cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
john_auskelis
New Contributor II

How to: configure switch port for multiple VLANs

Jump to solution

Greetings - I need some help configuring a NetVanta 3120 (firmware R10.9.3.E).  Hopefully I can use the GUI for this task.

The problem is:  All traffic is using the default VLAN 1.  I'd like to separate Public Wi-Fi traffic onto its own VLAN 33. 

I have a simple setup:  switch port 1 is connected to an un-managed switch, and all the computers run on this "private" network.  Switch port 2 is connected to a wireless access point.  The access point lets me create multiple SSIDs: The private SSID is assigned to VLAN 1, and the Public Wi-Fi SSID is assigned to VLAN 33.

Here's my plan:

  • Default VLAN  1 is working great - 10.0.1.0/24.  DHCP is provided by a Windows server
  • Public VLAN 33   192.168.33.0/24.  DHCP is provided by the NetVanta 3120.
  • Switch port #2 need to service both VLAN 1 and VLAN 33 traffic.

I think I'm close:  If I change switch port #2 Membership to only serve VLAN 33, that VLAN 33 works as designed. Wireless clients connect using VLAN 33, the Netvana DHCP assigns IP addresses 192.168.33.x, and traffic flows.  When I change switch port #2 membership back to 'trunk', all traffic flows over VLAN 1.

Attached are screen shots of my configuration.

I have studied the five year old “Configuring InterVLAN Routing in AOS - Quick Configuration Guide”  and some of the forum posts.  Sorry, I’m missing something!

Labels (1)
Tags (1)
1 Solution

Accepted Solutions
jayh
Honored Contributor
Honored Contributor

Re: How to: configure switch port for multiple VLANs

Jump to solution

On the "Switch ports configuration" page, click on the blue text Swx 0/2 for port 2.  This will open a new page with a tab for "Allowed VLAN list".

Make sure that both 1 and 33 are there.  You could set it to "All" but it's a good habit for larger networks to limit the VLANS to those that are required.  If the port is going directly to the access point, then also enable "Edge port mode" which will allow the port to come up immediately without waiting fot spanning tree negotiation.  If there is an intermediate switch, then it too must be set as a trunk with the vlans allowed on both the port to the 3120 and the port to the AP, and you do NOT want Edge port mode enabled because an accidental loop can take down your network.

Of course, the access point itself must be capable of and configured for multiple VLANs mapped to the different SSIDs.  From your description it sounds as if this may not be the case and the AP is using only the untagged native VLAN.  You'll need to verify that the AP indeed supports 802.1q trunking for multiple VLANs and is configured so that the tagged VLANs line up with the desired SSIDs.

Note that by default VLAN 1 is considered "native" and neither sends nor receives tags.  If the AP is expecting that both VLANs are tagged, then you can either create a dummy VLAN other than 1 and 33 and make it "native" or use a different VLAN than 1 for your Windows-DHCP traffic.

If it's an Adtran access point, then you can check the AWCP box and follow the wireless configuration menu to configure it automatically. 

View solution in original post

0 Kudos
2 Replies
jayh
Honored Contributor
Honored Contributor

Re: How to: configure switch port for multiple VLANs

Jump to solution

On the "Switch ports configuration" page, click on the blue text Swx 0/2 for port 2.  This will open a new page with a tab for "Allowed VLAN list".

Make sure that both 1 and 33 are there.  You could set it to "All" but it's a good habit for larger networks to limit the VLANS to those that are required.  If the port is going directly to the access point, then also enable "Edge port mode" which will allow the port to come up immediately without waiting fot spanning tree negotiation.  If there is an intermediate switch, then it too must be set as a trunk with the vlans allowed on both the port to the 3120 and the port to the AP, and you do NOT want Edge port mode enabled because an accidental loop can take down your network.

Of course, the access point itself must be capable of and configured for multiple VLANs mapped to the different SSIDs.  From your description it sounds as if this may not be the case and the AP is using only the untagged native VLAN.  You'll need to verify that the AP indeed supports 802.1q trunking for multiple VLANs and is configured so that the tagged VLANs line up with the desired SSIDs.

Note that by default VLAN 1 is considered "native" and neither sends nor receives tags.  If the AP is expecting that both VLANs are tagged, then you can either create a dummy VLAN other than 1 and 33 and make it "native" or use a different VLAN than 1 for your Windows-DHCP traffic.

If it's an Adtran access point, then you can check the AWCP box and follow the wireless configuration menu to configure it automatically. 

0 Kudos

Re: How to: configure switch port for multiple VLANs

Jump to solution

Thanks jayh, you rock!  As you suggested, the problem was resolved by defining the VLAN numbers in the switch port's 'allowed VLAN list.'  The default setting was all VLANS.  By deleting that and explicitly adding the VLAN numbers the Adtran router is behaving.

Extra credit for getting out of command line mode and showing me the GUI solution.

Cheers,

JA