Re: cisco access point vlan issue

Your access-points have a default route pointing to 172.16.68.1 but I don't
see that address on your switch. Is the switch layer 3 and doing the
routing between the vlans or do you have a router connection the vlans?

On Wed, Dec 12, 2012 at 3:44 PM, Hasan AKSOY <hasan_at_agirol.com> wrote:

> I need help vlan config for access points.
>
> I can ping any vlan1 but cannot ping to vlan19.
>
> Our hardwares;
> Access Points: XAIR-AP1242AG-E-K9 802.11a/g Non-modular IOS AP; RP-TNC; ETS
> SW1: WS-C2960-48PST-L Catalyst 2960 48 10/100 PoE + 2 1000BT
> SW2: WS-C2960-24PC-L Catalyst 2960 24 10/100 PoE + 2 T/SFP
>
>
>
> My topology is here
>
> SW1----ethernet----ACCESS POINT1----wireless----ACCESS
> POINT2----ethernet----SW2
>
>
> ***********************************
> **********sw1 config:************
> ***********************************
>
>
> interface Vlan19
> ip address 172.19.68.3 255.255.255.0
> no ip route-cache
> !
> interface Vlan1
> ip address 172.16.68.4 255.255.255.0
> no ip route-cache
> !
> interface FastEthernet0/48
> switchport trunk allowed vlan 1-19
> switchport mode trunk
> srr-queue bandwidth share 10 10 60 20
> priority-queue out
> mls qos trust device cisco-phone
> mls qos trust cos
> auto qos voip cisco-phone
> service-policy input AutoQoS-Police-CiscoPhone
>
>
> ********************************************
> ********access point1 config:*************
> ********************************************
>
> no service pad
> service timestamps debug datetime msec
> service timestamps log datetime msec
> service password-encryption
> !
> no aaa new-model
> !
> !
> !
> dot11 ssid xxx
> authentication open
> infrastructure-ssid
> !
> dot11 arp-cache optional
> power inline negotiation prestandard source
> !
> bridge irb
> !
> !
> interface Dot11Radio0
> no ip address
> no ip route-cache
> shutdown
> !
> encryption key 1 size 128bit 7 XXX transmit-key
> encryption mode wep mandatory
> speed basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0
> basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
> channel least-congested 2437 2462
> station-role root access-point
> bridge-group 1
> bridge-group 1 subscriber-loop-control
> bridge-group 1 block-unknown-source
> no bridge-group 1 source-learning
> no bridge-group 1 unicast-flooding
> bridge-group 1 spanning-disabled
> !
> interface Dot11Radio1
> no ip address
> no ip route-cache
> !
> encryption key 1 size 128bit 7 XXX transmit-key
> encryption mode wep mandatory
> !
> ssid XXX
> !
> antenna transmit right
> antenna receive right
> antenna gain 13
> dfs band 1 3 block
> speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0
> basic-48.0 basic-54.0
> channel dfs
> station-role root bridge
> distance 1
> bridge-group 1
> interface FastEthernet0
> no ip address
> no ip route-cache
> duplex auto
> speed auto
> bridge-group 1
> !
> interface BVI1
> ip address 172.16.68.8 255.255.255.0
> ip helper-address 172.16.68.4
> ip helper-address 172.19.68.5
> ip helper-address 172.16.68.72
> no ip route-cache
> !
> ip default-gateway 172.16.68.1
> ip http server
> no ip http secure-server
> bridge 1 protocol ieee
> bridge 1 route ip
> !
> !
> line con 0
> line vty 0 4
> login local
> !
> end
>
>
>
>
>
> ********************************************
> ********access point2 config:*************
> ********************************************
>
> no service pad
> service timestamps debug datetime msec
> service timestamps log datetime msec
> service password-encryption
> !
> hostname XXX
> !
> enable secret 5 XXX
> !
> no aaa new-model
> clock timezone +0200 2
> !
> !
> !
> dot11 ssid XXXX
> authentication open
> infrastructure-ssid
> !
> dot11 arp-cache optional
> !
> !
> !
> bridge irb
> !
> !
> interface Dot11Radio0
> no ip address
> no ip route-cache
> shutdown
> !
> encryption key 1 size 128bit 7 XXX transmit-key
> encryption mode wep mandatory
> station-role root
> bridge-group 1
> bridge-group 1 subscriber-loop-control
> bridge-group 1 block-unknown-source
> no bridge-group 1 source-learning
> no bridge-group 1 unicast-flooding
> !
> interface Dot11Radio1
> no ip address
> no ip route-cache
> !
> encryption key 1 size 128bit 7 XXX transmit-key
> encryption mode wep mandatory
> !
> ssid XXX
> !
> antenna transmit right
> antenna receive right
> antenna gain 13
> speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0
> basic-48.0 basic-54.0
> station-role non-root bridge
> mobile station scan 5260 5280 5300 5320
> bridge-group 1
> !
> interface FastEthernet0
> no ip address
> no ip route-cache
> bridge-group 1
> bridge-group 1 spanning-disabled
> !
> interface BVI1
> ip address 172.16.68.9 255.255.255.0
> ip helper-address 172.16.68.4
> ip helper-address 172.19.68.5
> ip helper-address 172.16.68.72
> no ip route-cache
> !
> ip default-gateway 172.16.68.1
> ip http server
> no ip http secure-server
> bridge 1 protocol ieee
> bridge 1 route ip
> !
> !
> !
> line con 0
> line vty 0 4
> !
> end
>
>
>
> ***********************************
> **********sw2 config:************
> ***********************************
>
> interface Vlan19
> ip address 172.19.68.254 255.255.255.0
> no ip route-cache
> !
> interface Vlan1
> ip address 172.16.68.7 255.255.255.0
> !
> interface FastEthernet0/24
> switchport trunk allowed vlan 1-19
> switchport mode trunk
> srr-queue bandwidth share 10 10 60 20
> priority-queue out
> mls qos trust device cisco-phone
> mls qos trust cos
> auto qos voip cisco-phone
> spanning-tree portfast
> service-policy input AutoQoS-Police-CiscoPhone
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Using Opera's revolutionary email client: http://www.opera.com/mail/
>
>
> Blogs and organic groups at http://www.ccie.net
>
> ______________________________**______________________________**
> ___________
> Subscription information may be found at:http://www.groupstudy.com/**
> list/CCIELab.html <http://www.groupstudy.com/list/CCIELab.html>
>
>
>
>
>
>
>
>

-- 
Marc Abel
CCIE #35470
(Routing and Switching)
Blogs and organic groups at http://www.ccie.net