railit
asked on
Cisco 851w router. Unable to setup wireless. Need guidance with that. My pc is working
Cisco 851w router. Unable to setup wireless successfully. Any guidance will be helpful.
My pc is connected to the switch and it is working that way.
However, cannot connect my laptop to the wireless
My pc is connected to the switch and it is working that way.
However, cannot connect my laptop to the wireless
Okay, can you please post a config?
ASKER
Here it is:
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname losgadas
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
!
!
aaa session-id common
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
!
crypto pki trustpoint TP-self-signed-2245464727
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi cate-22454 64727
revocation-check none
rsakeypair TP-self-signed-2245464727
!
!
crypto pki certificate chain TP-self-signed-2245464727
certificate self-signed 02
30820249 308201B2 A0030201 02020102 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32323435 34363437 3237301E 170D3032 30333031 30333339
30335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32343534
36343732 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C2A6 EA04464D 47C721EE 03B05AB9 D12BD1CE F4427097 EBD63BD4 FC8E9D22
5BF90156 A1F7CB32 EDB704AC 0333C05A D4623751 1DABE0A3 36DC1753 9841CC52
AF99D537 F9C1A886 8548D525 2BD4AF58 7B7FBE08 F9ADFB94 5247CC8E 4722373B
60950ED4 88640C9A 41C27C5E 44FD47EA 209A8ECF E7AE1F19 E652BBEA B09FB969
FEBD0203 010001A3 71306F30 0F060355 1D130101 FF040530 030101FF 301C0603
551D1104 15301382 116C6F73 67616461 732E6C6F 73676164 6173301F 0603551D
23041830 168014B4 5D2C51DA 134ADAB7 6889A881 B3871DC7 97093B30 1D060355
1D0E0416 0414B45D 2C51DA13 4ADAB768 89A881B3 871DC797 093B300D 06092A86
4886F70D 01010405 00038181 001A96FA B0456BB3 D4454A84 74B9A9A1 A63FAA7D
80445885 707CC9ED AFF6CC2F 155B9E53 34350ECC 94DA847E B84368EB DE09328C
3A3CC547 9B3A831A 8E8B5A02 01673209 3BCEF15C FF8147CD 6B6B2C2E FDCFC7E6
D77A9056 D37A0C04 E32677AD DB2FC2CA 037F8789 7FF78074 EA5CF24E A8C47E77
2BA56765 817B3EEB 64B0202A 86
quit
dot11 syslog
!
dot11 ssid Cisco851W
vlan 1
authentication open
guest-mode
!
dot11 ssid Cisco851w
vlan 1
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid optional
wpa-psk ascii 0 wpa-secret
!
dot11 ssid losgadas
vlan 1
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1 10.10.10.2
!
ip dhcp pool 0
import all
network 10.10.10.0 255.255.255.240
dns-server 172.16.0.254
default-router 10.10.10.1
domain-name (mydomainname)!
ip dhcp pool Home
import all
network 192.168.1.0 255.255.255.0
default-router 172.16.0.254
lease infinite
!
!
ip cef
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip domain name (mydomainname)
ip name-server 172.16.0.254
ip dhcp-client default-router distance 1
!
!
!
username (myusername) privilege 15 password 0 (mypassword)
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly
no dot11 extension aironet
!
encryption vlan 20 mode ciphers tkip
!
ssid Cisco851W
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
channel 2437
station-role root
l2-filter bridge-group-acl
no cdp enable
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0
!
interface Dot11Radio0.20
description Guest wireless LAN - routed WLAN
encapsulation dot1Q 20
ip nat inside
ip virtual-reassembly
!
interface Vlan1
ip address 10.10.10.1 255.255.255.240
ip nat inside
ip virtual-reassembly
!
router rip
version 2
passive-interface Dot11Radio0
passive-interface Dot11Radio0.20
passive-interface FastEthernet4
passive-interface Vlan1
network 10.0.0.0
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 172.16.0.254
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.15
access-list 700 permit 0090.96ca.6a77 0000.0000.0000
access-list 700 permit 0000.0000.0000 ffff.ffff.ffff
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
banner motd ^C
************************** **********
This is a secured router. Unauthorized logins restricted.
************************** **********
^C
!
line con 0
exec-timeout 30 0
password (mypassword)
logging synchronous
no modem enable
line aux 0
line vty 0 4
privilege level 15
password (mypassword)
logging synchronous
transport input telnet ssh
!
scheduler max-task-time 5000
end
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname losgadas
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
!
!
aaa session-id common
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
!
crypto pki trustpoint TP-self-signed-2245464727
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-2245464727
!
!
crypto pki certificate chain TP-self-signed-2245464727
certificate self-signed 02
30820249 308201B2 A0030201 02020102 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32323435 34363437 3237301E 170D3032 30333031 30333339
30335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32343534
36343732 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C2A6 EA04464D 47C721EE 03B05AB9 D12BD1CE F4427097 EBD63BD4 FC8E9D22
5BF90156 A1F7CB32 EDB704AC 0333C05A D4623751 1DABE0A3 36DC1753 9841CC52
AF99D537 F9C1A886 8548D525 2BD4AF58 7B7FBE08 F9ADFB94 5247CC8E 4722373B
60950ED4 88640C9A 41C27C5E 44FD47EA 209A8ECF E7AE1F19 E652BBEA B09FB969
FEBD0203 010001A3 71306F30 0F060355 1D130101 FF040530 030101FF 301C0603
551D1104 15301382 116C6F73 67616461 732E6C6F 73676164 6173301F 0603551D
23041830 168014B4 5D2C51DA 134ADAB7 6889A881 B3871DC7 97093B30 1D060355
1D0E0416 0414B45D 2C51DA13 4ADAB768 89A881B3 871DC797 093B300D 06092A86
4886F70D 01010405 00038181 001A96FA B0456BB3 D4454A84 74B9A9A1 A63FAA7D
80445885 707CC9ED AFF6CC2F 155B9E53 34350ECC 94DA847E B84368EB DE09328C
3A3CC547 9B3A831A 8E8B5A02 01673209 3BCEF15C FF8147CD 6B6B2C2E FDCFC7E6
D77A9056 D37A0C04 E32677AD DB2FC2CA 037F8789 7FF78074 EA5CF24E A8C47E77
2BA56765 817B3EEB 64B0202A 86
quit
dot11 syslog
!
dot11 ssid Cisco851W
vlan 1
authentication open
guest-mode
!
dot11 ssid Cisco851w
vlan 1
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid optional
wpa-psk ascii 0 wpa-secret
!
dot11 ssid losgadas
vlan 1
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1 10.10.10.2
!
ip dhcp pool 0
import all
network 10.10.10.0 255.255.255.240
dns-server 172.16.0.254
default-router 10.10.10.1
domain-name (mydomainname)!
ip dhcp pool Home
import all
network 192.168.1.0 255.255.255.0
default-router 172.16.0.254
lease infinite
!
!
ip cef
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip domain name (mydomainname)
ip name-server 172.16.0.254
ip dhcp-client default-router distance 1
!
!
!
username (myusername) privilege 15 password 0 (mypassword)
!
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly
no dot11 extension aironet
!
encryption vlan 20 mode ciphers tkip
!
ssid Cisco851W
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
channel 2437
station-role root
l2-filter bridge-group-acl
no cdp enable
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0
!
interface Dot11Radio0.20
description Guest wireless LAN - routed WLAN
encapsulation dot1Q 20
ip nat inside
ip virtual-reassembly
!
interface Vlan1
ip address 10.10.10.1 255.255.255.240
ip nat inside
ip virtual-reassembly
!
router rip
version 2
passive-interface Dot11Radio0
passive-interface Dot11Radio0.20
passive-interface FastEthernet4
passive-interface Vlan1
network 10.0.0.0
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 172.16.0.254
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.15
access-list 700 permit 0090.96ca.6a77 0000.0000.0000
access-list 700 permit 0000.0000.0000 ffff.ffff.ffff
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
banner motd ^C
**************************
This is a secured router. Unauthorized logins restricted.
**************************
^C
!
line con 0
exec-timeout 30 0
password (mypassword)
logging synchronous
no modem enable
line aux 0
line vty 0 4
privilege level 15
password (mypassword)
logging synchronous
transport input telnet ssh
!
scheduler max-task-time 5000
end
What you need to do is create a bridge-group virtual interface (BVI) to link the wireless to the switchports so all your computers can talk and have internet.
Do you know how to do this or do you need a config?
Do you know how to do this or do you need a config?
ASKER
I would appreciate it if you could provide me with a sample config.
Have a look here http://www.ceenet.org/workshops/lectures2004/Erkki_Kukk/labs/wireless_vlans.pdf
a good starter point for multiple VLAN's - it looks like you are missing a BVI and VLAN20 configs.
The above is for a dedicated AP but the config for he radio, BVI and Eth ports are the same on your kit
a good starter point for multiple VLAN's - it looks like you are missing a BVI and VLAN20 configs.
The above is for a dedicated AP but the config for he radio, BVI and Eth ports are the same on your kit
Hi railit,
The following commands create a bridge group and assign IPs to your default VLAN 1 and your guest SSID.
Let me know if this helps!
Cheers!
The following commands create a bridge group and assign IPs to your default VLAN 1 and your guest SSID.
Let me know if this helps!
Cheers!
interface Vlan1
no ip address
bridge-group 1
!
interface Vlan20
ip address 10.10.20.1 255.255.255.240
bridge-group 2
!
bridge irb
!
interface BVI1
ip address 10.10.10.1 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
!
interface Dot11Radio0
no shut
!
interface Dot11Radio0.1
encapsulation dot1Q 1
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.20
encapsulation dot1Q 20
!
bridge 1 protocol ieee
bridge 1 route ip
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.