- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Issue with my MR33
Issue: my MR33 dont get an IP or sometimens they get it properly and afetr 30 sec htey get 1.1.1.1
Topology: Fortigate ---> switch----> AP
Considering that i have a native vlan 3 (configured on my Fortigate L3) and my switch ports configuration are TRUNK,native vlan 3,tagged all. All the vlan are correctly configured everywhere i dont know what the issue is.
But...if i change to config in the switch ....configuring native vlan 1 instead of 3, they get an IP.
ideas?
Solved! Go to solution.
- Labels:
-
Installation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi MauroF,
Just clarifying the statements above on this post in relation to VLAN tagging for the management traffic of MR APs.
If setting the VLAN on the MR, ensure that this VLAN does not match the native VLAN on the switch port (this would be a case of double tagging and cause the MR issues).
If setting the management VLAN for the MR via the native VLAN on the switch port, ensure the VLAN section is blank when setting the MR LAN IP to DHCP within dashboard.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you try a factory reset of the AP?
I would start with that.
Also check the DHCP setting...is the GW the right one and reachable.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The issue is that the switch Meraki even if i configured the vlan3 as native(management) on the switches..still have the vlan 1 as native bx default.. so the interface connected to a Ap see traffic not-tagged arriving from the fortigate and since the vlan native is 1 (default) it associated as it.What a shenanigan!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On the Switch Settings page, try setting the Management VLAN to 3, keep the switch uplink to Fortigate as native vlan 3, and ensure that on the Fortigate side, the native vlan is set to 3.
Unless configured otherwise, the AP will always pull a management IP address in whatever vlan is configured as native on the switchport that is connects to.
If you want your Meraki Switches to have management in VLAN 3, and the APs in VLAN 1, configure the Fortigate port to be native 3, allowed all.
Switch uplink to Fortigate to be nateive vlan 3 and allowed all.
Switch downlink port to AP,to be native vlan 1, allowed all.
Make sure all ip configuration is cleared from the individual IP address configuration on each device.
Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂
All code examples are provided as is. Responsibility for Code execution lies solely your own.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As you identified, the management vlan is different from the default vlan (or switch-wide native vlan).
Your original issue sounds like it's because with all of the native tagging, the packets being sent to your AP are having their vlan tag stripped and are therefore arriving untagged whilst the AP is expecting tagged packets.
You'll need to find where is the most logical place to tag traffic (using switch port native vlans or management vlans & SSID tagging).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You are right but....if teh fortigate has a network untugged and the switch interface has a vlan 3 as native...it works....but AP side...if i set nativa vlan 3,trunk all.. doesnt work.
it works when i use vlan 1 as native on the switch interface towards the AP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
doesnt make lot of sense to be honest
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi MauroF,
Just clarifying the statements above on this post in relation to VLAN tagging for the management traffic of MR APs.
If setting the VLAN on the MR, ensure that this VLAN does not match the native VLAN on the switch port (this would be a case of double tagging and cause the MR issues).
If setting the management VLAN for the MR via the native VLAN on the switch port, ensure the VLAN section is blank when setting the MR LAN IP to DHCP within dashboard.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is the solution!Thanks!