HPE Community
Comware Wireless / Unified Series
1752488 Members
5673 Online
108788 Solutions
New Discussion

Re: Provision HP 830/HP525 Management VLAN

 
gavm
Occasional Visitor

‎03-17-2015 09:04 PM

‎03-17-2015 09:04 PM

Provision HP 830/HP525 Management VLAN

Hi all,

I need my HP 525 APs to  be provisioned with a management VLAN other than 1, but can not for the life of me find any information on how to do this anywhere. I have search through all provision commands and also tried to apply a map-configuration but no luck.

 

When I try to remove VLAN 1 in AP provision config, it says I'm not allowed since it is the current management VLAN, yet offers no apparent ability to change it.

 

[HP-wlan-ap-L17AP-prvs]undo vlan untagged 1
 Error: Cannot undo a tagged/untagged flag for the management VLAN 1!

 

Any help much appreciated.

 

Thanks

Gav

0 Kudos
4 REPLIES 4
JesseR
Regular Advisor

‎03-18-2015 01:17 PM

‎03-18-2015 01:17 PM

Re: Provision HP 830/HP525 Management VLAN

I've never tried it, but, I don't think you can undo vlan 1 untagging because then the port would be bound to nothing.  Instead of undo-ing it, did you try something like, [HP-wlan-ap-L17AP-prvs] vlan untagged 5    ??  Just a thought.

 

Jesse

Jesse R
Source One Technology, Inc.
HP Partner


MSM 5.7.x deployment guide:

0 Kudos
gavm
Occasional Visitor

‎03-18-2015 05:32 PM

‎03-18-2015 05:32 PM

Re: Provision HP 830/HP525 Management VLAN

Sorry, I probably confused things a bit there. I had already untagged another VLAN in provision-config. Here is a more complete conversation with the controller:

 

[HP-wlan-ap-L17AP-prvs]vlan untagged 10

[HP-wlan-ap-L17AP-prvs]vlan tagged 12

[HP-wlan-ap-L17AP-prvs]undo vlan untagged 1
 Error: Cannot undo a tagged/untagged flag for the management VLAN 1!

 

Specifically, my question is how to change the AP management VLAN. Clearly, it believes it to be VLAN 1 as per the error message above. I want the AP to obtain an IP address and setup the AP-AC tunnel on tagged VLAN 12 rather than untagged VLAN 1.

 

If I untag VLAN 12 on the switch port connected to the AP, it sort of works in that the AP management interface is now in VLAN 12. However, when a wireless client joins the network who is assigned to VLAN 1 they get an IP address in VLAN12, since the AP still believes it's untagged port is VLAN 1 it does not tag outgoing traffic for VLAN 1. Therefore, simply untagging on the switch side is not a solution since it conflicts with VLAN assignments on the wireless side.

 

Hope this makes sense. Thanks.

0 Kudos
Mathias2310
Occasional Contributor

‎05-06-2015 04:18 AM - edited ‎05-06-2015 04:21 AM

‎05-06-2015 04:18 AM - edited ‎05-06-2015 04:21 AM

Re: Provision HP 830/HP525 Management VLAN

i have got the same problem.

we have got one AP-Management VLAN which is not vlan 1 and i tried to tell the AP to configure another interface vlan.

 

Example:

vlan 12 is used for AP-Management

 

So i would like to use interface vlan 12 on the AP so that the Customer can use

vlan 1 with local breakout on the AP for WLAN Clients.

 

I tried using the map-configuration and the provision configuration on the ap it self, but nothing works.

the example map-configuration looks like this

vlan 200
name test

vlan 12
name AP-MGMT

int vlan 12
 ip address dhcp-alloc client-identifier mac Vlan-interface12
 ipv6 address auto

int vlan 1
shut

undo int vlan 1

int gig1/0/1
port link-type trunk
port trunk per vlan all
port trunk pvid vlan 12

 

But every time i restart the AP the interface vlan 1 is recreated and the AP tries to use this.

Sometime the AP uses 2 DHCP-Adresses one on interface vlan 1 and the other on interface vlan 12.

But the AP only connects over interface vlan 1 to the AC.

 

does anyone has a solution for this?

or is this something that can not be changed??

 

i would like to avoid a mixed environment where some VLAN's are bridged at the AP and VLAN 1 is bridged at the Controller.

 

thanks for any advise.

 

kind regards.

Mathias

0 Kudos
jessian
Occasional Visitor

‎05-11-2015 12:52 PM

‎05-11-2015 12:52 PM

Re: Provision HP 830/HP525 Management VLAN

Hi everyone

 

we have another approach: let the clients run on a different VLAN, other than 1

 

things are a lot easier with that in mind, regarded that internally the access point seems to prefer the management VLAN running on ID 1

 

but the SSID has to be configured with the new VLAN ID for the clients, for example 100:

 

interface WLAN-ESS100
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 100 untagged
port hybrid pvid vlan 100
port-security port-mode userlogin-secure-ext
port-security tx-key-type 11key
undo dot1x handshake
dot1x mandatory-domain whatever
undo dot1x multicast-trigger

 

wlan service-template 100 crypto
ssid whatever
bind WLAN-ESS 100
user-isolation enable
cipher-suite ccmp
security-ie rsn
gtk-rekey client-offline enable
client forwarding-mode local vlan 100
fast-association enable
service-template enable

 

nevertheless, the "client forwarding-mode" is optional, but if it is activated, the map-configuration file is needed:

 

vlan 100
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk permit vlan 1 100
#

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.