Create Separate Wireless SSID for specific port/vLAN

SOLVED
rossmeraki
New here

Create Separate Wireless SSID for specific port/vLAN

MX64 x 1, MS220 x 1, MR33 x 1, MR18 x 2

 

I currently have all three access points transmitting corp WiFi across the building. 

I have a new requirement whereby I have a bit of a custom music setup that runs on ethernet on its own vLAN and I need to also be able to access this network via a separate wireless SSID instead of just other ethernet. To explain a little better:

 

I have several Sonos AMPs that are hard-wired with ethernet into an old Cisco switch. I have this switch connected to my MS220 on port 4 (access) and I have assigned a vLAN of 192.168.1.0/24 to port 4. I can connect my laptop to the Cisco switch where all the AMPs are and from here get an IP address in that range and connect to my music controller. What I now need to do, is also gain access to this vLAN over a wireless SSID. E.G SSID "MusicControl" would give me an IP of 192.168.1.X.


This wireless SSID can't use Meraki DHCP because I need to communicate with the music devices and controller over the network. I also need this SSID to sit completely separate from the other SSID I use for corp WiFi (this SSID does use Meraki DHCP).

 

So long story short, can someone please advise how I can assign a new SSID to port 4 (I assume it will stay in bridge mode) but this SSID runs separately to the rest of the network that's in place? I had a brief play with vLAN tagging but don't think I was getting it quite right. 

Thanks

1 ACCEPTED SOLUTION
Bruce
Kind of a big deal

@rossmeraki, there are a couple of things to do. First, I’m assuming you created a new VLAN for he 192.168.1.0/24 range which is separate to any other VLAN you have created. This VLAN is created on the MX with a VLAN ID/number (VLAN 2), and with a DHCP server enabled. I’m also assuming you made port 4 on the MS220 an access port, assigned it to the VLAN (VLAN 2) you’d created, and then plugged it into the Cisco switch, and that you have a trunk between the MX and the MS220. This would be providing IP addresses to the wired equipment and so they’d be working.

 

What you need to do to get the SSID working is first get a trunk between the access points and the switches. If the MR connects to the MS then all you should need to do is change the port configuration on the MS to be a trunk and set the native VLAN to match whatever the access port VLAN is at the moment (VLAN 1) - assuming it’s currently configured as an access port. If it’s already a trunk port just make sure it is allowing all VLANs.

 

Once that is done configure a SSID, set the IP addressing to bridge mode, enable VLAN tagging, and then for the VLAN ID, set ‘All other APs’ to use the ID/number (VLAN 2) of the VLAN that you created on the MX for the 192.168.1.x subnet. The devices should then get a DHCP address from that subnet and be part of that VLAN.

 

That’s the basics of setting it up, hope it’s not too hard to follow and feel free to post any more questions.

 

EDIT: just updated the post with the VLAN numbers that you’ve included in your subsequent post - Hope it helps.

View solution in original post

5 REPLIES 5
rhbirkelund
Kind of a big deal

If the APs are connected to access ports and in vlan 1, configure the new SSID to Bridge Mode and disable VLAN tagging on the Music SSID.
LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

Thank you for your response. @rhbirkelund 

 

The APs are connected to port 1/2/3 which are all set to vLAN 1 (default vLAN with 192.168.128.0/24) and the SSID does have vLAN tagging disabled now. However, at the moment when connecting to MusicSSID I am getting an IP address of 192.168.120.X which is the default vLAN on the MX64. I would like to use vLAN 2 (which I've assigned the 192.160.1.0/24 subnet) but I'm not getting how to make that vLAN transmit over the SSID. Right now, I just have vLAN 2 assigned to port 4 on my switch which gives the correct IP's to cabled clients but I'm still failing on the SSID portion.

 

 

 

Bruce
Kind of a big deal

@rossmeraki, there are a couple of things to do. First, I’m assuming you created a new VLAN for he 192.168.1.0/24 range which is separate to any other VLAN you have created. This VLAN is created on the MX with a VLAN ID/number (VLAN 2), and with a DHCP server enabled. I’m also assuming you made port 4 on the MS220 an access port, assigned it to the VLAN (VLAN 2) you’d created, and then plugged it into the Cisco switch, and that you have a trunk between the MX and the MS220. This would be providing IP addresses to the wired equipment and so they’d be working.

 

What you need to do to get the SSID working is first get a trunk between the access points and the switches. If the MR connects to the MS then all you should need to do is change the port configuration on the MS to be a trunk and set the native VLAN to match whatever the access port VLAN is at the moment (VLAN 1) - assuming it’s currently configured as an access port. If it’s already a trunk port just make sure it is allowing all VLANs.

 

Once that is done configure a SSID, set the IP addressing to bridge mode, enable VLAN tagging, and then for the VLAN ID, set ‘All other APs’ to use the ID/number (VLAN 2) of the VLAN that you created on the MX for the 192.168.1.x subnet. The devices should then get a DHCP address from that subnet and be part of that VLAN.

 

That’s the basics of setting it up, hope it’s not too hard to follow and feel free to post any more questions.

 

EDIT: just updated the post with the VLAN numbers that you’ve included in your subsequent post - Hope it helps.

Hi @Bruce / Kind of a big deal

 

Your assumptions are correct: 

New vLAN 192.168.1.0/24 created on MX64 and given ID of 2 and DHCP server enabled.

Port 4 on MS220 is Access port assigned vLAN 2 (above) - Cisco switch plugged in here. 

Port 8 on MS220 is Trunk port connecting to MX64 Port 1 Trunk with has native vLAN 1 assigned.

 

My switch ports 1/2/3 where the APs are connecting were set to access with vLAN 1. I've now changed these to trunk with vLAN 1 which appears as "native 1" and ensured "Allowed vLANs" is set to all.

 

I've got to my SSID which is already in Bridge Mode, enabled vLAN tagging for "All other APs" and assigned this to vLAN 2. 

 

I've now connected my laptop to the WiFi, I've been assigned an address in the 192.168.1.X range and I can connect to all my music components. 

 

@Bruce Thanks so much. It seems far simpler now it's written out and configured and I was missing key aspects around the trunking between the MX & MS which you've helped me identify and make sense of. Much appreciated. 

Bruce
Kind of a big deal

@rossmeraki glad you got it working - always good to see the simplicity of the Meraki kit in action 😀

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels