tcands
asked on
Cisco 857W Wireless Internal
Hi,
i have a Cisco 857w wireless router, with the help of someone here i was finally able to get it to access the internet and distribute connectivity in my netwwork.
my problem is ... my wirless access point can access the internet just fine but cant connect or ping any of the intrernal IP addresses not even the router ! i would like to allow access from the wirless to th einternal machines, also i would like to use encryption on the wireless access point and MAC filtering.
i also would like to open different ports to allow access to some services in the internal network .
i attached my config file for your review, please have a look and tell me what should i do .
Thank you !
SDMConfig1.txt
i have a Cisco 857w wireless router, with the help of someone here i was finally able to get it to access the internet and distribute connectivity in my netwwork.
my problem is ... my wirless access point can access the internet just fine but cant connect or ping any of the intrernal IP addresses not even the router ! i would like to allow access from the wirless to th einternal machines, also i would like to use encryption on the wireless access point and MAC filtering.
i also would like to open different ports to allow access to some services in the internal network .
i attached my config file for your review, please have a look and tell me what should i do .
Thank you !
SDMConfig1.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I don't understand how your wireless clients have access to the internet there... there is no ip nat inside source list statement that should let it work.
you really need to have
ip nat inside source list 100 interface dialer1 overload
and to remove the other two "ip nat inside " statements
are you able to do a "show bridge" for me?
and just quickly to answer your encryption question.
WPA2/AES with a pre-share key would be your best bet to get going quickly.. I personally don't get into mac filtering as they can easily be spoofed anyway - but thats up to you. WPA2 with *eap is possible as well, but thats a much longer conversation.
ssid WLAN
authenitcation open
authentication key-management wpa version 2
wpa-psk ascii *your psk here*
!
interface dot11radio0
encryption mode ciphers aes-ccm
!
you really need to have
ip nat inside source list 100 interface dialer1 overload
and to remove the other two "ip nat inside " statements
are you able to do a "show bridge" for me?
and just quickly to answer your encryption question.
WPA2/AES with a pre-share key would be your best bet to get going quickly.. I personally don't get into mac filtering as they can easily be spoofed anyway - but thats up to you. WPA2 with *eap is possible as well, but thats a much longer conversation.
ssid WLAN
authenitcation open
authentication key-management wpa version 2
wpa-psk ascii *your psk here*
!
interface dot11radio0
encryption mode ciphers aes-ccm
!
are you able to post an updated config (passwords/keys removed) for me?
ASKER
i attached a show bridge output and the most recent config i have right right after saving everything and reloading the device .. hope this helps !
SDMConfigNEW.txt
Show-Bridge.txt
SDMConfigNEW.txt
Show-Bridge.txt
ASKER
I am not quiet sure how to set the encryption, if u please write me the commands i would really appreciate that !
ASKER