APs connecting on one port-based VLAN but not another

Solved
DC5
Conversationalist

APs connecting on one port-based VLAN but not another

We use one VLAN for data and a second for WiFi, as we operate a guest WiFi.

 

Our data VLAN uses one DHCP scope, and our WiFi VLAN uses another.

 

Recently my APs stopped connecting to cloud when on the WiFi VLAN.

 

As far as I can research, no changes were made to the VLAN.

 

When I put them on the data VLAN as a test, they do connect to Cloud and obtain a DHCP IP properly.

 

I can also create a reservation on the WiFi DHCP and assign the APs a matching Static entry in Dashboard, and this works most of the time. Some APs have required me to go through these steps several times to connect.

 

I'd like to find out if anyone has had the same issue before, and what the solution was.

 

Thank you.

1 Accepted Solution
DC5
Conversationalist

The solution ended up not being Meraki-related, but I'd like to include it in case anyone in the future comes looking for help:

 

Temporarily, to get the APs to communicate on the proper VLAN and DHCP scope, I set up DHCP reservations and then assigned a static IP in Meraki Dashboard to each AP matching the reservation. I was then able to untag the ports with the proper VLAN and have it all work. This gave me a working network while I figured out the actual cause.

When I plugged in a laptop to a port on the WiFi VLAN, I got a 10.x.x.x/8 address with a gateway of 10.128.128.128. This is a Meraki Cloud DHCP, so this indicated that the VLAN was not communicating at all with the DHCP it was supposed to be. Said DHCP server is offsite; the culprit ended up being the DHCP relay in our firewall. Once I rebooted that and made sure that the switch the firewall was wired to had OSPF "redistribute connected. restrict [our DHCP IP and subnet mask]" and VLAN [WiFi] IP address [Our DHCP IP and subnet mask], I was able to remove the DHCP reservations and set the APs back to DHCP in Meraki Dashboard.

 

Hopefully this helps some folks in the future, and thanks everyone who replied for your suggestions! The key troubleshoot that led to the breakthrough was the suggestion of using a laptop to connect to the VLAN/DHCP.

View solution in original post

7 Replies 7
RWelch
A model citizen

What Meraki devices are you working with?  MX and MRs only?  MS in the equation?

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
DC5
Conversationalist

Sorry, no, I am working strictly with MR42s and MR44s.

PhilipDAth
Kind of a big deal
Kind of a big deal

If you configure a switch port as an access port in the guest VLAN, and plug in a notebook, can it get to the Internet?

DC5
Conversationalist

I was finally back in office physically and did this. The notebook pulled a 10.x.x.x/8 address with a gateway of 10.128.128.128. The DHCP setup for this VLAN is 192.168.x.x/22.

KFoster
Here to help

Since it sounds like you validated the AP is functional (at least from a usability standpoint), it does imply an underlying issue with the other VLAN. I would suggest as @PhilipDAth  also suggested, and configure an access port for a laptop and dig-in as needed! 

yaypingworks
Here to help

If you can't connect by plugging in a computer into an access port set to the guest VLAN, check that all trunk ports are allowing the guest VLAN (ap trunk port, switch trunks, router port)

DC5
Conversationalist

The solution ended up not being Meraki-related, but I'd like to include it in case anyone in the future comes looking for help:

 

Temporarily, to get the APs to communicate on the proper VLAN and DHCP scope, I set up DHCP reservations and then assigned a static IP in Meraki Dashboard to each AP matching the reservation. I was then able to untag the ports with the proper VLAN and have it all work. This gave me a working network while I figured out the actual cause.

When I plugged in a laptop to a port on the WiFi VLAN, I got a 10.x.x.x/8 address with a gateway of 10.128.128.128. This is a Meraki Cloud DHCP, so this indicated that the VLAN was not communicating at all with the DHCP it was supposed to be. Said DHCP server is offsite; the culprit ended up being the DHCP relay in our firewall. Once I rebooted that and made sure that the switch the firewall was wired to had OSPF "redistribute connected. restrict [our DHCP IP and subnet mask]" and VLAN [WiFi] IP address [Our DHCP IP and subnet mask], I was able to remove the DHCP reservations and set the APs back to DHCP in Meraki Dashboard.

 

Hopefully this helps some folks in the future, and thanks everyone who replied for your suggestions! The key troubleshoot that led to the breakthrough was the suggestion of using a laptop to connect to the VLAN/DHCP.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels