Black0x2
asked on
[Urgent] Cisco 871w Wireless Configuration Help
Just got a call from a friend. He has this Cisco 871w at his place which has been working fine till now, that is, when he needs wireless internet access configured on it to make some new wirelesss equipment work.
I am just beginner level with cisco, where I can understand commands and configure stuff, but troubleshooting is out of question for me. Config is attached, I tried a couple of things each time some thing else breaks and the wireless still doesnt work. Max points to anyone who can make this work!
I need the modified config that I can just copy paste to make it work. No suggestions please. Answer only if you can reply with working CLI configuration that works.
I am just beginner level with cisco, where I can understand commands and configure stuff, but troubleshooting is out of question for me. Config is attached, I tried a couple of things each time some thing else breaks and the wireless still doesnt work. Max points to anyone who can make this work!
I need the modified config that I can just copy paste to make it work. No suggestions please. Answer only if you can reply with working CLI configuration that works.
Current configuration : 7794 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname XXX
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxx
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
!
resource policy
!
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
no ip source-route
ip cef
!
!
!
!
ip tcp synwait-time 10
no ip bootp server
ip domain name yourdomain.com
ip name-server 208.57.0.0
ip name-server 208.57.0.0
ip ssh time-out 60
ip ssh authentication-retries 2
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
!
!
crypto pki trustpoint TP-self-signed-xxxxxxxxx
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-xxxxxxxxx
revocation-check none
rsakeypair TP-self-signed-xxxxxxxxxx
!
!
crypto pki certificate chain TP-self-signed-xxxxxxxxx
certificate self-signed 01
[BLOCK REMOVED]
quit
username xxxxx privilege xx secret x xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $FW_OUTSIDE$$ES_WAN$
ip address 208.57.0.0 255.255.255.xxx
ip access-group 101 in
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect DEFAULT100 out
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
!
interface Dot11Radio0
ip address 192.168.98.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
!
ssid XXX1
!
ssid XXX2
!
ssid XXX3
!
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
no dot11 extension aironet
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.60.1 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
ip route 0.0.0.0 0.0.0.0 208.57.xx.xx
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp 192.168.60.130 21 interface FastEthernet4 21
ip nat inside source static tcp 192.168.60.130 3550 interface FastEthernet4 3550
ip nat inside source static tcp 192.168.60.130 3650 interface FastEthernet4 3650
ip nat inside source static tcp 192.168.60.130 4550 interface FastEthernet4 4550
ip nat inside source static tcp 192.168.60.130 80 interface FastEthernet4 80
ip nat inside source static tcp 192.168.60.130 5066 interface FastEthernet4 5066
ip nat inside source static tcp 192.168.60.130 5550 interface FastEthernet4 5550
ip nat inside source static tcp 192.168.60.130 6009 interface FastEthernet4 6009
ip nat inside source static tcp 192.168.60.130 20001 interface FastEthernet4 200
01
ip nat inside source static tcp 192.168.60.130 6550 interface FastEthernet4 6550
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.60.0 0.0.0.255
access-list 100 remark auto generated by Cisco SDM Express firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip 208.57.xx.xx 0.0.0.xx any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by Cisco SDM Express firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit tcp any host 208.57.xx.xx eq ftp
access-list 101 permit tcp any host 208.57.xx.xx eq 3550
access-list 101 permit tcp any host 208.57.xx.xx eq 3650
access-list 101 permit tcp any host 208.57.xx.xx eq 4550
access-list 101 permit tcp any host 208.57.xx.xx eq www
access-list 101 permit tcp any host 208.57.xx.xx eq 5066
access-list 101 permit tcp any host 208.57.xx.xx eq 5550
access-list 101 permit tcp any host 208.57.xx.xx eq 6009
access-list 101 permit tcp any host 208.57.xx.xx eq 20001
access-list 101 permit tcp any host 208.57.xx.xx eq 6550
access-list 101 deny ip 192.168.60.0 0.0.0.255 any
access-list 101 permit icmp any host 208.57.xx.xx echo-reply
access-list 101 permit icmp any host 208.57.xx.xx time-exceeded
access-list 101 permit icmp any host 208.57.xx.xx unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any
no cdp run
!
!
!
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
!
!
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Last Comment
Good call, bkepford... the shutdown command was turning off the radio as soon as the interface was configured.
http://articles.techrepublic.com.com/5100-10878_11-6102399.html has a nice excel spreadsheet for a simple setup with a couple VLANs and both a 'guest' and private WLAN... you enter your variables on the 2nd tab then go back to the main tab and generate the commands to paste in the CLI a couple lines at a time.
http://articles.techrepublic.com.com/5100-10878_11-6102399.html has a nice excel spreadsheet for a simple setup with a couple VLANs and both a 'guest' and private WLAN... you enter your variables on the 2nd tab then go back to the main tab and generate the commands to paste in the CLI a couple lines at a time.
ASKER
My Appologies. What you see in there now is a half-baked configuration that has been sitting there. Even turning on the interface doesnt help. I believe that this router needs bridging in order to have same ip addresses on both the wired and wireless lan, and for both to communicate to each other.
What needs to be done is simple.
Create/Modify/Fix the configuration above so that;
1. The wireless is turned on (properly)
2. Has only a single SSID
3. NO Guest Mode (Meaning just one wireless mode, that is on the internal network)
4. Use the same current IP Address Scheme on the WIRED LAN and WIRELESS (Bridged???)
5. ENABLE DHCP Server (Assign to both wired and wireless lan)
6. Is SECURE (WPA)
7. Keep the other current configuration intact.
8. Work as a normal regular wireless router (like for example: linksys)
What needs to be done is simple.
Create/Modify/Fix the configuration above so that;
1. The wireless is turned on (properly)
2. Has only a single SSID
3. NO Guest Mode (Meaning just one wireless mode, that is on the internal network)
4. Use the same current IP Address Scheme on the WIRED LAN and WIRELESS (Bridged???)
5. ENABLE DHCP Server (Assign to both wired and wireless lan)
6. Is SECURE (WPA)
7. Keep the other current configuration intact.
8. Work as a normal regular wireless router (like for example: linksys)
ASKER
Again, fixed/modified configuration that I can just paste into the router that makes it do all the above gets as many maximum points as this question can award. 500 + A Grade or whatever is maximum
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Routers
A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.
49K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
First thing to do is to paste this in it will turn on the wireless
interface Dot11Radio0
no shutdown
do write mem