Link between Cisco 881FW and Cisco 2960 switch

[omagico]

Had someone "help" and they moved all the cables around. I have the 881 firewall (Port 0) connected to a cisco 2960 switch (Port 24). All the other access points are connected to this switch. But only the wireless off of the cisco 881 firewall gets internet access. Even with my laptop connected to the cisco 2960 switch I get no DHCP ip address.

I have access to configure the cisco 2960 switch but I'm not sure what VLANs need to configured and if the uplink port needs to be a trunk or not.

Anyone have any ideas?

[russellhltn]

You might want to see if you can figure out how they all used to be connect. The word I got is we weren't supposed to have managed switches, so I think your setup is a bit unusual.

[omagico]

that would be great if we only had 3 access points...

Also the 881 firewall has it's ports set to half duplex. That should be fixed

[russellhltn]

that would be great if we only had 3 access points...

I've got about 5 unmanaged switches in my stake center - but those are just dumb devices. Nothing to configure. All ports are the same. It's also how I power the APs.

[omagico]

I got it fixed.

Added this command to the link between the 811fw port 0 and the cisco 2960 port fa0/24

switchport trunk allowed vlan all

[dnslynn]

I had a similar problem in my stake. The latest update of the firewall (Oct 19 in my stake) changed port 0 to a trunk port from an access port. (So, the problem was not likely from cables being shifted around. ) I had to visit 5 remote buildings to re-configure my switches. From my conversation with global support, apparently they assume buildings don't have any managed switches. I'm not sure why the switch to a trunk port on ports 0 and 1 was needed (port 2 was already a trunk port on at least two of my firewalls when we did the upgrade for FHC on port 2 last spring. I was thankful at that time that I had managed switches, because that let me do the partition without having to get extra switches just for the FHCs. Now, I'm a bit worried that future firewall updates could change ports 0 and 1 back to access ports, leaving my remote units without access once again. Is there any way those of us with managed switches could be put on a list for advance notification?

[CleggGP]

... I'm a bit worried that future firewall updates could change ports 0 and 1 back to access ports, leaving my remote units without access once again.

There are no plans to change MH firewall trunked firewall ports back to access ports.

[dnslynn]

Thanks for that assurance.

[nelsonfam]

Any Cisco managed switches connected to Meetinghouse 881/891F/1921 routers, will need to have their ports changed from "access" to a "trunk" port.

Commands:
conf t
int gi 0/1 (relevant port)
switchport mode trunk
switchport trunk encap dot1q (may be needed depending on model)