Join or sign in Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below. Use Your Email Use FacebookUse Linkedin

Linksys Switch & 3Com Wireless AP: Multiple SSID and 802.1Q

Locked

Hello,

I recently purchased a Linksys SRW2008MP managed switch with 802.1Q capability, and a 3com 3CRWE776075 wireless access point, also 802.1Q capable for a small office. I am having trouble getting the AP to to work with the
switch in 802.1Q mode.

I have set up the access point to enable multiple SSIDs. One SSID is for guest wireless access, and needs to be able to access the Internet through a Sonicwall router, but should not be able to access a Windows server on the
LAN.

The other employee SSID should be able to access everything, including the server and the internet through the router.

Here’s my set up so far:

Linksys switch:

– Port 1 –
3com AP (802.1Q aware)
Multiple SSIDs (named GUEST and EMPLOYEE)
General traffic, allowing only tagged frames.

– Port 2 –
Windows Server (not 802.1Q aware)
General traffic, allowing all frames. (PVID = 2)

– Port 3 –
Sonicwall Router
(Gateway device – not 802.1Q aware)
General traffic, allowing all frames. (PVID = 5)

VLANs:
– Vlan 1 –
Linksys Management Interface (Default)

– VLAN 2 –
Windows Server
VLAN Members:
Port 1 = Tagged
Port 2 = Untagged
Port 3 = Untagged

– VLAN 3 –
Guest Wireless
SSID = GUEST
VLAN Members:
Port 1 = Tagged
Port 2 = Excluded
Port 3 = Untagged

– VLAN 4 – Employee Wireless
SSID = EMPLOYEE
VLAN Members:
Port 1 = Tagged
Port 2 = Untagged
Port 3 = Untagged

– VLAN 5 – Sonicwall Router (Gateway)
VLAN Members:
Port 1 = Tagged
Port 2 = Untagged
Port 3 = Untagged

3com Access Point:

GUEST SSID: VLAN Tag = 3
EMPLOYEE SSID: VLAN Tag = 4
802.1Q mode is enabled

My problem is that every time I enable 802.1Q mode on the AP, and leave the setting for port 1 on the switch as “Admit tagged only,” no packets can get through the AP to any of the other ports on the switch. I can connect to
the AP wirelessly, but can not connect beyond that.

When I disable 802.1Q mode on the AP, and change port 1 on the switch to admit all (tagged and untagged), then I can connect fine through the switch. I know that the switch is tagging untagged frames with the PVID, as I have tested this functionality by changing the PVID and trying to ping other hosts on different VLANs. This leads me to believe
that the AP is not tagging frames correctly, hence the switch is not letting them through when I set the port to “Allow tagged only.”

I’m not so sure I have this set up correctly. Any networking VLAN experts out there have any suggestions? I’m going to start pulling out my hair soon, so any help would be much appreciated!

Thanks!

-Pat

Topic

Clarifications

In reply to Linksys Switch & 3Com Wireless AP: Multiple SSID and 802.1Q

Clarifications

Hello?

In reply to Linksys Switch & 3Com Wireless AP: Multiple SSID and 802.1Q

Anyone have any advice for this, or can point me in the right direction? I’m stumped.

VLANs

In reply to Linksys Switch & 3Com Wireless AP: Multiple SSID and 802.1Q

Hey Patrick,

It’s been a few years since I had to configure VLANs, but I think you are making this more complicated than need be.

Make two VLANs
VLAN 3 – Guest
VLAN 4 – Employee
Configure these two VLANs on access point
On switch have port1 (AP) tagged
port 2 (Win server) vlan 4 untagged
port 3 (sonicwall) – this is where I think the problem lies. I don’t believe that you can have communication between two VLANs without a bridge or router. I believe that sonicwall is 802.1q aware, you would just have to configure it to accept from vlan 3&4 (port 3 tagged), otherwise, if your sonicwall has two ethernet ports have 1 connected to port 3 (Vlan 3) and port 4 (Vlan 4).

hopefully this gives you some insight and points you in the right direction.

[Author]

Replies