I am used to setting a switch port to trunk mode with a native VLAN assigned, then allowing VLANs as required that are assigned per SSID on the AP. I am having a hard time grasping how that is done in the Alta switch. I see where I can assign a native VLAN, but I don’t see where I can manage whether the port is either access or trunk, and the selection of VLANs allowed on a port is ALL, Default or None. Am I missing something? Normally the only time I use an access port with an AP is when it uses CAPWAP tunneling to manage the AP. Are the Alta APs doing Q in Q, or some other magic?
Thanks,
The VLAN configuration per-port has two main settings: Native VLAN and Allowed VLANs.
The Native VLAN is the VLAN tag that will be used if the ingress traffic coming into that port is not tagged. Also, if there is egress traffic from another port on the switch that is destined for that native VLAN, it will be forwarded to that port with the VLAN tag removed.
The Allowed VLANs determines what VLANs can come in/out of the port. Anything that is not the native VLAN will be tagged. The setting of “All” will allow all configured VLANs (i.e. everything populated in the list of any particular switch in the site, as shown in this image):
Typically I either recommend using VLAN1 as the management VLAN for all devices, and then creating VLANs for WiFi Access that are also allowed VLANs on every port that APs are connected to. You can also do something very similar if you use something other than VLAN1 as the management VLAN; just make sure that the AP is manageable on that VLAN, and make sure that any SSID VLANs are allowed VLANS on the ports the APs are connected to.
Please let me know if you have any other questions about this!
-Jeff
Part (or all?) of my problem is; I have my VLANs configured on my Fortinet switches, via the Fortigate Wireless and Switch controller. The VLANs aren’t passing through when assigned on the Alta APs (via the SSID), so I am thinking I will have to set them up on the Alta switch as well so the APs can actually pass the VLAN tags and have the switch understand where to send them. Not sure if that makes sense the way I typed it, but it does in my head. lol!
Yes, I think that’s the problem. The VLANs need to be defined under any one of the Alta switches first in order for them to be switchable throughout the Alta wired/wireless devices. There is no automatic trunking that occurs, though this feature may become available for the S24 model at some point, but you would still need to define certain ports as trunks.
-Jeff
1 Like
