1. Home
  2. Cisco Systems
  3. Need help adding device to new vlan

Need help adding device to new vlan

I need some help adding a device to an existing, recently created vlan.

Here is the fragment of our network:

[core 4507] -> [8540] -> [3550] -> [1230 WAP] [configuration excerpts are below]

The 1230 access point described is attached to our network, and is functioning properly. Recently, I tried to add another 3550 (in another part of the building), and a 1230 access point, copying the first configuration as the model. The vlan 99 (the user workstations) worked right away, but vlan 199 (the wireless access points) I cannot get working.

I can still get to the first access point, but am having trouble with the new one:

- it's unreachable when connected to the new switch, but I can get to it when connected to the first switch

- I can get to the vlan 199 default gateway from the new switch, and can get to the first access point from the new switch, but I can't get to the new access point, even when logged into the new switch.

- If I assign an ip address to the vlan 199 interface, I can get to the new access point from the new switch, but then I can't get to the vlan's default gateway or to the first access point.

Can someone help me find where the problem is? Do I need to allow vlan

1 on the interface on the core 4507?

Thanks for your help!

--Steve

Here are configuration fragments of each:

4507 (vtp server, domain ADM_VTP):

----------------------------------

interface GigabitEthernet1/1 description Trunk to 8540 switchport trunk encapsulation dot1q switchport trunk allowed vlan 40,51,99,199,997,998 switchport mode trunk switchport nonegotiate no logging event link-status qos trust dscp tx-queue 3 priority high ! interface Vlan199 description ADM WLAN Management ip address 192.168.199.1 255.255.255.0 ip helper-address 10.99.20.62 no ip redirects no ip unreachables no ip proxy-arp no ip mroute-cache end

8540 (vtp client, domain ADM_VTP):

----------------------------------

interface GigabitEthernet1/0/0 description Fiber to 99-c45-clan1 no ip address no ip redirects no ip proxy-arp no cdp enable ! interface GigabitEthernet1/0/0.1 description Native VLAN encapsulation dot1Q 1 native no ip redirects no ip proxy-arp ! interface GigabitEthernet1/0/0.40 description Security VLAN encapsulation dot1Q 40 no ip redirects no ip proxy-arp no cdp enable bridge-group 40 ! interface GigabitEthernet1/0/0.51 description Voice Network encapsulation dot1Q 51 no ip redirects no ip proxy-arp no cdp enable bridge-group 51 ! interface GigabitEthernet1/0/0.99 description ADM LAN Access VLAN encapsulation dot1Q 99 no ip redirects no ip proxy-arp no cdp enable bridge-group 99 ! interface GigabitEthernet1/0/0.199 description Admin WLAN Management encapsulation dot1Q 199 no ip redirects no ip proxy-arp no cdp enable bridge-group 199 ! interface GigabitEthernet1/0/0.997 description ADM IVDL encapsulation dot1Q 997 no ip redirects no ip proxy-arp bridge-group 97 ! interface GigabitEthernet1/0/0.998 description Admin WLAN encapsulation dot1Q 998 no ip redirects no ip proxy-arp bridge-group 98 ! interface GigabitEthernet1/0/2 description Fiber to 3550 no ip address no ip redirects no ip proxy-arp no cdp enable ! interface GigabitEthernet1/0/2.1 description Native VLAN encapsulation dot1Q 1 native no ip redirects no ip proxy-arp ! interface GigabitEthernet1/0/2.99 description ADM LAN Access VLAN encapsulation dot1Q 99 no ip redirects no ip proxy-arp no cdp enable bridge-group 99 ! interface GigabitEthernet1/0/2.199 description Admin WLAN Management encapsulation dot1Q 199 no ip redirects no ip proxy-arp bridge-group 199 ! interface GigabitEthernet1/0/2.998 description Admin WLAN encapsulation dot1Q 998 no ip redirects no ip proxy-arp bridge-group 98 ! interface BVI199 description Admin WLAN Management ip address 192.168.199.2 255.255.255.0 end

3550 (vtp client, domain ADM_VTP):

---------------------------------

interface GigabitEthernet0/1 description to 99-c85-catm1 switchport trunk encapsulation dot1q switchport mode trunk no ip address ! interface GigabitEthernet0/2 switchport mode dynamic desirable no ip address shutdown ! interface Vlan1 no ip address no ip route-cache ! interface Vlan99 ip address 10.99.20.211 255.255.248.0 no ip route-cache ntp broadcast client ! interface Vlan199 no ip address ! interface FastEthernet0/38 description to 1230 WAP switchport access vlan 199 switchport trunk encapsulation dot1q switchport mode trunk no ip address no snmp trap link-status storm-control broadcast level 1.00 storm-control multicast level 2.00 storm-control unicast level 5.00 end

Reply to
pfisterfarm
Loading thread data ...

All of your configurations are confusing because you are defining dot1Q subinterfaces on the 8540 and then using bridge-groups instead of defining VLAN interfaces and then setting up the connections to the 3550 as trunks. This would be much simpler design and easier to diagnose.

First off, you need to make sure that VLAN 199 is defined on the new 3550 (as a vlan i.e. "show vlan") as opposed to a VLAN interface. A VLAN interface is a Layer 3 interface and does not define a corresponding Layer

  1. Since you are using dot1Q interfaces instead of trunks, VTP will not work to automatically create layer 2 vlans on your attached switches. To create a layer 2 vlan you need to enter the command

vlan 199 name "bla bla bla"

You then need to make sure that the vlan is connected via layer 2 to the new 3550. With dot1Q interfaces I have no idea how "trunk" this vlan more than one switch from the 8540.

Reply to
Thrill5

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.