If I set a management VLAN, say 30 in the SM while configuring it, and the default port VID is something else, say 20, and my laptop has no vlan to it...
Shouldn't I lose access to the SM until I set my vlan in my laptop (or default plug it)?
Because I just did that, and I can still access the radio. I just defaulted to factory and tried it again with nothing but just a management and port vid. I'm certain that when I configured VLAN's for radios in the past I always lost access as I would expect, but it has been a while for me. Is this a feature of not being connected to an AP? Not having a management IP address other than 169.254.1.1? Or some other setting that I've missed?
You are correct. Please test the same settings when the SM is associated to the AP. The SM will have no clue to manage VLAN untill it is associated to the AP. Please associate the SM to the AP and try these settings and you would not be able to access the SM.
Thank you Vivek. That's actually a nice feature I suppose.
Is this a new thing from a couple versions ago? Or has this been the case since Canopy added VLAN functionality once upon a time? Like I say, it's been a while for me.
Side note, it might be something to add as a sidebar in the user guide (or a mouse-over pop up in the user interface) as I didn't spot any of this!
Edit: Another thought, just to be clear, are the VLAN settings simply ignored by the SM and it gets whatever is set in the AP? Or it just doesn't activate the management settings until it is registered to the AP? (Definitely something that ought to be alerting us in the web interface imho.) Thanks, and sorry, the hardware is now all shipped to our different minions so I can't personally test this for some time.
Sorry to resurrect this old topic, but its there a way to have the Field tech still access the SM once it’s associated to the AP without having to drop their laptop into the management vlan?
Alteratively If you have the Default alternative LAN1 IP address enable on the SM and the default port VID is set to a VID other than 1, the SM will still be accessible at the IP of 169.254.1.1.
Does this mean if I enable the alternative lan1 IP I can access the SM without having to tag the vlan on the laptop plugged into the SM?
yes!
use a vlan aware laptop or place a vlan aware switch with the correct vlan set to trunk on one port ( the radio connection) and access on another (connect laptop here) then use the local ip that the client gets if its NAT’d or 169.254.1.1 if its not. You can also set another port to access the client side vlan so you can simply move the laptop connection as needed.
Other than that, use a VPN to the management network and connect to the AP and SM that way.