I am gonna guess. I see these things that strike me odd ( at least...:D) Root: dotradio0 no dot11 extension aironet. Why ? I would say that this could only add problems rather than solve. Question is is it a requirement ? I would think this has to Aironet extension needs to be on. At least in repeater mode I think it has to be on. you also have different settings on the WGB radio0 interface. I would have those settings the same as you can. Like the peambles DTIM maniuplation e.t.c.
WGB: bridge-group 99 under dotradio0 interface ?? Why ? ! interface FastEthernet0.800 encapsulation dot1Q 800 native ! interface Dot11Radio0.800 encapsulation dot1Q 800 bridge-group 10 ! For these subinterfaces above: If WGB-client-vlan 800 is to be used you would´t configure anything with vlan800 manually cause that command is going to do all that hidden anyways. I look at it as a fast way for simple WGB configuration like a sort of a macro But I thought I could do everything without that command if I wanted more VLAN´s e.t.c The WGB (if it is like the non-root to root-bridge) should take all vlans over the native vlan SSID to the root network. So I would say either do use those above manually without the worgroup-bridge client vlan command or only do the client-vlan command for the wired client traffic without the subinterfaces. Jason ! Can you tell us if the client-vlan command is only meant for the wired traffic comming across the link ? Does the WGB in that casehave to belong to that client VLAN ?? To add: what I am not sure about is if the client would work directly to the bridge if it has more than 2 VLANS I would think a switch should come first with VLAN trunk and native to the BVI vlan of the WGB. And then the wired client on access vlan 800. This of course depends if the WGB-client vlan command puts native vlan on f0 interface for the client vlan or if it is „just“ a VLAN trunk. I am not sure here. my 5 cents.. regards. Kristjan From: Stalder Dominic [mailto:[email protected]] Sent: 8. júní 2011 14:49 To: Kristján Ólafur Eðvarðsson Cc: [email protected] Subject: Re: [OSL | CCIE_Wireless] 1. Re: [CCIE Wireless] Autonomous Mode Configs (Vit) Hi Kristjan / group I have almost the same problem with the workgroup-bridge client-vlan command. In my lab, I would like to have the WGB over VLAN 804 and the Client in VLAN 800 (attached a primitive diagram), so this is my configuration: Root AP: Version 12.4(25d)JA, RELEASE SOFTWARE (fc1) dot11 ssid VLAN804 vlan 804 authentication open authentication key-management wpa guest-mode wpa-psk ascii 7 00271A1507545A545C ! interface Dot11Radio0 ! encryption vlan 804 mode ciphers aes-ccm ! ssid VLAN804 ! packet retries 128 drop-packet no preamble-short station-role root rts threshold 2312 beacon dtim-period 10 no dot11 extension aironet ! interface Dot11Radio0.800 encapsulation dot1Q 800 bridge-group 10 ! interface Dot11Radio0.804 encapsulation dot1Q 804 native bridge-group 1 ! interface FastEthernet0.800 encapsulation dot1Q 800 bridge-group 10 ! interface FastEthernet0.804 encapsulation dot1Q 804 native bridge-group 1 ! interface BVI1 ip address 2.250.30.1 255.255.248.0 ! WGB: Version 12.4(25d)JA, RELEASE SOFTWARE (fc1) dot11 ssid VLAN804 vlan 804 authentication open authentication key-management wpa guest-mode wpa-psk ascii 7 00271A1507545A545C ! interface Dot11Radio0 ! encryption vlan 804 mode ciphers aes-ccm ! ssid VLAN804 ! station-role workgroup-bridge bridge-group 99 ! interface Dot11Radio0.800 encapsulation dot1Q 800 bridge-group 10 ! interface Dot11Radio0.804 encapsulation dot1Q 804 native bridge-group 1 ! interface FastEthernet0 bridge-group 1 ! interface FastEthernet0.800 encapsulation dot1Q 800 native no ip route-cache bridge-group 10 ! interface BVI1 ip address 2.250.30.2 255.255.248.0 ! ip default-gateway 2.250.24.30 ! bridge 10 protocol ieee ! workgroup-bridge client-vlan 800 I can ping from the Router the Root AP and the WGB, but the client can not ping the Router in anyway. What is wrong with my configuration? Thanks a lot in advance and best regards Dominic ________________________________ Von: Kristján Ólafur E›var›sson <[email protected]> Datum: Tue, 7 Jun 2011 15:21:51 +0000 An: Vit <[email protected]>, Jason Boyers <[email protected]> Cc: "[email protected]" <[email protected]> Betreff: Re: [OSL | CCIE_Wireless] 1. Re: [CCIE Wireless] Autonomous Mode Configs (Vit) Hey Vitaly and group. I labbed this up. I got work-group bridge to work in „workgroup-bridge client vlan 998“ mode I started to get the root ap working with the wgb-04 ssid connected to VLAN 998 with DHCP server on a switch/router for the 10.10.98.0/24 subnet. I´m using 2x 1242‘s in this setup and software version of 12.3.8 JEA3 I had one problem at first, this was after enabling infrastructure-client on the Root. The WGB got Dhcp address through the bridge-link but no other traffic was working from the root. It was fixed after rebooting the Root. Here are the configs on the WGB and Root. I made some fun addons to this excercise that you can see in next post :D ! Root config: ! hostname Root ! ! dot11 ssid wgb-04 vlan 998 authentication open ! ! interface Dot11Radio0 no ip address no ip route-cache ! ssid wgb-04 ! speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root infrastructure-client ! interface Dot11Radio0.998 encapsulation dot1Q 998 native no ip route-cache bridge-group 1 bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! ! interface FastEthernet0 no ip address no ip route-cache duplex auto speed auto hold-queue 160 in ! interface FastEthernet0.998 encapsulation dot1Q 998 native no ip route-cache bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface BVI1 ip address 10.10.98.5 255.255.255.0 no ip route-cache ! ip default-gateway 10.10.98.1 ! bridge 1 route ip ! ---------------------------------------------- WGB config: ! hostname WGB ! ! dot11 ssid wgb-04 authentication open ! interface Dot11Radio0 no ip address no ip route-cache ! ssid wgb-04 ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role workgroup-bridge bridge-group 1 bridge-group 1 spanning-disabled ! ! interface FastEthernet0 bridge-group 1 bridge-group 1 spanning-disabled hold-queue 160 in ! interface BVI1 ip address dhcp no ip route-cache ! ip default-gateway 10.10.98.1 ! cdp timer 5 ! bridge 1 route ip ! workgroup-bridge client-vlan 998 ! #The bridge gets an IP address from the switch dhcp pool. #My next test will be using a client on vlan 998 on the WGB connected switch (WGB in trunk mode) ! From: Vit [mailto:[email protected]] Sent: 6. júní 2011 23:14 To: Jason Boyers Cc: Kristján Ólafur Eðvarðsson; [email protected] Subject: Re: [OSL | CCIE_Wireless] 1. Re: [CCIE Wireless] Autonomous Mode Configs (Vit) Thanks Jason, Yes, I see Root AP (and connected switch) native vlan packets arriving to the port on a switch connected to WGB and I had to configure native vlan on this port to match the one on another side.... But no vlan 11 packets are arriving on the switch connected to WGB... Kind regards, Vitaly 2011/6/7 Jason Boyers <[email protected]> Just to confirm - using the "workgroup-bridge client-vlan x" command requires the following: 1) Root AP has a subinterface with the specified VLAN (mapped to the required SSID) 2) If a switch is connected to the WGB, it must use a trunk. The native VLAN should be the same as the native on the root AP (both wired and wireless.) Otherwise, STP will detect that it is receiving BPDUs for one "native" VLAN on a different "native" VLAN and block both. But, as you said, lab it up :) Jason Boyers - CCIE #26024 (Wireless) Technical Instructor - IPexpert, Inc. Mailto: [email protected] 2011/6/6 Vit <[email protected]> Hey Kristjan, thanks for your response. Yes, I have a basic config on both root and WGB AAPs, e.g. auth open, ssid and that's it :) Assigning static address to wired WGB-client didn't help as well, so it's not DHCP-related issue. I had sub-interfaces configured on the Root AAP, e.g. d0.11, but I believe they needed, otherwise what's the point of having 'work clie 11' on the WGB. Could you please share a working config, I will test if it works with wired WGB-clients and you will practice speed ;o) Thank you. Regards, Vitaly 2011/6/6 Kristján Ólafur Eðvarðsson <[email protected]> Hey Vitaly, I tested this out in a lab recently. I reccon that the only command need for the workgroup-bridge vlan x is needed. This will hide all other stuff you would normaly do. for example int dot0.11 blablabla. But with other stuff on the wire I didn´t test it but if the WGB was working from wired, I suppose clients on the WGB VLAN should work too. I find sometimes in cases with dhcp or other broadcast/multicast issues the infrastructure-client command on the Root AP helps. After all it is meant to deliver multicast (and broadcast ?) packets reliably.. Putting a static IP of course might help to isolate the problem to start with and also to simplify security before troubleshooting the DHCP related issues. I like to add the security stuff as the last step to see all radio related stuff working first. my 5 cents.. regards. Kristjan ---------------------------------------------------------------------- Message: 1 Date: Sun, 5 Jun 2011 19:57:04 +0100 From: Vit <[email protected]> To: [email protected] Subject: Re: [OSL | CCIE_Wireless] [CCIE Wireless] Autonomous Mode Configs Message-ID: <[email protected] <mailto:jn_izf-zk7bb43gph3bw%[email protected]> > Content-Type: text/plain; charset="iso-8859-1" Guys, I've got a question regarding the 'workgroup-brdige client-vlan X' command and Jason's post -> http://onlinestudylist.com/archives/ccie_wireless/2011-March/002018.html Has anyone managed to get WGB with client-vlan working, e.g. wired clients connected to the WGB are able to get ip address from a DHCP server and ping the rest of the world through the wireless link between Root and WGB? When I create d0.11 subinterface on the WGB, then everything works, once I delete d0.11 (and reboot the WGB to remove Virtual-Dot11Radio0.11) and apply 'work clie 11' then wired clients register on the Root AAP but do not get ip addresses... Yes, I also applied 'bridge 11 proto ieee' to WGB, but no joy... Any help will be much appreciated. Regards, Vitaly ----------------------------------------------------------------------------- -- Regards, Vit _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com <http://www.ipexpert.com> Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com <http://www.PlatinumPlacement.com> ________________________________ _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
