Solved

Howto bridge wireless HWIC to FE0/0 like an access point?

Posted on 2007-11-28
15
661 Views
Last Modified: 2013-11-09
I have a Cisco 1841 with WIC-1DSU-T1 and HWIC-AP in slot 0 and 1 respectively. I can handel the T1 config, but I'm trying to get the HWIC-AP to act as an access point as if it were part of the subnet behind FE0/0. Can someone help?
sh run
Building configuration...
 
Current configuration : 4832 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname C1841
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
enable secret 5 $1$6YeQ$vtPjCcJaDlCJR.sfVwT3m1
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local 
!
!
aaa session-id common
!
dot11 ssid MMFS
   vlan 36
   authentication open 
   guest-mode
!
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.36.1 192.168.36.99
ip dhcp excluded-address 192.168.36.110 192.168.36.254
!
ip dhcp pool 36_DHCP
   import all
   network 192.168.36.0 255.255.255.0
   dns-server 151.164.1.8 151.164.1.7 
   default-router 192.168.36.1 
!
!
no ip bootp server
!
multilink bundle-name authenticated
! 
!
!
crypto pki trustpoint TP-self-signed-1328172832
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1328172832
 revocation-check none
 rsakeypair TP-self-signed-1328172832
!
!
crypto pki certificate chain TP-self-signed-1328172832
 certificate self-signed 01
  3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 31333238 31373238 3332301E 170D3037 31313239 30323035 
  30355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33323831 
  37323833 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100B490 081288EF 16A15A37 5130004A DA1124A3 74497593 0E5E2F3E 6DA3F08C 
  1FFD7C13 3F3604D7 FEB957A8 6E1FA44F BF48870C 549B2D6C 685F0E79 0A24F7B8 
  F608A0C6 2D2E112E 78E3DFB5 B806ED0D 10AB01EA 6BFDF7A0 DF44201B 950234A7 
  ECE0601C 1D580068 D88E9136 BAF59957 20371DC0 1B98B5E7 BC47D905 C7FDB912 
  36E50203 010001A3 65306330 0F060355 1D130101 FF040530 030101FF 30100603 
  551D1104 09300782 05433138 3431301F 0603551D 23041830 1680142C B7A0E5FF 
  5FB32DCC 70733604 7A10EC5E 3841FF30 1D060355 1D0E0416 04142CB7 A0E5FF5F 
  B32DCC70 7336047A 10EC5E38 41FF300D 06092A86 4886F70D 01010405 00038181 
  00841E8B 40AB9785 9AB0AA19 3400183B 176804A5 0D201275 26756293 85E767D5 
  042F967C BAC8C78C 587E5F83 DFAECDAD A46DBF12 3613780F EDBADFEA 17699331 
  520EA48D A610E7BA 6BD290D5 5B348706 20F40AB7 4D2563C0 E7D31A0E 0D4C08E0 
  2A977FF4 A656E083 E000F3FD 4826FBC4 94625D3E 3BC37EAE 0FE921CD 540DF88A
!
!
username msnyder privilege 15 password 7 011F09164912010633401E504B53
archive
 log config
  hidekeys
!
!
ip tcp synwait-time 10
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0/0
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$FW_INSIDE$
 ip address 192.168.36.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
 duplex auto
 speed auto
 no mop enabled
!
interface Serial0/0/0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
!
interface Dot11Radio0/1/0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 !
 encryption vlan 36 key 1 size 128bit 7 D06E0F9E30C129A044FB3526DD66 transmit-key
 encryption vlan 36 mode wep mandatory 
 !
 ssid MMFS
 !
 speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
 station-role root
 world-mode dot11d country US both
!
interface Dot11Radio0/1/0.36
 encapsulation dot1Q 36
 no cdp enable
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 192.168.36.0 0.0.0.255
no cdp run
!
!
!
!
control-plane
!
!
line con 0
 login authentication local_authen
 transport output telnet
line aux 0
 login authentication local_authen
 transport output telnet
line vty 0 4
 access-class 23 in
 privilege level 15
 authorization exec local_author
 login authentication local_authen
 transport input ssh
line vty 5 15
 access-class 23 in
 privilege level 15
 authorization exec local_author
 login authentication local_authen
 transport input ssh
!
scheduler allocate 20000 1000
 
!
webvpn cef
end

Open in new window

0
Comment
Question by:Uber_ms
  • 9
  • 6
15 Comments
 
LVL 15

Expert Comment

by:wingatesl
ID: 20370943
Give this a try

bridge irb
int fa 0/1
bridge-group 1
exit
bridge 1 protocol ieee
bridge 1 route ip


0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20370961
To elaborate a little
inside an interface all you have to do is specify the bridge group.
Then enable integrated routing and bridging and set the bridging modes
0
 
LVL 1

Author Comment

by:Uber_ms
ID: 20371073
I changed the interface to fa0/0 and I'm able to associate with my mac, but not on my pc. Although my mac does not pull an IP from the DHCP pool. Any suggestions?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 15

Expert Comment

by:wingatesl
ID: 20371082
Does the PC connect and not get DHCP? or just not connect at all?
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20371097
You need to remove the wireless VLAN you are bridging it to your internal LAN not routing between the two
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20371129
no interface Dot11Radio0/1/0.36
interface Dot11Radio0/1/0
  bridge-group 1
no encryption vlan 36 key 1 size 128bit 7 D06E0F9E30C129A044FB3526DD66 transmit-key
no encryption vlan 36 mode wep mandatory
encryption  key 1 size 128bit 7 D06E0F9E30C129A044FB3526DD66 transmit-key
encryption  mode wep mandatory

0
 
LVL 1

Author Comment

by:Uber_ms
ID: 20371197
PC doesn't connect at all...
0
 
LVL 1

Author Comment

by:Uber_ms
ID: 20371247
Made that change; mac still doesn't pull an IP from DHCP, PC still doesn't connect at all.
sh run
Building configuration...
 
Current configuration : 4902 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname C1841
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
enable secret 5 $1$6YeQ$vtPjCcJaDlCJR.sfVwT3m1
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local 
!
!
aaa session-id common
!
dot11 ssid MMFS
   vlan 1
   authentication open 
   guest-mode
!
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.36.1 192.168.36.99
ip dhcp excluded-address 192.168.36.110 192.168.36.254
!
ip dhcp pool 36_DHCP
   import all
    network 192.168.36.0 255.255.255.0
   dns-server 151.164.1.8 151.164.1.7 
   default-router 192.168.36.1 
!
!
no ip bootp server
!
multilink bundle-name authenticated
! 
!
!
crypto pki trustpoint TP-self-signed-1328172832
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1328172832
 revocation-check none
 rsakeypair TP-self-signed-1328172832
!
!
crypto pki certificate chain TP-self-signed-1328172832
 certificate self-signed 01
  3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 31333238 31373238 3332301E 170D3037 31313239 30333330 
  32355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33323831 
  37323833 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100B490 081288EF 16A15A37 5130004A DA1124A3 74497593 0E5E2F3E 6DA3F08C 
  1FFD7C13 3F3604D7 FEB957A8 6E1FA44F BF48870C 549B2D6C 685F0E79 0A24F7B8 
  F608A0C6 2D2E112E 78E3DFB5 B806ED0D 10AB01EA 6BFDF7A0 DF44201B 950234A7 
  ECE0601C 1D580068 D88E9136 BAF59957 20371DC0 1B98B5E7 BC47D905 C7FDB912 
  36E50203 010001A3 65306330 0F060355 1D130101 FF040530 030101FF 30100603 
  551D1104 09300782 05433138 3431301F 0603551D 23041830 1680142C B7A0E5FF 
  5FB32DCC 70733604 7A10EC5E 3841FF30 1D060355 1D0E0416 04142CB7 A0E5FF5F 
  B32DCC70 7336047A 10EC5E38 41FF300D 06092A86 4886F70D 01010405 00038181 
  0099BA29 3511BEDE 33E1E4F9 8B28E413 5F78C313 C24BFF4F F2572B3F 61DC219F 
  6C160870 ECD01A28 153FCF6D 3F451742 417844B2 2FE9589B 852E163D B0DD4198 
  921C381A 3ADD44F9 8F8E4957 ED9E7E2F 95BE774E 453CC5A9 44E3AE28 448E2559 
  6298702A 79746238 47FFE601 B11C1C95 39CA7CAB 4E8FE58D E51A2576 5E5A1E3E 35
  	quit
!
!
username msnyder privilege 15 password 7 011F09164912010633401E504B53
archive
 log config
  hidekeys
!
!
ip tcp synwait-time 10
bridge irb
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0/0
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$$FW_INSIDE$
 ip address 192.168.36.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 duplex auto
 speed auto
 no mop enabled
 bridge-group 1
!
interface FastEthernet0/1
 no ip address
  no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
 duplex auto
 speed auto
 no mop enabled
!
interface Serial0/0/0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
!
interface Dot11Radio0/1/0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 !
 encryption vlan 1 key 1 size 128bit 7 F06E0F9E30C129A044FB3526DD66 transmit-key
 encryption vlan 1 mode wep mandatory 
 !
 ssid MMFS
 !
 speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
 station-role root
 world-mode dot11d country US both
!
interface Dot11Radio0/1/0.1
 encapsulation dot1Q 1 native
 no cdp enable
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 192.168.36.0 0.0.0.255
no cdp run
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
 login authentication local_authen
 transport output telnet
line aux 0
 login authentication local_authen
 transport output telnet
 line vty 0 4
 access-class 23 in
 privilege level 15
 authorization exec local_author
 login authentication local_authen
 transport input ssh
line vty 5 15
 access-class 23 in
 privilege level 15
 authorization exec local_author
 login authentication local_authen
 transport input ssh
!
scheduler allocate 20000 1000
 
!
webvpn cef
end

Open in new window

0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20371249
and we need to remove the VLAN from here
dot11 ssid MMFS
 no  vlan 36
 vlan 1
0
 
LVL 1

Author Comment

by:Uber_ms
ID: 20371265
Did that already...
0
 
LVL 15

Accepted Solution

by:
wingatesl earned 500 total points
ID: 20371274
If you are connecting through a console cable try this
int fa 0/0
no ip address 192.168.36.1 255.255.255.0
int bvi 1
ip address 192.168.36.1 255.255.255.0

0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20371278
and can you post the output of show bridge verbose
0
 
LVL 1

Author Comment

by:Uber_ms
ID: 20371312
After:

int fa 0/0
no ip address 192.168.36.1 255.255.255.0
int bvi 1
ip address 192.168.36.1 255.255.255.0

I connect and pull an IP with mac, PC still doesn't connect at all.
0
 
LVL 1

Author Comment

by:Uber_ms
ID: 20371331
Okay, I'm an idiot. I had the wireless hardwar switch turned off on my PC. Sorry...

Working now, thanks for the help.
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20371340
no problem
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now