Sunday, 2 August 2015

I recently had some fun trying to get multiple VLANS working over a old Cisco 1310 bridge, one of my biggest mistakes was not giving it a reboot after working on it for an hour or so.

VLAN 10 is my native VLAN
VLAN 40 & 70 are the 2 VLANS that I needed over the other side


Local Side
-―-―-―-―-―-―-―-―-―-―-―-―-―-―-―

dot11 syslog
dot11 vlan-name vlan-name vlan 70
dot11 vlan-name vlan-name vlan 40

dot11 ssid My SSID
vlan 10
max-associations 1
authentication open
authentication key-management wpa version 2
wpa-psk ascii 7 My KEY
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 10 mode ciphers aes-ccm tkip
!
!
broadcast-key change 10080
!
!
ssid My SSID
!
station-role root bridge
!
interface Dot11Radio0.1
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
!
interface Dot11Radio0.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 2
!
interface Dot11Radio0.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 3
!
interface FastEthernet0
no ip address
no ip route-cache
!
interface FastEthernet0.1
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
!
interface FastEthernet0.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 2
!
interface FastEthernet0.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 3
!
interface BVI1
ip address My IP
no ip route-cache

Remote Side
-―-―-―-―-―-―-―-―-―-―-―-―-―-―-―

dot11 syslog
dot11 vlan-name vlan-name vlan 70
dot11 vlan-name vlan-name vlan 40

!
dot11 ssid My SSID
vlan 10
max-associations 2
authentication open
authentication key-management wpa version 2
wpa-psk ascii 7 My KEY
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 10 mode ciphers tkip
!
ssid My SSID
!
station-role non-root
!
interface Dot11Radio0.1
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
!
interface Dot11Radio0.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 2
!
interface Dot11Radio0.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 3
!
interface FastEthernet0
no ip address
no ip route-cache
!
interface FastEthernet0.1
encapsulation dot1Q 10 native
no ip route-cache
bridge-group 1
!
interface FastEthernet0.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 2
!
interface FastEthernet0.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 3
!
interface BVI1
ip address My IP
no ip route-cache

Switch config
-―-―-―-―-―-―-―-―-―-―-―-―-―-―-―
interface GigabitEthernet1/0/48
switchport trunk native vlan 10
switchport trunk allowed vlan 10,40,70
switchport mode trunk