cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Communication between 2 Vlans

Communication between 2 Vlans

Beth_Dierks
New Contributor
I am trying to get our wireless network communicating with a specific Vlan. So our wireless network is setup with a vlan as well. I have ipforwarding enabled for both vlans. What am I missing?

Just a little more information: If I am connected to the network via wired connection, I can ping a device on our 114 vlan. If I am connected to the network via wireless (118 vlan), then I cannot ping that same device.

16 REPLIES 16

Doug_Jaquays
New Contributor
I think it may be time for methodical documentation. This generally leads to finding the issue.
Start at your core, go through every port and verify they have the vlans needed and are in the correct tagged/untagged binding, verify all LAG groups are configured as you expect them to be.
Go to the WLC, verify that it is plugged into the port(s) you expect it to be in, verify any LAG configuration, verify tagged/untagged expectations of vlans.
Go to the edge switches, verify that they are connected to the core in the ports you expect them to be in, lag configuration, verify AP ports are configured as you expect them to be and that the APs are receiving the IP you expect them to have.
If you have edp enabled (and I recommend it) you can use "show edp ports all detail" to verify what port and vlans the other side of a EN to EN link has.

We use Aruba for wlan here, but the idea should be similar.
All end-user vlans and the management vlan are tagged into the WLC. We use 2x10GBps LACP groups for our WLCs, so LACP must be configured on both sides of the link.
Our APs connect to the edge switches on untagged ports in the local VLAN for that building/floor and DHCP is used to tell the APs where to connect. It sounds like you're expecting to be using Layer2 discovery where all APs should be in the same VLAN as the management/primary interface of the WLCs.
The end-user traffic is then tunneled back to the WLC, which does its magic and spits the traffic out onto the end-user VLANs into the core for routing.

Doug_Jaquays
New Contributor
Unless all your APs plug directly into your core, none of your APs are on vlan300 right now. (sh vlan on both edge switches only show v300 assigned to 2 ports with only 1 active)

css15
New Contributor
Hi,

Our APs usually have a traffic vlan (tagged) and the management vlan (untagged) unless you do not need to access those APs from another VLAN it should not be necessary to have VLAN 300 in ipforwarding mode. The WLC should be able to contact all APs within the VLAN.

To come to a point, if you ping your AP's Mgmt Address in VLAN 300 from anyother VLAN this will not work. If you ping a device in the traffic vlan (which is 118 from what I understand) then this should work.

I would advise to check on your uplink ports configuration (tagged/untagged). E.g. to VLAN 118 no Ports are attached on two of your sh vlan prints and the VLAN is therfore in disabled state.

Regards

Beth_Dierks
New Contributor
Also, Vlan300 is not listed in the IPForwarding on the Core as well.

On the Cisco, the WLC, AP's were all configured to the Vlan300 on the core switch.

GTM-P2G8KFN