Further to this post
So on the switch I set the follwoing
Port 1 to native VLAN 1 and only allows VLAN 1 - it's connected to my ADSL router.
Port 2 to native VLAN 30 and only allows VLAN30 - It's connected to the Meraki firewall which is also connected to core LAN switches
Ports 3 - 5 Native VLAN 1 but allow VLANS 1 & 30, they are also POE for AP.
My APs are configured with 2 SSIDS. Internal & Guest
Internal VLAN is set to VLAN 30
Guest VLAN set to VLAN 1
I can connect fine to internal SSID and access resources needed.
However I don't get a DHCP lease when joining the Guest SSID/
Anyone want to point me somewhere to start troubleshooting.
Am I doing anything wrong, anything right?
Thanks in advance
Solved! Go to Solution.
best is to make a drawing...
from my understanding you want to get dhcp for vlan 1 from the DSL router? make a capture on the port connected to AP and dsl router. look if you see bootp message from client and dhcp server. your client should send discover. your dsl router should send offer.
guest ssid is configured for "bridge mode" and "dont use vlan tagging"?
if you dsl router is not trunking you could just set the switchport to access with vlan 1
did you also try "dont use vlan tagging" on the guest ssid.
maybe its better to just set your guest vlan to another number then 1. then you can use that vlan tag on the guest ssid. and set Access port with that vlan to the DSL router.
@ww- no I'm afraid that didn't work
Changing VLAN ID didn't work either.
However using the inbuilt meraki NAT worked.
Wasn't really what I was wanting to do, and doesn't explain what was wrong with my ideas.
Would really like to learn more, so if someone can advise where to start...
Did you create a DHCP scope for your "management VLAN"? We have a similar setup, we have a guest VLAN 25, and an internal VLAN of 20. We created a management VLAN and that VLAN's sole purpose is to hand out DHCP addresses to meraki gear. So we set all trunk ports to native vlan 175. In this scenario we would allow vlan 20 and 25 across that port.
I can't think of a reason why you would want the ISP to handle DHCP for your devices since you have a MX inline anyways. There could be a valid reason, but I'm a big believer in simpler is better.
I must be missing something
The MX is on a leased line and connected to internal switching. Corporate traffic lives here and the 2 DHCP servers for the LAN.
The cheap broadband line is hooked to a cheap router and that's for guests. It handles it's own DHCP
I was wanting to use that for guests rather than the Meraki DHCP, but couldn't get it to work. The Meraki DHCP does work,
I dont see that the ISP is handling DHCP for anyone?
Maybe my drawing makes no sense?
Nope you're good, I was miss reading your diagram.
So with your original setup, your AP's are going to pull an address from your ADSL router because you have ports 3-5 set as native vlan 1. You are also trying to pass VLAN 1 to your clients for DHCP. We know this doesn't work because you can't pass tagged traffic of the same vlan as your native, the port will drop the tags. If you change the native vlan on ports 3-5 to say vlan 5, you would be able to pass vlan 1 traffic over that interface and route the way you would like. You would need to make sure that you have a DHCP scope tagged to vlan 5 though as the meraki APs still need to pull an internal IP from somewhere. This is where I was going with the "management" VLAN.
The AP's need an IP that is not pulled from the VLAN you are tagging your clients as.