Spork Schivago
Questions about VLANs and Cisco Hardware

Does anyone have any experience with Cisco hardware, specifically WLCs, Wireless APs, and VLANs?

I took the CCNA courses, but it was a very long time ago. We didn't go over wireless technologies in the course because back then, I believe wireless was fairly new in the business sector.

To start with, I'm having some trouble understanding VLANs. I realize on Cisco hardware at least that a VLAN ID is layer 2, a VLAN interface is layer 3. I am a bit confused with VLAN tagging though.

I have a setup like this:
Cisco Router
Interface GigabitEthernet 0/0/1 <-- access port, Public Static IPv4 address

Interface Wlan-GigabitEthernet0/1/8
 Description: Internal switch interface connecting to the embedded AP
 switchport trunk native vlan 999
 switchport trunk allowed vlan 10,20,40
 switchport mode trunk


Interface VLAN 10 <-- Network Address / 24, IP address
Interface VLAN 20 <-- Network Address / 24, IP address
Interface VLAN 40 <-- Network Address / 24, IP address

Interface management <-- Untagged, IP address
Interface vlan_employees <-- Tagged VLAN 20, IP address
From the built-in WLC, I have trouble pinging the router. I read the management interface needs to be left untagged. But if it's left untagged, how does it work? The packet leaves the WLC, untagged, enters the WLan-GigabitEthernet 0/1/8 interface, and then gets tagged with VLAN 10? Or does the packet reach the GigabitEthernet 0/1/8 interface, sees that it doesn't belong to a VLAN, and the interface drop the packet?

My understanding about the native VLAN is if the packet coming into the interface is tagged with the same VLAN that is set as the native VLAN, the interface will remove the tag and forward the packet to it's destination, untagged. Is that correct?

