just going to ramble ideas and we'll see what happens.
Are there any LAG groups in the path wireless clients are taking?  Perhaps there's an issue with traffic getting lost in the LAG?  (This is usually diagnosable by looking at source/destination details and seeing that traffic works when the hash is even vs odd or visa versa and is usually caused by configuration mismatches between sides of the link)
Are all of the APs in the same mode (tunnel vs bridge)?  Perhaps there's an issue there.
Do all of the APs in the extrusion switch have the same port configuration (VLANs, tagged/untagged)?
Are the wireless clients able to ping anything successfully?  Their own gateway, switch and wifi controller management interfaces, etc?
Are they receiving an IP from DHCP that matches the scope you expect?

I know you said this all worked with a Cisco core, but Cisco also seems to support a lot of "auto configuration" when communicating with other Cisco products that the Extreme core likely doesn't support.
Photo of Marcus Florido

Marcus Florido

  • 382 Points 250 badge 2x thumb
Is the VLAN tagged on all the uplink ports all the way back to the router?  Like Doug says, Cisco uses VTP by default, which essentially configures everything for you as long as you designate the uplink as a trunk port. (Cisco VLAN naming standards are weird).  The XOS switches will require manual VLAN tagging on all the uplink ports that connect back to the routing segment.
Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb

It appears that the AP's are bridged back to the WLC and all the uplink ports are setup as tagged.

One item I did see in the iproute, is that Vlan300, which is what the AP's and WLC are on, is not listed in the iproute.  Could this be the issue?

Photo of Beth Dierks

Beth Dierks

  • 330 Points 250 badge 2x thumb

Also, Vlan300 is not listed in the IPForwarding on the Core as well. 

On the Cisco, the WLC, AP's were all configured to the Vlan300 on the core switch.

Photo of css15

css15

  • 82 Points 75 badge 2x thumb
Hi,

Our APs usually have a traffic vlan (tagged) and the management vlan (untagged) unless you do not need to access those APs from another VLAN it should not be necessary to have VLAN 300 in ipforwarding mode. The WLC should be able to contact all APs within the VLAN.

To come to a point, if you ping your AP's Mgmt Address in VLAN 300 from anyother VLAN this will not work. If you ping a device in the traffic vlan (which is 118 from what I understand) then this should work.

I would advise to check on your uplink ports configuration (tagged/untagged). E.g. to VLAN 118 no Ports are attached on two of your sh vlan prints and the VLAN is therfore in disabled state.

Regards
Photo of Doug Jaquays

Doug Jaquays

  • 222 Points 100 badge 2x thumb
Unless all your APs plug directly into your core, none of your APs are on vlan300 right now.  (sh vlan on both edge switches only show v300 assigned to 2 ports with only 1 active)
Photo of Doug Jaquays

Doug Jaquays

  • 222 Points 100 badge 2x thumb
I think it may be time for methodical documentation.  This generally leads to finding the issue.
Start at your core, go through every port and verify they have the vlans needed and are in the correct tagged/untagged binding, verify all LAG groups are configured as you expect them to be.
Go to the WLC, verify that it is plugged into the port(s) you expect it to be in, verify any LAG configuration, verify tagged/untagged expectations of vlans.
Go to the edge switches, verify that they are connected to the core in the ports you expect them to be in, lag configuration, verify AP ports are configured as you expect them to be and that the APs are receiving the IP you expect them to have.
If you have edp enabled (and I recommend it) you can use "show edp ports all detail" to verify what port and vlans the other side of a EN to EN link has.

We use Aruba for wlan here, but the idea should be similar.
All end-user vlans and the management vlan are tagged into the WLC.  We use 2x10GBps LACP groups for our WLCs, so LACP must be configured on both sides of the link.
Our APs connect to the edge switches on untagged ports in the local VLAN for that building/floor and DHCP is used to tell the APs where to connect.  It sounds like you're expecting to be using Layer2 discovery where all APs should be in the same VLAN as the management/primary interface of the WLCs.
The end-user traffic is then tunneled back to the WLC, which does its magic and spits the traffic out onto the end-user VLANs into the core for routing.