Cisco 877w - DHCP for Wireless Clients is not working

Hi

 
I've got a problem with a cisco 877w. I've bridged the wireless and ethernet interfaces into BVI 1. I've set up dhcp. DHCP works for the wired network but despite being able to connect to the wireless network, the wireless clients cannot obtain an IP.

 
The Config's here:

 
Current configuration : 13416 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname br-office-rt
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200 warnings
enable secret 5 $1$zMH.$Q1dmUHxzzmqiPBEYChblF1
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-2150811050
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2150811050
revocation-check none
rsakeypair TP-self-signed-2150811050
!
!
crypto pki certificate chain TP-self-signed-2150811050
certificate self-signed 01
  3082025A 308201C3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32313530 38313130 3530301E 170D3032 30333031 30303132
  31345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 31353038
  31313035 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100E7DE FD8BDA4A A2EC8CB9 DA1FE2A1 494FC789 891A9642 22EF4675 5D0AB39A
  089F0827 688C60D8 B5686FFB A7A28C46 26641E62 8156B3D2 B7613ED5 25FAA3F9
  4BA30094 AADB2F38 5A81BB20 C261481C 08E7056B 0D8F19B7 11E763DF 0D752805
  43080A7D 530105E9 50C73246 F9AB7A36 7DC8E7CA 241A2142 C5C68D49 D42DDD3B
  AC670203 010001A3 8181307F 300F0603 551D1301 01FF0405 30030101 FF302C06
  03551D11 04253023 82216272 2D6F6666 6963652D 72742E70 6C617466 6F726D70
  656F706C 652E636F 2E756B30 1F060355 1D230418 30168014 2EEFE865 07FCD744
  1A120E48 240B3589 D94A3091 301D0603 551D0E04 1604142E EFE86507 FCD7441A
  120E4824 0B3589D9 4A309130 0D06092A 864886F7 0D010104 05000381 81000960
  0DC5BB61 8C291FCF A17BF7B6 9B2D9200 ED22012B 065C464F 1D9DC743 BA72D555
  11252CDB DB25F710 2966E1C5 3FE31E0D 04F2E6EB BB16507C DC5E3A6D 71A182D3
  1B28A869 D38EA958 5989094F DFA47BED ADDB409A 5DFB092D 223E37E3 067EEB64
  BAD888D7 77EB4C97 5B6CEDCE 804F7523 0F8A5F42 C0DB687C C504BC28 DCEE
   quit
dot11 syslog
!
dot11 ssid platformpeople
vlan 1
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 0 xxxxxxxxxx
!
ip source-route
ip dhcp excluded-address 10.10.10.1 10.10.10.49
ip dhcp excluded-address 10.10.10.151 10.10.10.254
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ppLAN
   import all
   network 10.10.10.0 255.255.255.0
   domain-name platformpeople.com
   dns-server 10.10.10.10
   default-router 10.10.10.1
   lease infinite
!
!
ip cef
ip domain name platformpeople.co.uk
ip name-server 10.10.10.10
!
!
parameter-map type protocol-info yahoo-servers
server name scs.msg.yahoo.com
server name scsa.msg.yahoo.com
server name scsb.msg.yahoo.com
server name scsc.msg.yahoo.com
server name scsd.msg.yahoo.com
server name cs16.msg.dcn.yahoo.com
server name cs19.msg.dcn.yahoo.com
server name cs42.msg.dcn.yahoo.com
server name cs53.msg.dcn.yahoo.com
server name cs54.msg.dcn.yahoo.com
server name ads1.vip.scd.yahoo.com
server name radio1.launch.vip.dal.yahoo.com
server name in1.msg.vip.re2.yahoo.com
server name data1.my.vip.sc5.yahoo.com
server name address1.pim.vip.mud.yahoo.com
server name edit.messenger.yahoo.com
server name messenger.yahoo.com
server name http.pager.yahoo.com
server name privacy.yahoo.com
server name csa.yahoo.com
server name csb.yahoo.com
server name csc.yahoo.com

parameter-map type protocol-info aol-servers
server name login.oscar.aol.com
server name toc.oscar.aol.com
server name oam-d09a.blue.aol.com

parameter-map type protocol-info msn-servers
server name messenger.hotmail.com
server name gateway.messenger.hotmail.com
server name webmessenger.msn.com

!
!
username fsradmin privilege 15 secret 5 $1$b8A8$vH.Zbqif3cV3UISJe1X.M1
!
!
!
archive
log config
  hidekeys
!
!
!
class-map type inspect imap match-any ccp-app-imap
match  invalid-command
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp extended
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect msnmsgr match-any ccp-app-msn-otherservices
match  service any
class-map type inspect ymsgr match-any ccp-app-yahoo-otherservices
match  service any
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-any ccp-cls-protocol-im
match protocol ymsgr yahoo-servers
match protocol msnmsgr msn-servers
match protocol aol aol-servers
class-map type inspect aol match-any ccp-app-aol-otherservices
match  service any
class-map type inspect match-all ccp-protocol-pop3
match protocol pop3
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect pop3 match-any ccp-app-pop3
match  invalid-command
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect msnmsgr match-any ccp-app-msn
match  service text-chat
class-map type inspect ymsgr match-any ccp-app-yahoo
match  service text-chat
class-map type inspect match-all ccp-protocol-im
match class-map ccp-cls-protocol-im
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect http match-any ccp-app-httpmethods
match  request method bcopy
match  request method bdelete
match  request method bmove
match  request method bpropfind
match  request method bproppatch
match  request method connect
match  request method copy
match  request method delete
match  request method edit
match  request method getattribute
match  request method getattributenames
match  request method getproperties
match  request method index
match  request method lock
match  request method mkcol
match  request method mkdir
match  request method move
match  request method notify
match  request method options
match  request method poll
match  request method propfind
match  request method proppatch
match  request method put
match  request method revadd
match  request method revlabel
match  request method revlog
match  request method revnum
match  request method save
match  request method search
match  request method setattribute
match  request method startrev
match  request method stoprev
match  request method subscribe
match  request method trace
match  request method unedit
match  request method unlock
match  request method unsubscribe
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect http match-any ccp-http-blockparam
match  request port-misuse im
match  request port-misuse p2p
match  req-resp protocol-violation
class-map type inspect match-all ccp-protocol-imap
match protocol imap
class-map type inspect aol match-any ccp-app-aol
match  service text-chat
class-map type inspect http match-any ccp-http-allowparam
match  request port-misuse tunneling
class-map type inspect match-all ccp-protocol-http
match protocol http
!
!
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
  inspect
class class-default
  pass
policy-map type inspect im ccp-action-app-im
class type inspect aol ccp-app-aol
  log
  allow
class type inspect msnmsgr ccp-app-msn
  log
  allow
class type inspect ymsgr ccp-app-yahoo
  log
  allow
class type inspect aol ccp-app-aol-otherservices
  log
  reset
class type inspect msnmsgr ccp-app-msn-otherservices
  log
  reset
class type inspect ymsgr ccp-app-yahoo-otherservices
  log
  reset
policy-map type inspect http ccp-action-app-http
class type inspect http ccp-http-blockparam
  log
  reset
class type inspect http ccp-app-httpmethods
  log
  reset
class type inspect http ccp-http-allowparam
  log
  allow
policy-map type inspect imap ccp-action-imap
class type inspect imap ccp-app-imap
  log
policy-map type inspect pop3 ccp-action-pop3
class type inspect pop3 ccp-app-pop3
  log
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
  drop log
class type inspect ccp-protocol-http
  inspect
  service-policy http ccp-action-app-http
class type inspect ccp-protocol-imap
  inspect
  service-policy imap ccp-action-imap
class type inspect ccp-protocol-pop3
  inspect
  service-policy pop3 ccp-action-pop3
class type inspect ccp-protocol-im
  inspect
  service-policy im ccp-action-app-im
class type inspect ccp-insp-traffic
  inspect
class type inspect ccp-sip-inspect
  inspect
class type inspect ccp-h323-inspect
  inspect
class type inspect ccp-h323annexe-inspect
  inspect
class type inspect ccp-h225ras-inspect
  inspect
class type inspect ccp-h323nxg-inspect
  inspect
class type inspect ccp-skinny-inspect
  inspect
class class-default
  drop
policy-map type inspect ccp-permit
class class-default
  drop
!
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
description $ES_WAN$
pvc 0/38
  pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
ip helper-address 10.10.10.1
!
encryption vlan 1 mode ciphers aes-ccm tkip
!
broadcast-key vlan 1 change 30
!
!
ssid platformpeople
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
ip helper-address 10.10.10.1
no cdp enable
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
no ip address
ip helper-address 10.10.10.1
ip tcp adjust-mss 1452
bridge-group 1
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
zone-member security out-zone
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxx@xxxxxxxxx
ppp chap password 0 xxxxxxxx
ppp pap sent-username xxxxxxxx password xxxxxxxxx
interface BVI1
description $ES_LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip helper-address 10.10.10.1
ip nat inside
ip virtual-reassembly
zone-member security in-zone
ip tcp adjust-mss 1412
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
access-list 23 remark CCP_ACL Category=17
access-list 23 permit 10.10.0.0 0.0.255.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
dialer-list 1 protocol ip permit
no cdp run

!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip

banner login ^C
-----------------------------------------------------------------------
This Router is the Private Property of FSR Group LTD.

Unauthorised Access to this device and network is
Strictly forbidden. Any individual in breach of this, will be
liable for prosecution.
-----------------------------------------------------------------------

^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end

 
I'm un-sure now as to what the problem could be. Any help is greatly appreciated.

 
 
 
Thanks

 
 
 
Mike
mikeb99Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Randy DownsOWNERCommented:
0
rcearaCommented:
Start your pool from: 10.10.10.50 because you are excluding from 10.10.10.1 to 10.10.10.50
ip dhcp pool ppLAN
   import all
   network 10.10.10.0 255.255.255.0

Also, read this article:
http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/guide/1cfdhcp.html
http://www.cisco.com/en/US/docs/ios/12_0t/12_0t1/feature/guide/Easyip2.html

It is not too difficult.
0
mikeb99Author Commented:
Thanks Guys

I'll look at that and let you know.

0
vikrantambhoreCommented:
Please, edit your configuration as per below, you don't need to put IP Helper Address, Let me know if you need more help, I hope this will helpfull

interface Dot11Radio0
 no ip address
 ip nat inside
 ip virtual-reassembly
 !
 encryption vlan 1 mode ciphers tkip
 !
 ssid Coinopsolutions
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no cdp enable
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Vlan1
 description $ES_LAN$
 no ip address
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1412
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface BVI1
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mikeb99Author Commented:
Hi Vikran

Sorted it in the end, added bridge group 1 to the dot11radio sub interfaced.

Thanks for your help!


Mike
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.