Configuring 802.1q trunk between UniFi AP and Juniper EX switch

Problem:

After configuring 802.1q VLAN trunking on port, according to UniFi Wireless Controller, AP is now in Disconnected or Adoption Failed state.

Diagnosis:

Tap the traffic (e.g. using port reflector). UniFi AP expects no VLAN tagging on native VLAN, tagged packets on management interface will get discarded. If you’ve a lot of DHCP Discover and DHCP Offer packets but no DHCP Request packets, check if your native VLAN packets are not tagged.

Running show ethernet-switching interfaces will probably describe default VLAN as tagged and untagged at the same time:

Interface    State  VLAN members        Tag   Tagging  Blocking 
ge-0/0/1.0        up     default             1     untagged unblocked
                    VLAN2               2   tagged   unblocked
                    VLAN3               3   tagged   unblocked
                    VLAN4               4   tagged   unblocked
                    default             1     tagged   unblocked

Solution:

802.1q VLAN members definition must not contain default VLAN, so ingress and egress packets in will not need and will not be tagged.

ge-0/0/1.0 {
    unit 0 {
        family ethernet-switching {
            port-mode trunk;
            vlan {
                members 2-4;
            }
            native-vlan-id default;
        }
    }
}
 
13
Kudos
 
13
Kudos

Now read this

Atlassian Crowd authentication for OpenVPN

In whichever IT company you work, whatever its size and whatever its form is at some point in time requirement to extend a private network over public network will appear. If you are Windows-guy (or gal, of course) in... Continue →