Server behind Cisco 877W, wifi acess point config

Posted on 2009-07-02
Medium Priority
Last Modified: 2012-05-07
HI, I have an 877W that's running NAT and DHCP on eth0 on a home network and that's all working fine. I want to run a server on eth1 and also enable wifi and bridge it with eth0.

My ISP has delivered a /30 to me, in addition to the IP assigned to my modem and I believe I need to route traffic bound for those IPs to eth1. How do I go about that? Lets call those two usable IPs and (server 1 and server 2) for arguments sake.

version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname cisco877w
logging buffered 51200 warnings
aaa new-model
clock timezone AEST 10
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address
ip dhcp pool sdm-pool
   import all
   lease 0 2
no ip domain lookup
ip domain name yourdomain.com
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-2078379341
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2078379341
 revocation-check none
 rsakeypair TP-self-signed-2078379341
crypto pki certificate chain TP-self-signed-2078379341
 certificate self-signed 01
  30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32303738 33373933 3431301E 170D3039 30363037 31383036
  32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 30373833
  37393334 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100E001 96125B4C F988AE7D A05F2ADC 2BB442DA 0EDC9A8A 6B225915 76572466
  2481FCF0 E2E1AACE B2B3B7E1 5A7DED1F 576F90F5 810865D9 236C69C0 7F286208
  7CEBE3F2 A350E13D 3C206B45 8ADDD3D6 99DC79ED F7AA7C91 251B4B05 D4CFE963
  A64434D6 53A35948 EF8D917B 0C388219 4A454822 129BF409 F53141EB 30BEBBE8
  13750203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
  551D1104 1C301A82 18636973 636F3837 37772E79 6F757264 6F6D6169 6E2E636F
  6D301F06 03551D23 04183016 8014CE29 FFA02174 CA603BF2 6763C2C9 F994AC91
  5888301D 0603551D 0E041604 14CE29FF A02174CA 603BF267 63C2C9F9 94AC9158
  88300D06 092A8648 86F70D01 01040500 03818100 B735B3A9 F72DBF7E 44D5EA95
  453E98CA 9BC5F8FD CC5413A5 A5BF239B 45B45608 83A09FD0 3AF9CDC5 F28CF0B6
  B84DA843 3F2D35FA 0CFD77E9 D1305293 AE79EA73 0A7F6159 7BFD6806 2CD53D1D
  0412DA04 E139532C D850E988 482BCF28 E64903F5 6B3822C0 95A76F6D 2A8D1221
  CB02CCB1 ADEE4B54 7DA9A037 059FE2EC C726CABA
username **** privilege 15 secret 5 ****.
interface ATM0
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto
interface ATM0.2 point-to-point
 no snmp trap link-status
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
interface FastEthernet0
interface FastEthernet1
 switchport access vlan 2
interface FastEthernet2
interface FastEthernet3
interface Dot11Radio0
 no ip address
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
interface Vlan1
 ip address
 ip nat inside
 ip virtual-reassembly
interface Vlan2
 ip address
interface Dialer1
 ip address negotiated
 no ip unreachables
 ip nat outside
 ip virtual-reassembly max-reassemblies 64
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer-group 1
 no cdp enable
 ppp authentication pap callin
 ppp pap sent-username ****@dsl.onthenet.net password 0 ****
ip route Dialer1
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source list 1 interface Dialer1 overload
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit
dialer-list 1 protocol ip permit
no cdp run
banner login ^C
line con 0
 no modem enable
line aux 0
line vty 0 4
 transport input telnet ssh
scheduler max-task-time 5000

Question by:gaijinmike
1 Comment
LVL 58

Accepted Solution

Pete Long earned 1500 total points
ID: 24761385

*****Set up Wireless Settings*****
Using WPA WPA Key = MyWAPKey12345

RouterA(config)#dot11 ssid MySSID
RouterA(config-ssid)#vlan 1
RouterA(config-ssid)#authentication open
RouterA(config-ssid)#authentication key-management wpa
RouterA(config-ssid)#wpa-psk ascii 0 MyWAPKey12345

*****Set up Your Internal DHCP*****
Step 1: Remove the default one (warning be on a console connection when you do this)
RouterA#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
RouterA(config)#no ip dhcp pool sdm-pool
Note: check sometimes the scope is called sdm-pool1
Step 2: Then add your own
Assuming you want the following information = DNS Server1 = DNS Server2 = The Router
mydomain.com = The name of your domain

RouterA(config)#ip dhcp excluded-address
RouterA(config)#ip dhcp excluded-address
RouterA(config)#ip dhcp excluded-address
RouterA(config)#ip dhcp pool vlan1
RouterA(dhcp-config)#domain-name mydomain.com

*****Set up Wireless Interface(s) *****
RouterA(config)#interface Dot11Radio0
RouterA(config-if)#no ip address
RouterA(config-if)#no shutdown
RouterA(config-if)#encryption vlan 1 mode ciphers tkip
RouterA(config-if)#ssid MySSID
RouterA(config)#interface Dot11Radio0.1
RouterA(config-subif)#encapsulation dot1Q 1 native
RouterA(config-subif)#bridge-group 1
RouterA(config-subif)#bridge-group 1 subscriber-loop-control
RouterA(config-subif)#bridge-group 1 spanning-disabled
RouterA(config-subif)#bridge-group 1 block-unknown-source
RouterA(config-subif)#no bridge-group 1 source-learning
RouterA(config-subif)#no bridge-group 1 unicast-flooding

*****Set up VLAN*****
RouterA(config)#interface Vlan1
RouterA(config-if)# no ip address
RouterA(config-if)#no shutdown
RouterA(config-if)# bridge-group 1

*****Set up Bridging*****
RouterA(config)#bridge 1 protocol ieee
RouterA(config)#bridge irb
RouterA(config)#bridge 1 route ip

*****Set up Management IP*****
RouterA(config)#interface BVI1
RouterA(config-if)#ip address
RouterA(config-if)#ip nat inside
RouterA(config-if)#ip virtual-reassembly

*****Remove ACL for SDM Access*****
RouterA(config)#no ip http access-class 23
RouterA(config)#no access-list 23 permit

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question