Cisco

Name Description Why does it have a separate network? VLAN ID IP Address Server
TRANSIT OPNsense and core switch Simplify OPNsense/network configuration 96 192.168.96.0/24  
CAPWAP Access points and Cisco WLC Traffic segregation 98 192.168.98.0/24  
MANAGEMENT Management interfaces Limit access to management interfaces 99 192.168.99.0/24  
PRODUCTION Production servers   100 192.168.100.0/24  
SAND-PIT General WIFI VLAN User local area network 101 192.168.101.0/24  
RUG-RATS Kids WIFI VLAN Content blocking 102 192.168.102.0/24  
NFS Network file system Limit access to NFS 103 192.168.103.0/24  
CAST-NET Printers, media players, and voice assistants Device containment 104 192.168.104.0/24  
SPY-WARE Security cameras Limit access to cameras 105 192.168.105.0/24  
HOME-LAB Stuff Traffic segregation and device containment 106 192.168.106.0/24  
LOL-CATS Home automation Traffic segregation and device containment 107 192.168.107.0/24  
ONLY-FAN Guest network User/device containment 108 192.168.108.0/24  
Name Description Why does it have a separate network? VLAN ID IP Address Server
OOB-MGMT Out-of-band management   8 192.168.8.0/24 N/A
WAP-MGMT Wireless management VLAN Traffic segregation 98 192.168.98.0/24 Cisco 3650
INB-MGMT Infrastructure and in-band management   99 192.168.99.0/24 N/A
WIRED-IN Access ‘data VLAN’ for end devices   100 192.168.100.0/24 Upstream device
SAND-PIT General Wireless clients User local area network 101 192.168.101.0/24 Upstream device
RUG-RATS Kids Wireless clients Content blocking 102 192.168.102.0/24 Upstream device
LOL-CATS IoT and home automation Traffic segregation and device containment 107 192.168.107.0/24  
BIG-HOLE bye   666    
IPv4 Address IPv6 Address Service
192.168.18.0   Subnet
    NTP
    DNS
    DHCP
    SMTP
    SYSLOG
    TFTP
192.168.18.255   Broadcast
IPv4 Address IPv6 Address Service
192.168.8.0   Subnet
192.168.8.8   3650-access-garage gi0/0 OOB interface
192.168.8.255   Broadcast
IPv4 Address IPv6 Address Service
192.168.99.0   Subnet
192.168.99.8   3650-access-garage vlan 99 in-band management interface
192.168.99.255   Broadcast
IPv4 Address IPv6 Address Service
192.168.96.0   Subnet
192.168.96.96   3650-access-garage default-gateway
192.168.96.255   Broadcast
3650-access-garage>enable
Password: 
3650-access-garage#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
3650-access-garage(config)#vlan 98
3650-access-garage(config-vlan)#name WAP-MGMT
3650-access-garage(config-vlan)#exit
3650-access-garage(config)#int vlan 98
3650-access-garage(config-if)#description Wireless management VLAN interface
3650-access-garage(config-if)#ip address 192.168.98.98 255.255.255.0
3650-access-garage(config-if)#no shutdown
3650-access-garage(config-if)#exit
3650-access-garage(config)#ip dhcp pool AP-VLAN98-pool
3650-access-garage(dhcp-config)#default-router 192.168.96.96
3650-access-garage(dhcp-config)#network 192.168.98.128 255.255.255.128
3650-access-garage(dhcp-config)#update arp
3650-access-garage(dhcp-config)#exit
3650-access-garage(config)#int range gi1/0/20 - 24
3650-access-garage(config-if-range)#switchport access vlan 98
3650-access-garage(config-if-range)#spanning-tree portfast
3650-access-garage(config-if-range)#no shutdown
3650-access-garage(config-if-range)#exit
3650-access-garage(config)#wireless management interface vlan 98
3650-access-garage(config)#wireless mobility controller
Mobility role changed to Mobility Controller.Please save config and reboot the whole stack.
3650-access-garage(config)#end
3650-access-garage#wr mem
Building configuration...
[OK]
3650-access-garage#reload
Reload command is being issued on Active unit, this will reload the whole stack
Proceed with reload? [confirm]

conf t int vlan 98 description Wireless management VLAN interface ip address 192.168.98.98 255.255.255.0 no shutdown exit

If this is a standalone switch and you don’t want it to go to a stack election everytime it boots, then use this:

conf t

switch 1 priority 15

end

Written on March 11, 2023