Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco 871w bacis WLAN/LAN Configuration

Posted on 2012-03-28
1
Medium Priority
?
448 Views
Last Modified: 2012-11-14
Hi all,
If got a Cisco 871w that i want to get up and running but since i'am so green when it comes to IOS that even the Hulk gets envy I need your help.

If got a ISP router put in brigde mode and connected to the WAN port
if got a switch connected in FE0
Need a bacis WLAN setup
DHCP 10.0.0.1 to 10.0.100 with 10.0.0.0.1 to 10.0.0.10 excluded

Can anybody help with this tried google from here to every also the template but its just overkill with info, so if anybody can contribute with a small config for this it would be super super :) then i have a starting point and can start to play and learn

Cheers,
Anders
0
Comment
Question by:celzo76
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 2000 total points
ID: 37780255
Here is basic configuration of the WAP using a single hidden SSID and WPA2-PSK.

I have stipped out using WPA2-Enterprise, which requires a RADIUS Server such as Microsoft IAS or NPS to do the authentication. I strongly recommend using WPA2-Enterprise over using pre-shared keys, but WPA2-Enterprise requires a bit more infrastructure, and it doesn't fall under the category of "basic".

!
version 12.4
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname your-hostname
!
enable secret your-enable-secret
!
aaa new-model
!
!
!
aaa session-id common
clock timezone PST -8
clock summer-time PDT recurring
ip domain name yourdomain.com
!
!
dot11 syslog
!
dot11 ssid YOURSSID
   vlan
   authentication open
   authentication key-management wpa version 2
   wpa-psk ascii your-pre-shared-key
!
!
!
username admin privilege 15 secret yoursecretpassphrase
!
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption mode ciphers aes-ccm
 !
 encryption vlan 1 mode ciphers aes-ccm
 !
 ssid YOURSSID
 !
 !
 antenna gain 0
 speed  basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
 station-role root ap-only
 no dot11 extension aironet
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
!
interface GigabitEthernet0
 description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
 no ip address
 no ip route-cache
!
interface GigabitEthernet0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
!
interface BVI1
 ip address 10.0.0.3 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.0.0.1
no ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1

access-list 65 permit 10.0.0.0 0.0.0.255

bridge 1 protocol ieee
bridge 1 route ip
!
!

!
line con 0
 privilege level 15
 no activation-character
line vty 0 4
 access-class 65 in
 transport input ssh
!
sntp server your.ntp.server.ip

cns dhcp
end
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question