Link to home
Start Free TrialLog in
Avatar of awilderbeast
awilderbeastFlag for United Kingdom of Great Britain and Northern Ireland

asked on

debugging cisco 877w wifi dropping/unavailable, create a log file perhaps

Hi all,

i run cisco 877w at my bosses house and she tells me that the wifi drops somtimes and other times the SSID isnt even listed this is on all her devices, iphone/2 laptops

so for the ssid to be unavailable on all of them, has to be a issue with the 877w?

so can i create a debug that will log to a textfile perhaps?
her pc is connected via rj45 so i can send it to that?

also, her house is connceted via GRE/EIGRP and uses our dns server (for local lookups) and i think her house might be losing its tunnel every now and then (she cant access emails on exchange)

curent config below


Current configuration : 7901 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname TDHOME
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200 warnings
enable secret 5 $1$967I$Ht5lPqcQIM8RDQyadMSC91
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login NO_LOGIN none
aaa authentication login admin local
!
!
aaa session-id common
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00

dot11 ssid xxxxx
 vlan 20
 max-associations 10
 authentication open
 authentication key-management wpa
 guest-mode
 wpa-psk ascii 7 xxxxx
!
ip source-route
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 172.30.2.254
ip dhcp excluded-address 172.30.2.253
!
ip dhcp pool WIRELESS_CLIENTS
   network 172.30.2.0 255.255.255.0
   default-router 172.30.2.254
   dns-server 213.249.130.100 212.50.160.100
!
ip dhcp pool TraceyLaptop
   host 172.30.2.10 255.255.255.0
   client-identifier 01b4.82fe.19fe.55
   default-router 172.30.2.254
   dns-server 192.168.101.1 213.249.130.100
!
ip dhcp pool TraceyPC
   host 172.30.2.15 255.255.255.0
   client-identifier 0100.1a92.485c.ea
   default-router 172.30.2.254
   dns-server 192.168.101.1 213.249.130.100
!
!
ip cef
ip domain name domain.local
ip name-server 192.168.101.1
login block-for 180 attempts 5 within 60
login delay 2
login quiet-mode access-class QUIETMODE
login on-failure log every 3
no ipv6 cef


multilink bundle-name authenticated
!
!
!
username xxxx privilege 15 password 7 xxxx
!
!
crypto isakmp policy 10
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp policy 15
 encr 3des
 authentication pre-share
crypto isakmp key xxxxx address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 10 4
crypto isakmp nat keepalive 30
!
!
crypto ipsec transform-set DMVPN_SET esp-3des esp-sha-hmac
 mode transport
!
crypto ipsec profile DMVPN
 set transform-set DMVPN_SET
!
!
crypto dynamic-map VPN 5
 set transform-set DMVPN_SET
 reverse-route
!
!
crypto map VPN 1 ipsec-isakmp dynamic VPN
!
archive
 log config
  hidekeys
!
!
ip ssh version 2
!
bridge irb
!
!
interface Tunnel6
 description HOME TO WORK DMVPN
 ip address 192.168.100.15 255.255.255.0
 ip mtu 1440
 ip nhrp authentication xxxxx
 ip nhrp map 192.168.100.1 xxx.xxx.xxx.xxx
 ip nhrp map multicast xxx.xxx.xxx.xxx
 ip nhrp network-id 100
 ip nhrp holdtime 300
 ip nhrp nhs 192.168.100.1
 ip tcp adjust-mss 1378
 tunnel source Dialer1
 tunnel destination xxx.xxx.xxx.xxx
 tunnel key 100
 tunnel protection ipsec profile DMVPN
!
interface ATM0
 description PPP DIALER TO KAROO
 no ip address
 no atm ilmi-keepalive
 pvc 1/50
  dialer pool-member 1
  protocol ppp dialer
 !
!
interface FastEthernet0
 switchport access vlan 20
!
interface FastEthernet1
 switchport access vlan 20
!
interface FastEthernet2
 switchport access vlan 20
!
interface FastEthernet3
 switchport access vlan 20
!
interface Dot11Radio0
 no ip address
 ip nat inside
 ip virtual-reassembly
 no ip route-cache cef
 no ip route-cache
 no dot11 extension aironet
 !
 encryption vlan 20 mode ciphers aes-ccm
 !
 encryption mode ciphers aes-ccm
 !
 broadcast-key vlan 20 change 45
 !
 !
 ssid xxxxx
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 channel 2412
 station-role root
 no cdp enable
!
interface Dot11Radio0.20
 encapsulation dot1Q 20
 no ip route-cache
 no cdp enable
 bridge-group 20
 bridge-group 20 subscriber-loop-control
 bridge-group 20 spanning-disabled
 bridge-group 20 block-unknown-source
 no bridge-group 20 source-learning
 no bridge-group 20 unicast-flooding
!
interface Vlan1
 no ip address
 ip nat inside
 ip virtual-reassembly
!
interface Vlan20
 no ip address
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1378
 bridge-group 20
 bridge-group 20 subscriber-loop-control
 bridge-group 20 spanning-disabled
!
interface Dialer1
 ip address negotiated
 ip access-group REMOTE_OP in
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip tcp adjust-mss 1378
 load-interval 30
 dialer pool 1
 no cdp enable
 ppp chap hostname xxxx
 ppp chap password 7 xxxxx
 crypto map VPN
!
interface BVI20
 description WIRELESS BRIDGE
 ip address 172.30.2.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 no ip route-cache cef
 no ip route-cache
 ip tcp adjust-mss 1378
!
router eigrp 100
 network 172.30.2.0 0.0.0.255
 network 192.168.100.0
 no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list EXTERNAL_ACCESS interface Dialer1 overload
!
ip access-list extended EXTERNAL_ACCESS
 permit ip 172.30.2.0 0.0.0.255 any
 deny   ip any any
ip access-list extended REMOTE_OP 
 permit tcp 192.168.101.0 0.0.0.255 any eq 22
 deny   tcp any any eq 22
 deny   tcp any any eq telnet
 permit ip any any
ip access-list extended WIRELESSCLIENTS
 permit ip any any
!
logging trap warnings
no cdp run

!
!
!
!
!
control-plane
!
bridge 20 protocol ieee
bridge 20 route ip
banner motd ^CC################################# WARNING!#################################

Access to this device is for authorized users only. Unauthorized access is
strictly prohibted! Unauothorized users will be prosecuted!

###########################################################################^C
!
line con 0
 exec-timeout 60 0
 privilege level 15
 password 7 xxxx
 logging synchronous
 login authentication NO_LOGIN
 no modem enable
line aux 0
 password 7 xxx
line vty 0 4
 privilege level 15
 password 7 xxx
 logging synchronous
 transport input ssh
!
scheduler max-task-time 5000
end

Open in new window

Avatar of nexxc
nexxc

I have simialr setup with approx 50 DMVPN sites, and also running wireless and VoIP (but authenticated across the tunnel rather than locally)

it doesnt sound like your problem is tunnel dropping (eigrp neighborship dropping) as your wireless is local and the broadcast is not being seen by clients so probably a IOS bug....i found ver c870-advipservicesk9-mz.150-1.M1 to be very stable compared to previous versions (especially with DMVPN and NHRP)




Avatar of awilderbeast

ASKER

just went to download that and cisco say there is atleast one serious issue with that ver, you know what it is?
ASKER CERTIFIED SOLUTION
Avatar of awilderbeast
awilderbeast
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial