How to configure auto provision with access point connected to switch trunk

  • 1
  • Question
  • Updated 4 years ago
Hi, We have a lot of AP230s that I would like to automatically configure with auto provision. The network ports are configured as trunk ports on Juniper switches. Is there a way to do this or do the ports have to be configured for Static Access. I'm trying to understand how the AP will pull an IP without knowing what VLAN to connect to at boot time.

Photo of mdparker04


  • 11 Posts
  • 4 Reply Likes

Posted 4 years ago

  • 1
Photo of J. Goodnough

J. Goodnough, Champ

  • 266 Posts
  • 32 Reply Likes
You're going to need the ability to set an untagged VLAN for the AP management network.
Photo of BJ

BJ, Champ

  • 374 Posts
  • 45 Reply Likes
...Or temporarily set the default vlan on the switch to your management vlan, thus as J. was saying, the untagged traffic would traverse your vlan trunk. Make sure to remove the default vlan statement after your APs receive their config and reboot.   
Photo of J. Goodnough

J. Goodnough, Champ

  • 266 Posts
  • 32 Reply Likes
yeah, that's a possible solution as well. My switches are easy to configure hybrid ports on, so that's the route I take.
Photo of Eastman Rivai

Eastman Rivai, Official Rep

  • 146 Posts
  • 17 Reply Likes
By default the AP will communicate with an access port or an untagged VLAN if it is a trunk port. If you are planning to tag the AP management traffic, you may do the above suggestions. For example, you may assign a VLAN as the native VLAN in your trunk configuration, let say VLAN 10 and you want the management of the AP to sit on a tag VLAN after provisioning, let say VLAN 20. What you need to do is to enable VLAN 10, 20 and any other VLANs that are required by the WLANs on the switch trunk port.

On the network policy that will be assigned to the auto provisioning, you will need to assign VLAN 20 as the management and 10 as native.

It does not have to be 10, but if you would like to keep the VLAN 10 as the native VLAN on the switch trunk configuration the you will use 10. My suggestion is to keep it so it will be easy for you whenever you need to replace the AP or provision new ports for new AP. 

provisioning steps:
AP contacts HM through VLAN 10
HM push the network policy to the AP
AP reboots
AP connects to HM through VLAN 20 (new management VLAN)

Sample of switch configuration:
switchport trunk allowed  vlan 10, 20, 30, 40
switchport trunk native vlan 10

vlan 10 name temp-ap-mgt
vlan 20 name ap-mgt

I hope this answers your question.