CommScope RUCKUS Community Forums

ryan_platt · ‎03-30-2021

Hey all,

My network currently consists of a pfsense firewall, ubiquiti 8 port switch, and an R610 AP. I've been slowly moving away from ubiquiti products and picked up an icx 6450-48p switch to replace what I have. The issue I've been having, and it's 100% because of my lack of knowledge on how to configure this switch (point goes to ubiquiti for making their GUI stupid simple), is that I'm not 100% sure how to properly setup the vlans for a single port that would connect to my AP.

I have a single LAN interface with 2 VLANs setup in pfsense (tags 43 and 63) which is plugged into port 1 of the switch. Port 48 on the switch will attach my AP w/PoE. I currently have 3 SSIDs on the AP as followed:

Main SSID - LAN
Work SSID - VLAN 43
Guest SSID - VLAN 63

Now when messing around with setting up the vlans and tagging the ports (dual-mode as well), I was able to get the AP to work properly over the VLANs (43 and 63), but was unsuccessful in getting the untagged LAN traffic working. Was I right in setting up dual mode? This seems like a very simple use case, but it's stumped me and I'm not sure where I need to go. Thanks in advance!

Here is a quick diagram that hopefully illustrates this issue more clearly

Image_ images_messages_6063b805c22d662249f804d5_a8d1cc2670a69da84e172610c57cedae_ScreenShot20210330at7.28.44PM-046af6ce-ef86-4abb-ab5c-24ad1c943a08-724097229.png

jijo_panangat · ‎03-30-2021

Hi Ryan,

How to allow Un-tagged and tagged VLAN, in a Trunk port ?

To achieve this, add desired VLANs as tagged into the interface and then use "dual-mode" command to make any of the added Tagged VLAN as Un-tagged.

Example:

User has VLAN 10 as native, VLAN 20 and 30 for wireless clients. User wants to add VLAN 10 as Un-tagged and VLAN 20,30 a tagged to switch port
ethernet 1/1/1.

To enable the dual-mode feature on port 1/1/1, enter the following commands:

Access the Brocade ICX switch-

device# enable
device(config)# vlan 10
device(config-vlan-10)# tagged ethernet 1/1/1 (This will allow VLAN 10 as tagged into interface ethernet 1/1/1)
device(config-vlan-10)# exit
device(config)# interface ethernet 1/1/1
device(config-if-e1/1/1)# dual-mode 10 (This will make VLAN 10 as Un-tagged into interface ethernet 1/1/1)
device(config-if-e1/1/1)# exit
device(config)# vlan 20
device(config-vlan-20)# tagged ethernet 1/1/1 (This will allow VLAN 20 as tagged into interface ethernet 1/1/1)
device(config-if-e1000-2/11)# exit
device(config)# vlan 30
device(config-vlan-30)# tagged ethernet 1/1/1 (This will allow VLAN 20 as tagged into interface ethernet 1/1/1)
device(config-if-e1000-2/11)# exit

=====================================

To verify the VLAN setting, use below command:

device# show vlan
Total PORT-VLAN entries: 3
Maximum PORT-VLAN entries: 16
legend: [S=Slot]
PORT-VLAN 1, Name DEFAULT-VLAN, Priority level0, Spanning tree Off
Untagged Ports: (S1) 2 3 4 5 6 7 8
Untagged Ports: (S2) 2 3 4 5 6 7 8 12 13 14 15 16 17 18 19
Untagged Ports: (S2) 20 21 22 23 24
Tagged Ports: None
Uplink Ports: None
DualMode Ports: None
PORT-VLAN 10, Name [None], Priority level0, Spanning tree Off
Untagged Ports: (S2)
Tagged Ports: None
Uplink Ports: None
DualMode Ports: (S2) 1
PORT-VLAN 20, Name [None], Priority level0, Spanning tree Off
Untagged Ports: None
Tagged Ports: (S2) 1
Uplink Ports: None
DualMode Ports: (S2)
PORT-VLAN 30, Name [None], Priority level0, Spanning tree Off
Untagged Ports: None
Tagged Ports: (S2) 1
Uplink Ports: None
DualMode Ports: (S2)

====================================

This is from our KB article, You can find the full KB at https://support.ruckuswireless.com/articles/000006352

Thanks

Jijo

CommScope RUCKUS Community Forums

ICX 6450 VLAN Help