3 Replies Latest reply on Aug 23, 2013 8:50 AM by jglenn

    How do I use multiple SSID's with different subnets?

    jglenn New Member

      We are turning up a new vWLAN appliance with AP's. Using Firmware V2_3_0_09 for vWLAN appliance and 6.7.0-17. AP model 1840.

       

      This is what I'm wanting to do. I have an SSID for wireless that is pulling ip addresses from vlan 3 which is my data vlan. I want to be able to have a guest wireless SSID that will pull ip addresses from vlan 4. So far this isn't working for me. This is what I have done so far....

       

      1) On my Adtran 3448 Router:

          

      interface vlan 3

      description Data   

      ip address  192.168.100.1  255.255.255.0

      ip access-policy Private

      no shutdown

      !

      interface vlan 4

      description Wireless

      ip address  192.168.200.1  255.255.255.0

      ip access-policy Private

      no shutdown

      !

      ip dhcp pool "Data"

        network 192.168.100.0 255.255.255.0

        dns-server xxxxx xxxxx

        netbios-node-type h-node

        default-router 192.168.100.1

        option 43 ascii xxxxx

      !

      ip dhcp pool "GCA.Guest"

        network 192.168.200.0 255.255.255.0

        dns-server xxxxxx xxxxx

        netbios-node-type h-node

        default-router 192.168.200.1

        option 43 ascii xxxxxx

      !

      interface switchport 0/5

        description AP1

        no shutdown

        switchport mode trunk

        switchport trunk native vlan 3

       

      2) On the vWLAN

       

           a) I have created a domain for the customer

           b) I have created two locations. One is Guest, the other is Wireless.

                     ~ Guest:

                               Location name: Guest

                               VLAN: 4

                               CIDR: 192.168.200.0/24

                     ~ Wireless:

                               Location Name: Wireless

                               VLAN 3

                               CIDR: 192.168.100.0/24

           c) I have created two roles. One is Guest the other is Wireless.

                     ~ Guest:

                               Role name: Guest

                               Location: Guest

                               Everything else is default

                     ~ Wireless:

                               Role name: Wireless

                               Location: Wireless

                               Everything else is default.

           d) I have created two SSID's. One is Guest, the other is Wireless.

                     ~ Guest:

                               SSID Name: Guest

                               Broadcast (checked)

                               Convert multicast disabled

                               Authentication: WPA2-PSK

                               Cipher: AES-CFM

                               Login form is default:

                               Role is: Guest

                               then PSK

                     ~ Wireless

                               SSID Name: Wireless

                               Everything else the same as Guest

                               Role: Wireless

           e) I have created an AP Template and both SSID's have been added to it.

       

       

      That's pretty much the config in a nutshell. The problem I'm having is that I can only get the AP's to work using the Native Vlan config on the trunk port. It will work with either DHCP pool as long as one of them is set to Native. If it's set to native it correctly pulls an ip address and I can surf. If it's set any other way such vlan 3 native and vlan 4 allowed on the trunk, the Native will work on the wireless SSID but when you swap over to the Guest SSID it will not pull an address and can't surf. ** Note: the AP's themselves are set up to pull a DHCP IP address from vlan 3. If you log into to the Guest network and it sits there long enough, it will eventually find the native vlan and pull from the pool of vlan 3. I don't want it to do that. **

       

      I have tried these two configs on the trunk port:

       

      interface switchport 0/5

      no shutdown

      switchport mode trunk

      switchport trunk native vlan 3

      switchport trunk allowed vlan 4

       

      and

       

      interface switchport 0/5

      no shutdown

      switchport mode trunk

      switchport trunk allowed vlan 3,4

       

      None of which seems to work the way that I want it to... Any help from those who are doing this would be appreciated.

       

      Thanks in advance.

        • Re: How do I use multiple SSID's with different subnets?
          daniel.blackmon Employee

          You mentioned creating two roles where you said you configured the name and location, but left everything else default. By default, the roles block all traffic. You have to explicitly allow the traffic you want. Any traffic not explicitly allowed will be implicitly denied. You mentioned that DHCP works depending on the native VLAN, but based on your roles that will not be the case.

           

          Even though I am certain you are not having an issue with the NV3448 (DHCP server), there is a suggestion that I need to make. You should use the first switch configuration you listed.

          !

          interface switchport 0/5

            description AP1

            no shutdown

            switchport mode trunk

            switchport trunk native vlan 3

          !

          The other switch configs will present complications. By default, all VLANs are allowed. So with the first configuration, you set the native (untagged) VLAN to 3, and allow everything else. In the second configuration, you have the native VLAN set to 3, but you are not allowing that VLAN on the port. The correct configuration in that case would be as follows.

          !

          interface switchport 0/5
            description AP1

            no shutdown

            switchport mode trunk

            switchport trunk native vlan 3

            switchport trunk allowed vlan 3,4

          !

          So basically you would need to combine the second and third switch configuration you listed. However, if you have any other VLANs at that site, they will not be allowed over the port.

          1 of 1 people found this helpful
          • Re: How do I use multiple SSID's with different subnets?
            daniel.blackmon Employee

            I went ahead and flagged this post as “Assumed Answered.”  If any of the responses on this thread assisted you, please mark them as either Correct or Helpful answers with the applicable buttons.  This will make them visible and help other members of the community find solutions more easily as well as award points to the users that helped you.  If you still need assistance, I would be more than happy to continue working with you on this - just let me know in a reply.