Assistance with router on a stick with wireless LAN controller 2

[ABOzIT]

I'm trying to configure a router (Cisco 2821) on a stick (of sorts) to utilise the integratd WLAN controller. I'm not using the router for any other purpose as the switch is doing all the layer 3 stuff.

I have configured the VLAN's and inter-vlan routing on both switch and router and can ping the interfaces from both directions. The wireless LAN controller interface has been configured and can also ping from both directions.

The problems start when I configure the management and AP manager interfaces on the controller. I cannot ping these interfaces from the switch. The following configs have been applied.

[COLOR=red yellow]Switch[/color]

interface FastEthernet0/1
 description Link to wireless router
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 400
 switchport mode trunk
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 description Management
 ip address 10.128.0.1 255.255.255.0
!
interface Vlan200
 description Grd Flr Data vlan
 ip address 10.128.10.1 255.255.255.0
!
interface Vlan400
 description Wireless vlan
 ip address 10.128.6.1 255.255.255.0

[COLOR=red yellow]Router[/color]

interface GigabitEthernet0/0
 description Link to switch
 no ip address
 no ip route-cache
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.2
 encapsulation dot1Q 2
 ip address 10.128.0.9 255.255.255.0
 no ip route-cache
!
interface GigabitEthernet0/0.200
 encapsulation dot1Q 200
 ip address 10.128.10.9 255.255.255.0
 no ip route-cache
!
interface GigabitEthernet0/0.400
 encapsulation dot1Q 400 native
 ip address 10.128.6.9 255.255.255.0
 no ip route-cache
!
interface wlan-controller1/0
 ip address 10.128.6.10 155.255.255.0
 no ip route-cache
!
ip default-gateway 10.128.6.1

[COLOR=red yellow]WLAN Controller[/color]

Interface Name... ap-manager
IP Address....... 10.128.6.12
IP Netmask....... 255.255.255.0
IP Gateway....... 10.147.6.10
VLAN............. untagged  

Interface Name....management
IP Address........10.128.6.11
IP Netmask........255.255.255.0
IP Gateway........10.147.6.10
VLAN..............untagged

So.....from the switch I can ping 10.128.6.9 and 10.128.6.10 but cannot ping 11 & 12.

I can ping 10.128.6.1 from the router which I have set as the default gateway.

Any assistance would be greatly appreciated as I'm a little but stumped.

Thanks!

 

[VinceWhirlwind]

If you have both router AND switch configured with IP routing, then you SHOULD NOT be trunking all the switch VLANs over to the router. It's both confusing and poor design.

The router and switch are both routing, therefore the VLANs should terminate on the switch, with a separate subnet providing the L3 transit to the router.

 

[vipergg]

Your ip gateway for the ap-manager and the management address should be 10.128.6.10 not 10.147.6.10 . That is the layer 3 interface in the router that does the routing .

 

[ABOzIT]

Thanks guys!.......the default gateway for the WLAN controller was a typo. My apologies for the bad info.

I've taken VinceWirlwind's advice and now have the following config.

[COLOR=red yellow]Router[/color]

no ip routing
!
interface GigabitEthernet0/0
 ip address 10.128.5.2 255.255.255.0
 no ip route-cache
 duplex auto
 speed auto
!
interface wlan-controller1/0
 ip address 10.128.6.1 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.128.5.1

[COLOR=red yellow]Switch[/color]

interface FastEthernet0/1
 description Link to wireless router
 no switchport
 ip address 10.128.5.1 255.255.255.0
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 description Management
 ip address 10.128.0.1 255.255.255.0
!
interface Vlan10
 description L2/L3 Backbone vlan
 ip address 10.128.1.1 255.255.255.252
!
interface Vlan100
 description Server vlan
 ip address 10.128.3.1 255.255.255.0
!
interface Vlan200
 description Grd Flr Data vlan
 ip address 10.128.10.1 255.255.255.0
!
interface Vlan300
 description Gnd Flr Voice vlan
 ip address 10.128.11.1 255.255.255.0
!
ip route 10.128.6.0 255.255.255.0 10.128.5.2

[COLOR=red yellow]Controller[/color]

Interface Name............ap-manager
IP Address................10.128.6.3
IP Netmask................255.255.255.0
IP Gateway................10.128.6.1
VLAN......................untagged  

Interface Name............management
IP Address................10.128.6.2
IP Netmask................255.255.255.0
IP Gateway................10.128.6.1
VLAN......................untagged

From the router I can ping the 10.128.5.1 gateway and all the other VLAN interfaces. I can also ping the wlan1/0 address and the two controller addresses 10.128.6.2 & 3

From the switch I can ping the wlan1/0 address but still cannot ping the management and ap-manager IP's.

Any more thoughts? I appreciate your posts.

Cheers!

 

[VinceWhirlwind]

Does the "Controller" need routes back to the subnets that are on the switches?

 

[VinceWhirlwind]

I guess not, the default GW should sort it out.

 

[ABOzIT]

Yeah, this was my original train of thought but as you said the default gateway is the key.

The router should know how to get to it's "connected" interfaces so I really have no idea why this is not working.

Thanks for posting!

 

[vipergg]

Turn on ip routing on the router and instead of a default gateway use a default static route 0.0.0.0 0.0.0.0 10.128.5.1 .

 

[ABOzIT]

Thanks guys....that's resolved it.

vipergg - I'd really like to know the reasons why your suggestion worked if you have time.

In the meantime, have a star each!

Cheers!