Extreme Networks

Nilac · ‎05-05-2020

Hello,

I have the following scenario.

Wireless windows 10 client >>Extreme AP621 >> Extreme controller NX5500 version 5.9.4.0-020R >> Meraki firewall
Problem.
I have created a vlan on Meraki (vlan 22) with ip 192.168.22.1. Controller is directly connected into a access vlan on Meraki vlan 22.
Users are able to connect to ssid, but are unable to ping gateway or internet.

Controller config

NX5500#sh run
!
! Configuration of NX5500 version 5.9.4.0-020R
!

wlan 22
ssid "test"
vlan 22
bridging-mode local
encryption-type ccmp
authentication-type none
wpa-wpa2 psk 0 XXXXXXXXX
!
wlan work
ssid work
vlan 1
bridging-mode local
encryption-type ccmp
authentication-type none
wpa-wpa2 psk 0 XXXXXXXXX

nx5500 xxxxxxxxxxxxxxxxxx
use profile default-nx5500
use rf-domain xxxxxx
hostname NX5500Secondary
ip default-gateway 192.168.12.1
interface vlan1
ip address 192.168.12.3/24
cluster name Cluster
cluster mode standby
cluster member ip 192.168.12.2
cluster member ip 192.168.12.3
!
nx5500 XXXXXXXXXXXXXXXXXXXX
use profile default-nx5500
use rf-domain xxxxxxxxx
ip default-gateway 192.168.12.1
interface ge2
switchport mode access
switchport access vlan 22
interface vlan1
ip address 192.168.12.2/24
interface vlan22
description "test"
ip address 192.168.22.2/24
cluster name Cluster
cluster mode active
cluster member ip 192.168.12.2
cluster member ip 192.168.12.3

ap7522 XXXXXXXXXXX
use profile anyap-XXX-SITE
use rf-domain XXXX
hostname AP1
interface vlan1
ip address 192.168.12.10/24

Nilac · ‎05-06-2020

Thank you very much Christoph for you`re detailed answer. I will schedule a maintainance hour to set things up.
5 stars for you`re profesionalism!

View solution in original post

Nilac · ‎05-06-2020

Thank you very much Christoph for you`re detailed answer. I will schedule a maintainance hour to set things up.
5 stars for you`re profesionalism!

Christoph_S · ‎05-05-2020

Hello Nilac,

Let's address one thing at a time:

VLAN22

This is the VLAN that is mapped to the WLAN. The NX knows about it but the APs don’t seem to have it configured per what I see above.

1 - On the NX5500 and in profile anyap-TEST-SITE configure VLAN 22

#conf t

#profile anyap-TEST-SITE

#interface vlan 22

2 - Allow said vlans through the ge 1 port

#..

#Interface ge 1

#switchport mode trunk

#switchport trunk allowed vlan 1,22

#com wr

3 - If the wireless clients are assigned static IP addresses add the DGW and DNS IP addresses to the AP profile however if they are pulling DHCP IP addresses, this information will be provided by the DHCP server to the wireless clients and you won’t need to do anything else.

4 - Make sure that VLANs 1 and 22 are also allowed through the switchports the APs are connected to.

I hope this helps

Christoph

Christoph S.

Nilac · ‎05-05-2020

Dear Christpher,

Thank you for youre paticence, please bear with me a little bit.
I am pretty new with Extreme equipments.

This is what i have now:

ap7522 XXX
use profile anyap-TEST-SITE
use rf-domain TEST
hostname AP58
interface vlan1
ip address 192.168.12.58/24
no ip dhcp client request options all

profile anyap anyap-TEST-SITE
no autoinstall configuration
no autoinstall firmware

auto-provisioning-policy TEST
adopt anyap precedence 10 profile anyap-TEST-SITE rf-domain TEST any

--------
I don`t want to affect users from vlan1, this is a working critical enviroment.

I want to do this individually. Should i go under each AP and set :
ip default-gateway 192.168.22.1
ip dhcp client request options all ?
Access points use static ip address, but clients are using dhcp.

Nilac · ‎05-05-2020

Dear Christopher, thank you for you`re answer. So do i have to configure the port from the switch where the Access point is connected from access (vlan 1) to trunk with vlan 1 and 22?

Or should i need to make modifications on the RFS aswell on the AP config.

Extreme Networks

Users connected via rfs are unable to ping internet or gateway

Users connected via rfs are unable to ping internet or gateway