User Guide
Command Line Interface
7-128
7
VLAN Commands
The access point can enable the support of VLAN-tagged traffic passing between
wireless clients and the wired network. Up to 64 VLAN IDs can be mapped to
specific wireless clients, allowing users to remain within the same VLAN as they
move around a campus site.
When VLAN is enabled on the access point, a VLAN ID (a number between 1 and
4094) can be assigned to each client after successful authentication using IEEE
802.1X and a central RADIUS server. The user VLAN IDs must be configured on the
RADIUS server for each user authorized to access the network. If a user does not
have a configured VLAN ID, the access point assigns the user to its own configured
native VLAN ID.
Caution: When VLANs are enabled, the access point’s Ethernet port drops all received
traffic that does not include a VLAN tag. To maintain network connectivity to the
access point and wireless clients, be sure that the access point is connected to
a device port on a wired network that supports IEEE 802.1Q VLAN tags.
The VLAN commands supported by the access point are listed below.
vlan
This command enables VLANs for all traffic. Use the no form to disable VLANs.
Syntax
[no] vlan enable
Default
Disabled
Command Mode
Global Configuration
Command Description
• When VLANs are enabled, the access point tags frames received from
wireless clients with the VLAN ID configured for each client on the RADIUS
server. If the VLAN ID has not been configured for a client on the RADIUS
server, then the frames are tagged with the access point’s native VLAN ID.
Table 7-21. VLAN Commands
Command Function Mode Page
vlan Enables a single VLAN for all traffic GC 7-129
management-
vlanid
Configures the management VLAN for the access point GC 7-130
vlan-id Configures the default VLAN for the VAP interface IC-W-VAP 7-130