?
Solved

Cisco 877W Wired and Wireless Access

Posted on 2009-02-19
5
Medium Priority
?
1,266 Views
Last Modified: 2012-05-06
Hi Folks, Have a new Cisco 877W and just doing a simple config of Dialer0 to my ADSL ISP asccount and want some PC's on the wired LAN and then Config the Wireless Side of this to bridge the LAN side, share the same DHCP scope etc.

I have seen many posts on the 877W but not one that has sorted this.

Basically I can get the Wired side working no problems configuring VLAN1 with IP and DHCP etc but need to know what the process is to bring the WLAN in.

Do I have to remove the VLAN1 ip address etc then create a BVI1 and give this the same IP that was on VLAN1, config the Radio0 and add VLAN1 to that.

Would appreciate if someone has a sample config of Cisco877W with both Wired and Wireless LAN bridging and sharing the same DHCP scope.

Cheers Norm
0
Comment
Question by:999
  • 3
  • 2
5 Comments
 
LVL 8

Expert Comment

by:MrJemson
ID: 23688449
Correct.
You would use BVI for this.

Here is a config from an 857W very close to the 877W so should work.
I have removed any private details and replaced with xxxx
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service sequence-numbers
!
hostname xxxxx
!
boot-start-marker
boot-end-marker
!
logging buffered 8192
no logging console
!
aaa new-model
!
!
aaa authentication login default group radius local
aaa authentication login rtr-remote local
aaa authentication login no_radius enable
aaa authentication ppp default if-needed group radius
aaa authorization network rtr-remote local
!
!
aaa session-id common
clock timezone AEST 10
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1 192.168.0.150
!
ip dhcp pool CUSTOMER_LAN_POOL
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.1
   dns-server 192.168.0.30
!
!
ip cef
no ip bootp server
ip domain name xxxxx
ip ssh version 2
!
!
!
!
!
username xxxxx privilege 15 password 7 xxxxx
!
!
!
bridge irb
!
!
!
interface ATM0
 no ip address
 no ip route-cache cef
 no ip route-cache
 load-interval 30
 no atm ilmi-keepalive
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 !
 encryption vlan 1 mode ciphers tkip
 !
 ssid Wifi
    vlan 1
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 7 xxxxx
 !
 world-mode dot11d country AU both
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 rts threshold 2312
 channel 2422
 station-role root
 no dot11 extension aironet
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no cdp enable
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Vlan1
 no ip address
 ip virtual-reassembly
 no ip route-cache cef
 bridge-group 1
!
interface Dialer0
 ip address xxxxx
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 no cdp enable
 ppp authentication chap callin
 ppp chap hostname xxxxx
 ppp chap password xxxxx
!
interface BVI1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
ip nat inside source list 22 interface Dialer0 overload
!
access-list 22 permit 192.168.0.0 0.0.1.255
!
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
 no modem enable
 transport output all
line aux 0
 transport output all
line vty 0 2
 exec-timeout 5 0
 privilege level 15
 transport input telnet ssh
line vty 3 4
 exec-timeout 5 0
 privilege level 15
 transport input ssh
!
scheduler max-task-time 5000
end

Open in new window

0
 

Author Comment

by:999
ID: 23688696
Many thanks for the comment,  I have had close to that but when I add the Vlan 1 to my SSID the Wireless Interface goes down on the router straight away as well as the BVI1.  Your config:

interface Dot11Radio0
 no ip address
 !
 encryption vlan 1 mode ciphers tkip
 !
 ssid Wifi
    vlan 1
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 7 xxxxx


Here is my config and with this I can see the wireless LAN and Connect to the SSID

I cannot get a DHCP address over the wireless and when I add Vlan1 to the Dot11 SSID the wireless radio interface and BVI1 goes down.

I also notice you have a Dot11radio0.1 Interface?

hostname njpnet
!
boot-start-marker
boot-end-marker
!
enable secret 5 $xxxxxxxxxxxxxxxxxxx
!
no aaa new-model
!

dot11 syslog
!
dot11 ssid NJP_108G *****Note if I add Vlan1 Interface to this SSID the Wireless Radio Interface goes down on the router as well as the BVI1 Interface ***
   authentication open
   guest-mode
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address xx
ip dhcp excluded-address xx
ip dhcp excluded-address xx
!
ip dhcp pool 0
   import all
   network xx
   default-router 192.100.1.1
   dns-server xx
   lease 7
!
!
!
archive
 log config
  hidekeys
!
!
!
bridge irb
!
!
interface ATM0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0.1 point-to-point
 description $ES_WAN$
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 no ip mroute-cache
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 beacon period 1000
 !
 encryption key 1 size 128bit 7 3xxxxxxx transmit-key
 encryption mode wep mandatory
 !
 encryption vlan 1 mode wep mandatory
 !
 broadcast-key vlan 1 change 45
 !
 !
 ssid NJP_108G
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
 world-mode dot11d country AU indoor
 no cdp enable
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Vlan1
 description $FW_INSIDE$
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 ip flow ingress
 ip flow egress
 ip virtual-reassembly
 ip route-cache flow
 ip tcp adjust-mss 1448
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface Dialer0
 description $FW_OUTSIDE$
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 ip flow ingress
 ip flow egress
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer idle-timeout 2147483
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname xxx
 ppp chap password 7 xx
 ppp pap sent-username xxxx
!
interface BVI1
 ip address 192.100.1.1 255.255.255.0
 ip access-group 100 in
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http secure-server
ip nat inside source list 100 interface Dialer0 overload
!

access-list 100 permit ip 192.100.1.0 0.0.0.255 any
!
!
0
 
LVL 8

Accepted Solution

by:
MrJemson earned 2000 total points
ID: 23689353
Try this:

interface Dot11Radio0
 no encryption vlan 1 mode ciphers tkip

If your only running the one Vlan over the wifi you should not need it
0
 

Author Comment

by:999
ID: 23691661
Cheers for that but I have to use Wep as a few of the devices in my net do not support WPA etc so I need so encryption. Are you saying I do not need encryption on Vlan 1 as I am bridging Lan + Wireless?

One thing and I thought it was just a DHCP problem but I can connect to the Wireless Network so my Wireless setup there seems ok but DHCP does not work to the Wireless Netowrk and also If I put in  a static IP to the wireless network as the same as the LAN / Bridge Network I cannot ping the router IP from my client so it seems I have some other issue here.

Really apreciate your help with this.

Cheers Norm
0
 

Author Closing Comment

by:999
ID: 31549085
Cheers for the help and finally got it going on Wired and Wireless Lan.  I kept the Dot11Radio0.1 interface but I had the key and encryption set globally so I could conenct to the AP but Vlan 1 could not get DHCP etc so I removed all that set encrytion wep etc on Vlan 1 like you mentioned here and bingo...  Many thanks again.  I have printed that config in bronze :-)   Cheers Norm
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question