Solved

Server behind Cisco 877W, wifi acess point config

Posted on 2009-07-02
1
689 Views
Last Modified: 2012-05-07
HI, I have an 877W that's running NAT and DHCP on eth0 on a home network and that's all working fine. I want to run a server on eth1 and also enable wifi and bridge it with eth0.

My ISP has delivered a /30 to me, in addition to the IP assigned to my modem and I believe I need to route traffic bound for those IPs to eth1. How do I go about that? Lets call those two usable IPs 1.2.3.4 and 5.6.7.8 (server 1 and server 2) for arguments sake.


!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cisco877w
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
aaa new-model
clock timezone AEST 10
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
   import all
   network 10.10.10.0 255.255.255.248
   default-router 10.10.10.1
   dns-server 203.22.124.73 203.22.124.10
   lease 0 2
!
!
no ip domain lookup
ip domain name yourdomain.com
!
multilink bundle-name authenticated
!
crypto pki trustpoint TP-self-signed-2078379341
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2078379341
 revocation-check none
 rsakeypair TP-self-signed-2078379341
!
!
crypto pki certificate chain TP-self-signed-2078379341
 certificate self-signed 01
  30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32303738 33373933 3431301E 170D3039 30363037 31383036
  32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 30373833
  37393334 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100E001 96125B4C F988AE7D A05F2ADC 2BB442DA 0EDC9A8A 6B225915 76572466
  2481FCF0 E2E1AACE B2B3B7E1 5A7DED1F 576F90F5 810865D9 236C69C0 7F286208
  7CEBE3F2 A350E13D 3C206B45 8ADDD3D6 99DC79ED F7AA7C91 251B4B05 D4CFE963
  A64434D6 53A35948 EF8D917B 0C388219 4A454822 129BF409 F53141EB 30BEBBE8
  13750203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
  551D1104 1C301A82 18636973 636F3837 37772E79 6F757264 6F6D6169 6E2E636F
  6D301F06 03551D23 04183016 8014CE29 FFA02174 CA603BF2 6763C2C9 F994AC91
  5888301D 0603551D 0E041604 14CE29FF A02174CA 603BF267 63C2C9F9 94AC9158
  88300D06 092A8648 86F70D01 01040500 03818100 B735B3A9 F72DBF7E 44D5EA95
  453E98CA 9BC5F8FD CC5413A5 A5BF239B 45B45608 83A09FD0 3AF9CDC5 F28CF0B6
  B84DA843 3F2D35FA 0CFD77E9 D1305293 AE79EA73 0A7F6159 7BFD6806 2CD53D1D
  0412DA04 E139532C D850E988 482BCF28 E64903F5 6B3822C0 95A76F6D 2A8D1221
  CB02CCB1 ADEE4B54 7DA9A037 059FE2EC C726CABA
  quit
!
!
username **** privilege 15 secret 5 ****.
!
!
!
!
!
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0.2 point-to-point
 no snmp trap link-status
 pvc 8/35
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
 switchport access vlan 2
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 shutdown
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
 ip address 10.10.10.1 255.255.255.248
 ip nat inside
 ip virtual-reassembly
!
interface Vlan2
 ip address 10.10.11.1 255.255.255.252
!
interface Dialer1
 ip address negotiated
 no ip unreachables
 ip nat outside
 ip virtual-reassembly max-reassemblies 64
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer-group 1
 no cdp enable
 ppp authentication pap callin
 ppp pap sent-username ****@dsl.onthenet.net password 0 ****
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source list 1 interface Dialer1 overload
!
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.7
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
banner login ^C
-----------------------------------------------------------------------
*****
-----------------------------------------------------------------------
^C
!
line con 0
 no modem enable
line aux 0
line vty 0 4
 transport input telnet ssh
!
scheduler max-task-time 5000
end

0
Comment
Question by:gaijinmike
1 Comment
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 24761385

*****Set up Wireless Settings*****
SSID = MySSID
Using WPA WPA Key = MyWAPKey12345

RouterA(config)#dot11 ssid MySSID
RouterA(config-ssid)#vlan 1
RouterA(config-ssid)#authentication open
RouterA(config-ssid)#authentication key-management wpa
RouterA(config-ssid)#guest-mode
RouterA(config-ssid)#wpa-psk ascii 0 MyWAPKey12345
RouterA(config-ssid)#exit
RouterA(config)#


 
*****Set up Your Internal DHCP*****
Step 1: Remove the default one (warning be on a console connection when you do this)
RouterA#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
RouterA(config)#no ip dhcp pool sdm-pool
Note: check sometimes the scope is called sdm-pool1
RouterA(config)#
Step 2: Then add your own
Assuming you want the following information
192.168.1.10 = DNS Server1
192.168.1.10 = DNS Server2
192.168.1.1 = The Router
mydomain.com = The name of your domain

RouterA(config)#ip dhcp excluded-address 192.168.1.10
RouterA(config)#ip dhcp excluded-address 192.168.1.11
RouterA(config)#ip dhcp excluded-address 192.168.1.1
RouterA(config)#ip dhcp pool vlan1
RouterA(dhcp-config)#network 192.168.1.0 255.255.255.0
RouterA(dhcp-config)#default-router 192.168.1.1
RouterA(dhcp-config)#dns-server 192.168.1.10
RouterA(dhcp-config)#dns-server 192.168.1.11
RouterA(dhcp-config)#domain-name mydomain.com
RouterA(dhcp-config)#exit
RouterA(config)#

*****Set up Wireless Interface(s) *****
RouterA(config)#interface Dot11Radio0
RouterA(config-if)#no ip address
RouterA(config-if)#no shutdown
RouterA(config-if)#encryption vlan 1 mode ciphers tkip
RouterA(config-if)#ssid MySSID
RouterA(config-if)#exit
RouterA(config)#
RouterA(config)#interface Dot11Radio0.1
RouterA(config-subif)#encapsulation dot1Q 1 native
RouterA(config-subif)#bridge-group 1
RouterA(config-subif)#bridge-group 1 subscriber-loop-control
RouterA(config-subif)#bridge-group 1 spanning-disabled
RouterA(config-subif)#bridge-group 1 block-unknown-source
RouterA(config-subif)#no bridge-group 1 source-learning
RouterA(config-subif)#no bridge-group 1 unicast-flooding
RouterA(config-subif)#exit
RouterA(config)#

*****Set up VLAN*****
RouterA(config)#interface Vlan1
RouterA(config-if)# no ip address
RouterA(config-if)#no shutdown
RouterA(config-if)# bridge-group 1
RouterA(config-if)#exit
RouterA(config)#

*****Set up Bridging*****
RouterA(config)#bridge 1 protocol ieee
RouterA(config)#bridge irb
RouterA(config)#bridge 1 route ip

*****Set up Management IP*****
RouterA(config)#interface BVI1
RouterA(config-if)#ip address 192.168.1.1 255.255.255.0
RouterA(config-if)#ip nat inside
RouterA(config-if)#ip virtual-reassembly
RouterA(config-if)#exit
RouterA(config)#

*****Remove ACL for SDM Access*****
RouterA(config)#no ip http access-class 23
RouterA(config)#no access-list 23 permit 10.10.10.0 0.0.0.7
0

Featured Post

Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now