troubleshooting Question

Cisco Aironet 1240 Does Not Connect Any Client

Avatar of willie0-360
willie0-360 asked on
Wireless NetworkingNetworking Hardware-OtherNetwork Management
24 Comments1 Solution1091 ViewsLast Modified:
Hello Experts:

I am working on configuring a Cisco Aironet, but no client can connect to it.  I ran this command on the Cisco Aironet:

sh dot11 associations

I do not get anything as a response indicating that no client is connect to the wireless router.

================================================================
================================================================
Here is the configuration on the switch port where the router is connected to:

interface GigabitEthernet0/44
 switchport trunk native vlan 200
 switchport trunk allowed vlan 17,20,200
 switchport mode trunk




#sh int gi0/44 trunk

Port        Mode         Encapsulation  Status        Native vlan
Gi0/44      on           802.1q         other         200

Port        Vlans allowed on trunk
Gi0/44      17,20,200

Port        Vlans allowed and active in management domain
Gi0/44      17,20,200

Port        Vlans in spanning tree forwarding state and not pruned
Gi0/44      17,20,200



#sh int gi0/44 switch
Name: Gi0/44
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 200 (Management)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: 16,17,20,200
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none



==============================================================
==============================================================

Here is the configuration for the Cisco Aironet 1240

Building configuration...

Current configuration : 5916 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname WRouter
!
logging rate-limit console 9
enable secret 5 $1$.z/.$m2Ltnukl/4qeTvmYP4tsrg/
!
aaa new-model
!
!
aaa group server radius rad_eap
 server 172.16.16.134 auth-port 1645 acct-port 1646
!
aaa group server radius rad_mac
!
 aaa group server radius rad_acct
 server 172.16.16.134 auth-port 1645 acct-port 1646
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local none
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
clock timezone GMT -5
clock summer-time R recurring
ip domain name mydomain.com
ip name-server 172.16.16.135
ip name-server 172.16.16.134
 no ip dhcp use vrf connected
ip dhcp excluded-address 172.17.20.245 172.17.20.254
ip dhcp excluded-address 172.17.20.1 172.17.20.5
!
ip dhcp pool CompanyPubPool
   network 172.17.20.0 255.255.252.0
   default-router 172.17.20.1
   lease 0 0 45
!
!
dot11 syslog
dot11 vlan-name CompanyPubWLAN vlan 20
dot11 vlan-name Management vlan 200
dot11 vlan-name EmployeeVLAN vlan 17
!
dot11 ssid Company Employee
   vlan 17
   authentication open eap eap_methods
   authentication network-eap eap_methods
   authentication key-management wpa
   accounting acct_methods
   mbssid guest-mode
   information-element ssidl advertisement
 !
dot11 ssid Company Public
   vlan 20
   authentication open eap eap_methods
   authentication network-eap eap_methods
   authentication key-management wpa
   accounting acct_methods
   guest-mode
   mbssid guest-mode
   information-element ssidl advertisement
!
power inline negotiation prestandard source
!
!
username routeradmin privilege 15 password 7 1234569870
!
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
  !
 encryption vlan 17 mode ciphers tkip
 !
 encryption vlan 20 mode ciphers tkip
 !
 encryption mode ciphers tkip
 !
 broadcast-key vlan 17 change 1800 membership-termination capability-change
 !
 broadcast-key vlan 20 change 1800
 !
 !
 ssid Company Employee
 !
 ssid Company Public
 !
 antenna transmit right-a
 antenna receive right-a
 mbssid
 speed  1.0 2.0 basic-5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Dot11Radio0.17
  encapsulation dot1Q 17
 no ip route-cache
 bridge-group 17
 bridge-group 17 subscriber-loop-control
 bridge-group 17 block-unknown-source
 no bridge-group 17 source-learning
 no bridge-group 17 unicast-flooding
 bridge-group 17 spanning-disabled
!
interface Dot11Radio0.20
 encapsulation dot1Q 20
 no ip route-cache
 bridge-group 20
 bridge-group 20 subscriber-loop-control
 bridge-group 20 block-unknown-source
 no bridge-group 20 source-learning
 no bridge-group 20 unicast-flooding
 bridge-group 20 spanning-disabled
!
interface Dot11Radio0.200
 encapsulation dot1Q 200 native
 no ip route-cache
 bridge-group 1
  bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 shutdown
 !
 encryption vlan 17 mode ciphers tkip
 !
 encryption vlan 20 mode ciphers tkip
 !
 broadcast-key vlan 17 change 1800 membership-termination capability-change
 !
 broadcast-key vlan 20 change 1800
 !
 dfs band 3 block
 channel dfs
 station-role root
 bridge-group 1
  bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1.17
 encapsulation dot1Q 17
 no ip route-cache
 bridge-group 17
 bridge-group 17 subscriber-loop-control
 bridge-group 17 block-unknown-source
 no bridge-group 17 source-learning
 no bridge-group 17 unicast-flooding
 bridge-group 17 spanning-disabled
!
interface Dot11Radio1.20
 encapsulation dot1Q 20
 no ip route-cache
 bridge-group 20
 bridge-group 20 subscriber-loop-control
 bridge-group 20 block-unknown-source
 no bridge-group 20 source-learning
  no bridge-group 20 unicast-flooding
 bridge-group 20 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 hold-queue 160 in
!
interface FastEthernet0.17
 encapsulation dot1Q 17
 no ip route-cache
 bridge-group 17
 no bridge-group 17 source-learning
 bridge-group 17 spanning-disabled
!
interface FastEthernet0.20
 encapsulation dot1Q 20
 no ip route-cache
 bridge-group 20
 no bridge-group 20 source-learning
 bridge-group 20 spanning-disabled
 !
interface FastEthernet0.200
 encapsulation dot1Q 200 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface BVI1
 ip address 10.200.2.232 255.255.0.0
 no ip route-cache
!
ip default-gateway 10.200.2.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
access-list 111 permit tcp any any neq telnet
snmp-server community CompanyOne
radius-server attribute 32 include-in-access-req format %h
radius-server host 172.16.16.134 auth-port 1645 acct-port 1646 key 7 4J8453K85IAFDASF4DFAD
radius-server vsa send accounting
 radius-server vsa send authentication
bridge 1 route ip
!
!
line con 0
 logging synchronous
line vty 0 4
 transport input ssh
!
sntp server 54.12.298.222
sntp broadcast client
end



This is my first Cisco assignment ever.  Therefore, I am learning as I go.  Please help me figure out why clients cannot connect to this wireless router.  Also, I just found out the there is a Cisco 5510 firewall connected to one of the ports on the same switch than the wireless router.  Should I allowe the VLAN that the Cisco 5510 firewall is on to pass through the port that the wireless router is connect to?


Thanks.
--Willie
ASKER CERTIFIED SOLUTION
some one
Network Architect
Join our community to see this answer!
Unlock 1 Answer and 24 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 24 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros