Meraki Community

MauroF

Issue: my MR33 dont get an IP or sometimens they get it properly and afetr 30 sec htey get 1.1.1.1

Topology: Fortigate ---> switch----> AP

Considering that i have a native vlan 3 (configured on my Fortigate L3) and my switch ports configuration are TRUNK,native vlan 3,tagged all. All the vlan are correctly configured everywhere i dont know what the issue is.

But...if i change to config in the switch ....configuring native vlan 1 instead of 3, they get an IP.

ideas?

rwiesmann

Did you try a factory reset of the AP?

I would start with that.

https://documentation.meraki.com/General_Administration/Support/Resetting_Cisco_Meraki_Devices_to_Fa....

Also check the DHCP setting...is the GW the right one and reachable.

alemabrahao

What about the port on the Fortigate is configured as trunk and native VLAN 3?

Remember that on the AP side, the management interface must be without VLAN tagging, that is, you must leave the value as Zero.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

MauroF

The issue is that the switch Meraki even if i configured the vlan3 as native(management) on the switches..still have the vlan 1 as native bx default.. so the interface connected to a Ap see traffic not-tagged arriving from the fortigate and since the vlan native is 1 (default) it associated as it.What a shenanigan!

rhbirkelund

On the Switch Settings page, try setting the Management VLAN to 3, keep the switch uplink to Fortigate as native vlan 3, and ensure that on the Fortigate side, the native vlan is set to 3.

Unless configured otherwise, the AP will always pull a management IP address in whatever vlan is configured as native on the switchport that is connects to.

If you want your Meraki Switches to have management in VLAN 3, and the APs in VLAN 1, configure the Fortigate port to be native 3, allowed all.

Switch uplink to Fortigate to be nateive vlan 3 and allowed all.

Switch downlink port to AP,to be native vlan 1, allowed all.

Make sure all ip configuration is cleared from the individual IP address configuration on each device.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

Brash

As you identified, the management vlan is different from the default vlan (or switch-wide native vlan).

Your original issue sounds like it's because with all of the native tagging, the packets being sent to your AP are having their vlan tag stripped and are therefore arriving untagged whilst the AP is expecting tagged packets.

You'll need to find where is the most logical place to tag traffic (using switch port native vlans or management vlans & SSID tagging).

MauroF

You are right but....if teh fortigate has a network untugged and the switch interface has a vlan 3 as native...it works....but AP side...if i set nativa vlan 3,trunk all.. doesnt work.

it works when i use vlan 1 as native on the switch interface towards the AP

MauroF

doesnt make lot of sense to be honest

Meraki Community

Issue with my MR33

Issue with my MR33