从昨天晚上起,我一直在绞尽脑汁,整天都有这个问题…幸运的是,这还不是生产环境。
我做了很多search,并提出了关于思科接入点和多个SSID的相同的答案,我想我已经尝试了所有的东西,但显然我没有。
在这种环境下,Cisco 3550作为核心路由器。
有问题的AP是已经configuration为自主模式的AIR-LAP1142N-A-K9(该设备没有WiFipipe理器),它位于Cisco 2960 POE交换机上。
**2950 POE Switchport config for applicable ports**: interface GigabitEthernet1/0/12 description WiFi switchport access vlan 101 switchport trunk native vlan 11 switchport trunk allowed vlan 11,102,228,700 switchport mode trunk end interface GigabitEthernet1/0/28 description LINK TO CORE switchport trunk allowed vlan 10,11,101-106,228,700,1002-1005 switchport mode trunk end **Cisco 3550 Switchport config for applicable port:** interface GigabitEthernet0/9 description Link to 2960-MB-POE switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,11,101-106,228,700,1002-1005 switchport mode trunk end 所有其他VLAN正在按照devise/预期工作。 VLAN 700是来宾wifi,它从3550拉DHCP。所有其他VLAN(除了有问题的VLAN)都从MS Server 2008
从AP,我可以在VLAN上ping核心路由器IP(192.168.228.1),所以中继正在工作。 我也可以一路ping到MS 2008 DHCP服务器,所以中继一直是好的服务器
我可以与AP关联(运行“sho dot11 associations”命令时可以在AP中看到我的MAC地址),如果我将我的IP地址设置为静态IP地址,则sho dot11 associations命令会显示我的IP地址
我可以关联AP并获取VLAN 102的IP地址
我无法获得VLAN 228的IP地址
我已经尝试过与所有其他VLANs设置相同的转发器(从服务器获取DHCP),这也不起作用,所以我把它留在从核心的DHCP。
在Cisco 3550上设置VLAN如下
interface Vlan102 description VLAN102 ip address 192.168.102.1 255.255.255.0 ip helper-address 192.168.9.98 ip helper-address 192.168.9.103 ip helper-address 192.168.9.85 no ip redirects no ip unreachables no ip proxy-arp interface Vlan228 desciption VLAN228 ip address 192.168.228.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ! For testing, DHCP is set up as this (on core 3550) ip dhcp pool vlan228 network 192.168.228.0 255.255.255.0 default-router 192.168.228.1 dns-server 8.8.8.8 8.8.4.4 lease 0 8
基于上面的一切,对我来说,这意味着我的APconfiguration有问题。 我最好的猜测是它与子接口或桥组有关。 如果不是这样,它可能是3550的路由,但这是我的第一次经历,我必须告诉核心路由器关于在其上创build的vlan。 非常感激任何的帮助。
--------BEGIN AP CONFIGURATION---------- Current configuration : 4949 bytes ! ! Last configuration change at 09:58:29 GMT-0 Wed Jul 23 2014 ! NVRAM config last updated at 09:56:11 GMT-0 Wed Jul 23 2014 ! NVRAM config last updated at 09:56:11 GMT-0 Wed Jul 23 2014 version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname AP12345 ! ! logging rate-limit console 9 no logging console enable secret 5 passwordhasbeenremoved ! no aaa new-model clock timezone GMT -0 0 clock summer-time GMT-0 recurring last Sun Mar 2:00 last Sun Oct 3:00 no ip cef ip domain name myorganization.com ip name-server 192.168.xx ip name-server 192.168.xx ! ! ! ! dot11 mbssid dot11 syslog dot11 vlan-name VLANNAME1 vlan 102 dot11 vlan-name VLANNAME2 vlan 228 dot11 vlan-name MANAGEMENT vlan 11 ! dot11 ssid SSID1 vlan 102 authentication open authentication key-management wpa version 2 mbssid guest-mode wpa-psk ascii 7 passwordhasbeenremoved ! dot11 ssid SSID2 vlan 228 authentication open authentication key-management wpa version 2 mbssid guest-mode wpa-psk ascii 7 passwordhasbeenremoved ! ! dot11 guest ! ! ! username user1 privilege 15 secret 5 passwordremoved username user2 privilege 15 secret 5 passwordremoved ! ! bridge irb ! ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 102 mode ciphers aes-ccm ! encryption vlan 228 mode ciphers aes-ccm ! ssid SSID1 ! ssid SSID2 ! antenna gain 0 speed basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 power local 8 channel 2412 station-role root infrastructure-client ! interface Dot11Radio0.11 encapsulation dot1Q 11 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio0.102 encapsulation dot1Q 102 no ip route-cache bridge-group 102 bridge-group 102 subscriber-loop-control bridge-group 102 spanning-disabled bridge-group 102 block-unknown-source no bridge-group 102 source-learning no bridge-group 102 unicast-flooding ! interface Dot11Radio0.228 encapsulation dot1Q 228 no ip route-cache bridge-group 228 bridge-group 228 subscriber-loop-control bridge-group 228 spanning-disabled bridge-group 228 block-unknown-source no bridge-group 228 source-learning no bridge-group 228 unicast-flooding ! interface Dot11Radio1 no ip address no ip route-cache ! encryption vlan 102 mode ciphers aes-ccm ! encryption vlan 228 mode ciphers aes-ccm ! ssid SSID1 ! ssid SSID2 ! antenna gain 0 peakdetect no dfs band block channel 5745 station-role root ! interface Dot11Radio1.11 encapsulation dot1Q 11 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio1.102 encapsulation dot1Q 102 no ip route-cache bridge-group 102 bridge-group 102 subscriber-loop-control bridge-group 102 spanning-disabled bridge-group 102 block-unknown-source no bridge-group 102 source-learning no bridge-group 102 unicast-flooding ! interface Dot11Radio1.228 encapsulation dot1Q 228 no ip route-cache bridge-group 228 bridge-group 228 subscriber-loop-control bridge-group 228 spanning-disabled bridge-group 228 block-unknown-source no bridge-group 228 source-learning no bridge-group 228 unicast-flooding ! interface GigabitEthernet0 no ip address no ip route-cache duplex auto speed auto bridge-group 1 bridge-group 1 spanning-disabled no bridge-group 1 source-learning ! interface GigabitEthernet0.11 encapsulation dot1Q 11 no ip route-cache bridge-group 11 bridge-group 11 spanning-disabled no bridge-group 11 source-learning ! interface GigabitEthernet0.102 encapsulation dot1Q 102 no ip route-cache no cdp enable bridge-group 102 bridge-group 102 spanning-disabled no bridge-group 102 source-learning ! interface GigabitEthernet0.228 encapsulation dot1Q 228 no ip route-cache no cdp enable bridge-group 228 bridge-group 228 spanning-disabled no bridge-group 228 source-learning ! interface BVI1 ip address 192.168.9.133 255.255.255.0 no ip route-cache ipv6 address dhcp ipv6 address autoconfig ipv6 enable ! ip default-gateway 192.168.9.1 ip forward-protocol nd no ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ! ! bridge 1 route ip ! ! ! line con 0 privilege level 15 line vty 0 4 login local transport input ssh line vty 5 15 login transport input ssh ! sntp server 165.193.126.229 sntp server 216.171.112.36 sntp server 206.246.122.250 end ------------------END AP CONFIGURATION---------------
我忘了在POE交换机上设置正确的vlan …查看以前的注释了解更多详情。 我觉得这很愚蠢。