We help IT Professionals succeed at work.
Get Started

[Urgent] Cisco 871w Wireless Configuration Help

1,041 Views
Last Modified: 2013-12-09
Just got a call from a friend. He has this Cisco 871w at his place which has been working fine till now, that is, when he needs wireless internet access configured on it to make some new wirelesss equipment work.

I am just beginner level with cisco, where I can understand commands and configure stuff, but troubleshooting is out of question for me.  Config is attached, I tried a couple of things each time some thing else breaks and the wireless still doesnt work. Max points to anyone who can make this work!

I need the modified config that I can just copy paste to make it work. No suggestions please. Answer only if you can reply with working CLI configuration that works.
Current configuration : 7794 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname XXX
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxx
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
!
resource policy
!
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
no ip source-route
ip cef
!
!
!
!
ip tcp synwait-time 10
no ip bootp server
ip domain name yourdomain.com
ip name-server 208.57.0.0
ip name-server 208.57.0.0
ip ssh time-out 60
ip ssh authentication-retries 2
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
!
!
crypto pki trustpoint TP-self-signed-xxxxxxxxx
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-xxxxxxxxx
 revocation-check none
 rsakeypair TP-self-signed-xxxxxxxxxx
!
!
crypto pki certificate chain TP-self-signed-xxxxxxxxx
 certificate self-signed 01
 [BLOCK REMOVED]
 quit
username xxxxx privilege xx secret x xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 description $FW_OUTSIDE$$ES_WAN$
 ip address 208.57.0.0 255.255.255.xxx
 ip access-group 101 in
 ip verify unicast reverse-path
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip inspect DEFAULT100 out
 ip virtual-reassembly
 ip route-cache flow
 duplex auto
 speed auto
!
interface Dot11Radio0
 ip address 192.168.98.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
 !
 ssid XXX1
 !
 ssid XXX2
 !
 ssid XXX3
 !
 speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
 no dot11 extension aironet
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
 ip address 192.168.60.1 255.255.255.0
 ip access-group 100 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1452
!
ip route 0.0.0.0 0.0.0.0 208.57.xx.xx
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp 192.168.60.130 21 interface FastEthernet4 21
ip nat inside source static tcp 192.168.60.130 3550 interface FastEthernet4 3550
ip nat inside source static tcp 192.168.60.130 3650 interface FastEthernet4 3650
ip nat inside source static tcp 192.168.60.130 4550 interface FastEthernet4 4550
ip nat inside source static tcp 192.168.60.130 80 interface FastEthernet4 80
ip nat inside source static tcp 192.168.60.130 5066 interface FastEthernet4 5066
ip nat inside source static tcp 192.168.60.130 5550 interface FastEthernet4 5550
ip nat inside source static tcp 192.168.60.130 6009 interface FastEthernet4 6009
ip nat inside source static tcp 192.168.60.130 20001 interface FastEthernet4 200
01
ip nat inside source static tcp 192.168.60.130 6550 interface FastEthernet4 6550
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.60.0 0.0.0.255
access-list 100 remark auto generated by Cisco SDM Express firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny   ip 208.57.xx.xx 0.0.0.xx any
access-list 100 deny   ip host 255.255.255.255 any
access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by Cisco SDM Express firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit tcp any host 208.57.xx.xx eq ftp
access-list 101 permit tcp any host 208.57.xx.xx eq 3550
access-list 101 permit tcp any host 208.57.xx.xx eq 3650
access-list 101 permit tcp any host 208.57.xx.xx eq 4550
access-list 101 permit tcp any host 208.57.xx.xx eq www
access-list 101 permit tcp any host 208.57.xx.xx eq 5066
access-list 101 permit tcp any host 208.57.xx.xx eq 5550
access-list 101 permit tcp any host 208.57.xx.xx eq 6009
access-list 101 permit tcp any host 208.57.xx.xx eq 20001
access-list 101 permit tcp any host 208.57.xx.xx eq 6550
access-list 101 deny   ip 192.168.60.0 0.0.0.255 any
access-list 101 permit icmp any host 208.57.xx.xx echo-reply
access-list 101 permit icmp any host 208.57.xx.xx time-exceeded
access-list 101 permit icmp any host 208.57.xx.xx unreachable
access-list 101 deny   ip 10.0.0.0 0.255.255.255 any
access-list 101 deny   ip 172.16.0.0 0.15.255.255 any
access-list 101 deny   ip 192.168.0.0 0.0.255.255 any
access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
access-list 101 deny   ip host 255.255.255.255 any
access-list 101 deny   ip host 0.0.0.0 any
access-list 101 deny   ip any any
no cdp run
!
!
!
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
 no modem enable
 transport output telnet
!
!
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
 no modem enable
 transport output telnet
line aux 0
 transport output telnet
line vty 0 4
 privilege level 15
 transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

Open in new window

Comment
Watch Question
Top Expert 2008
Commented:
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE