Solved

Cisco 857W Wireless Internal

Posted on 2009-05-13
6
770 Views
Last Modified: 2013-11-12
Hi,
i have a Cisco 857w wireless router, with the help of someone here i was finally able to get it to access the internet and distribute connectivity in my netwwork.

my problem is ... my wirless access point can access the internet just fine but cant connect or ping any of the intrernal IP addresses not even the router ! i would like to allow access from the wirless to th einternal machines, also i would like to use encryption on the wireless access point and MAC filtering.

i also would like to open different ports to allow access to some services in the internal network .

i attached my config file for your review, please have a look and tell me what should i do .


Thank you !
SDMConfig1.txt
0
Comment
Question by:tcands
  • 3
  • 3
6 Comments
 
LVL 8

Accepted Solution

by:
ludo_friend earned 500 total points
ID: 24381800
firstly, just a few clean ups in your config might sort out your issue with the wireless and lan not talking.

we'll be removing your two dialers that do nothing, as well as taking nat off from the vlan 1 interface (thats handled by your BVI 1 interface)
conf t
no int dial 2
no int dial 0
int vlan 1
no ip nat inside
exit

port forwarding is achieved very simply...

ip nat inside source list static [tcp/udp] [internal ip address] [internal port number] interface [external interface] [external port number]

for example
ip nat inside source list static tcp 192.168.1.10 80 interface dialer 1 80
will give port 80 (http) access in from the world to 192.168.1.10 inside your network.

hope this helps!

0
 

Author Comment

by:tcands
ID: 24382007
Thank you for the response, the forwarding worked just fine ! however wireless is still not able to ping local address but can get any website outisis ethe network just fine !
0
 
LVL 8

Expert Comment

by:ludo_friend
ID: 24382184
I don't understand how your wireless clients have access to the internet there... there is no ip nat inside source list statement that should let it work.

you really need to have
ip nat inside source list 100 interface dialer1 overload
 and to remove the other two "ip nat inside " statements

are you able to do a "show bridge" for me?

and just quickly to answer your encryption question.
WPA2/AES with a pre-share key would be your best bet to get going quickly.. I personally don't get into mac filtering as they can easily be spoofed anyway - but thats up to you. WPA2 with *eap is possible as well, but thats a much longer conversation.

ssid WLAN
  authenitcation open
  authentication key-management wpa version 2
  wpa-psk ascii *your psk here*
!
interface dot11radio0
 encryption mode ciphers aes-ccm
 !


0
New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

 
LVL 8

Expert Comment

by:ludo_friend
ID: 24382187
are you able to post an updated config (passwords/keys removed) for me?

0
 

Author Comment

by:tcands
ID: 24382387
i attached a show bridge output and the most recent config i have right right after saving everything and reloading the device .. hope this helps !
SDMConfigNEW.txt
Show-Bridge.txt
0
 

Author Comment

by:tcands
ID: 24391549
I am not quiet sure how to set the encryption, if u please write me the commands i would really appreciate that !
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Stack Switches in IOU  web V22 6 63
SBS 2011 wireless nic? & dynamic VPN. 3 67
Packet Tracer Router to Router 10 61
Minimum security requirements for WiFi in GPO 10 48
Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now