VLANs and VLAN tagging

  • 2
  • Question
  • Updated 3 years ago
  • Answered
Here's what I'm trying to accomplish:
Multiple VLANs in a high density school environment. My plan is to have each AP connected to a switch port that is a member of, or tagged for its respective VLAN. The school campus will be segmented per building so I'd like to have each AP only broadcast the SSID of the VLAN that the user is connected to. I'm treating this as if we'd have a Zone Director located remotely and managing APs in different AP and WLAN groups.

The VLANs are already functional and inter-vlan routing is enabled. Each switch is connected via trunk port and the core switch is connected via trunk port to the external router which handles the VLAN traffic. Aside from wireles traffic this is working fine.

The switch port every AP connects to is a member of the appropriate VLAN. The APs are also part of different groups and each group is assigned to the WLAN group for the SSID that users will connect to on that VLAN.

When I assign the WLAN to the VLAN ID that it should be a member of then I can't connect. If the WLAN is left as a member of VLAN ID 1 then I can connect but pull an address from the management VLAN.

Again, DHCP, VLAN routing, and the network in general work fine otherwise. How do I get wireless clients to connect to the appropriate VLAN? My goal is to have this campus segmented as if each building is a remote location and can only see SSIDs per that VLAN. Where am I going wrong?
Photo of Willie Brunet

Willie Brunet

  • 4 Posts
  • 1 Reply Like

Posted 3 years ago

  • 2
Photo of Willie Brunet

Willie Brunet

  • 4 Posts
  • 1 Reply Like
OK, I figured it out as soon as I posted this question. For anyone reading this who may have the same scenario, I forgot to remove the WLANs from the default WLAN group. When I was testing I had two APs on different VLANs in range of my laptop. The one I was connecting to was connected to the management VLAN but still broadcasting an SSID that is supposed to be on VLAN 3 b/c I forgot to remove the WLAN from the default group. Dumb mistake.
Photo of Scott Hudson

Scott Hudson

  • 17 Posts
  • 1 Reply Like
Can you help me with this scenario a bit further. I too manage a very large school with 7 blocks and over 1500 ipads, what im trying to do is break the school down to blocks to stop excessive broadcasts of bonjour services so we can actually use airplay correctly, at present i have two vlans one the native vlan1 (10.64.x.x ip range) and another vlan100 (192.168.x.x ip range) for student wifi, with the ruckus controller setup as a bonjour gateway. All is working fine apart from the airplay which is very sparodic at the best of time on the staff wifi and on the student in actually drops the airplay icon off the ipads.

Ive put this down to excessive broadcast / traffic as since i removed air server off 95% of the teacher pc's and only left it on 5 everything is stable.

Ive been testing block vlans but cant connect to the access point of the switch the test vlan is on, or see the air sever broadcast fro ma device on the test vlan.

Any help much appreciated.