Wifi issue with asa 5506

Hello Experts,
I revently purchased an asa 5506w-x. I uploaded my configuration file from my ASA 5505 and all my wired PC's can surf the net.
I've configured the wireless on this device and able to connect and resolves addresses, but can't seem to surf the internet on the wifi.


Belklow is my running config

Result of the command: "show running-config"

: Saved

:

: Hardware:   ASA5506W, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
:
ASA Version 9.4(1)
!
hostname ciscoasa
enable password fiINUAb/RStNPcIj encrypted
names
ip local pool L2TP-Pool 192.168.100.1-192.168.100.10 mask 255.255.255.0
!
interface GigabitEthernet1/1
 nameif outside
 security-level 0
 ip address dhcp setroute
 ipv6 address autoconfig
!
interface GigabitEthernet1/2
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
!
interface GigabitEthernet1/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/4
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/5
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/6
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/7
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/8
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/9
 nameif wifi
 security-level 100
 ip address 192.168.10.1 255.255.255.0
!
interface Management1/1
 management-only
 no nameif
 no security-level
 no ip address
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns domain-lookup wifi
dns server-group DefaultDNS
 name-server 192.168.1.8
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
 subnet 0.0.0.0 0.0.0.0
object network Torrents
 host 192.168.1.18
object network cosmos
 host 192.168.1.18
object network united
 host 192.168.1.8
object network HTTP
 host 192.168.1.8
object network torr_udp
 host 192.168.1.18
object network webserver
 host 192.168.1.8
object network Internal-Subnet
 subnet 192.168.1.0 255.255.255.0
object network L2TP-Subnet
 subnet 192.168.100.0 255.255.255.248
object network VPN_Pool
 subnet 192.168.100.0 255.255.255.0
object network RDP
 host 192.168.1.8
object network remote_access
 host 192.168.1.8
object network firewall
 host 192.168.1.1
object network wifigw
 host 192.168.10.1
object-group service DM_INLINE_SERVICE_1
 service-object tcp destination eq 50555
 service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_2
 service-object tcp destination eq 50555
 service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_3
 service-object tcp destination eq domain
 service-object udp destination eq domain
object-group service DM_INLINE_SERVICE_4
 service-object ip
 service-object udp
 service-object tcp
 service-object udp destination eq netbios-dgm
 service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_5
 service-object ip
 service-object udp
 service-object tcp
 service-object udp destination eq netbios-dgm
 service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_6
 service-object tcp destination eq domain
 service-object udp destination eq domain
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any object cosmos
access-list outside_access_in extended permit tcp any object united eq www
access-list Split-Tunnel-ACL standard permit 192.168.1.0 255.255.255.0
access-list Split-Tunnel standard permit 192.168.1.0 255.255.255.0
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_3 any any
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_4 any any
access-list inbound extended permit icmp any any time-exceeded inactive
access-list inbound extended permit icmp any any unreachable inactive
access-list inbound extended permit object-group DM_INLINE_SERVICE_2 any any
access-list inbound extended permit tcp any any eq www
access-list inbound extended permit tcp any any eq 3389 inactive
access-list inbound extended permit tcp any any eq pptp
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_6 any any
access-list wifi_access_in extended permit icmp any any
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_5 any any
pager lines 24
logging enable
logging buffer-size 8192
logging asdm-buffer-size 500
logging asdm warnings
mtu outside 1500
mtu inside 1500
mtu wifi 1500
ip verify reverse-path interface outside
no failover
no monitor-interface service-module
icmp unreachable rate-limit 1 burst-size 1
icmp deny any outside
asdm image disk0:/asdm-743.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
!
object network obj_any
 nat (inside,outside) dynamic interface
object network Torrents
 nat (any,outside) static interface service tcp 50555 50555
object network torr_udp
 nat (any,outside) static interface service udp 50555 50555
object network webserver
 nat (any,outside) static interface service tcp www www
object network remote_access
 nat (any,outside) static interface service tcp pptp pptp
object network wifigw
 nat (any,outside) static interface
access-group inbound in interface outside
access-group inside_access_in in interface inside
access-group wifi_access_in in interface wifi
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
user-identity default-domain LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http server idle-timeout 1440
http 192.168.1.0 255.255.255.0 inside
http 192.168.10.0 255.255.255.0 wifi
no snmp-server location
no snmp-server contact
service sw-reset-button
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set mode transport
crypto ipsec ikev1 transform-set trans1 esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set trans1 mode transport
crypto ipsec ikev1 transform-set trans2 esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set trans2 mode transport
crypto ipsec ikev2 ipsec-proposal L2TP-IKE1-Transform-Set
 protocol esp encryption aes
 protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans1
 protocol esp encryption 3des
 protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans2
 protocol esp encryption aes-256
 protocol esp integrity sha-1
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map L2TP-MAP 10 set ikev1 transform-set L2TP-IKE1-Transform-Set
crypto dynamic-map L2TP-MAP 10 set ikev2 ipsec-proposal trans2 trans1 L2TP-IKE1-Transform-Set
crypto map L2TP-VPN-MAP 20 ipsec-isakmp dynamic L2TP-MAP
crypto map L2TP-VPN-MAP interface outside
crypto ca trustpoint ASDM_Launcher_Access_TrustPoint_0
 enrollment self
 subject-name CN=192.168.1.1,CN=ciscoasa
 crl configure
crypto ca trustpool policy
crypto ikev2 policy 1
 encryption 3des
 integrity sha
 group 1
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 2
 encryption 3des
 integrity sha
 group 1
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 5
 encryption 3des
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 6
 encryption 3des
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 10
 encryption aes-192
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 11
 encryption aes-192
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 policy 1
 authentication pre-share
 encryption 3des
 hash sha
 group 1
 lifetime 86400
crypto ikev1 policy 5
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 10
 authentication pre-share
 encryption aes-192
 hash sha
 group 2
 lifetime 86400
telnet timeout 1440
no ssh stricthostkeycheck
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 60
ssh key-exchange group dh-group1-sha1
console timeout 0
no ipv6-vpn-addr-assign aaa
no ipv6-vpn-addr-assign local
dhcp-client client-id interface outside
dhcpd auto_config outside
!
dhcpd address 192.168.1.50-192.168.1.132 inside
dhcpd dns 192.168.1.8 interface inside
!
dhcpd address 192.168.10.2-192.168.10.254 wifi
dhcpd dns 192.168.1.8 interface wifi
dhcpd wins 192.168.1.8 interface wifi
dhcpd domain zone.wifi interface wifi
dhcpd update dns both interface wifi
dhcpd enable wifi
!
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address 192.168.1.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 192.168.10.0 255.255.255.0
threat-detection statistics host number-of-rate 3
threat-detection statistics port number-of-rate 3
threat-detection statistics protocol number-of-rate 3
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter updater-client enable
dynamic-filter use-database
dynamic-filter enable interface outside
dynamic-filter enable interface inside
ntp server 174.142.10.100 source outside
ssl cipher default custom "AES256-SHA:AES128-SHA:DES-CBC3-SHA"
ssl cipher tlsv1 custom "AES256-SHA:AES128-SHA:DES-CBC3-SHA"
ssl cipher dtlsv1 custom "AES256-SHA:AES128-SHA:DES-CBC3-SHA"
webvpn
 anyconnect-essentials
 error-recovery disable
group-policy L2TP-Policy internal
group-policy L2TP-Policy attributes
 wins-server value 192.168.1.8
 dns-server value 192.168.1.8
 vpn-tunnel-protocol l2tp-ipsec
 split-tunnel-policy tunnelall
 default-domain value infonp.lan
 split-tunnel-all-dns enable
 intercept-dhcp enable
dynamic-access-policy-record DfltAccessPolicy
username admin password DeoU7lerQZQu8xfL encrypted privilege 15
username vpnhome password Y2ZpF9MLWp6NvGyb3Ky+AA== nt-encrypted
username vpnhome attributes
 vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
tunnel-group DefaultRAGroup general-attributes
 address-pool L2TP-Pool
 default-group-policy L2TP-Policy
tunnel-group DefaultRAGroup ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
 no authentication chap
 authentication ms-chap-v2
!
class-map global-class
 match any
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect pptp
  inspect icmp
 class global-class
  sfr fail-open
 class class-default
  set connection decrement-ttl
  user-statistics accounting
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
hpm topN enable
Cryptochecksum:7f67c6c132d774c1a8e926fb69178b8a
: end
LVL 2
Neil PreeperAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Trent SmithCommented:
I think I found it.

object network obj_any
 nat (inside,outside) dynamic interface

You need to say that wifi can get to outside also.  you do have the

object network wifigw
 nat (any,outside) dynamic interface

But you don't have wifi port getting outside.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Neil PreeperAuthor Commented:
thats what i thouoght, i had that befor. i added the same line here is the current running config now but still can't surf. I do have access to my serves on the 192.168.1.x subnet

Result of the command: "show running-config"

: Saved

:
: Hardware:   ASA5506W, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
:
ASA Version 9.4(1)
!
hostname ciscoasa
enable password fiINUAb/RStNPcIj encrypted
names
ip local pool L2TP-Pool 192.168.100.1-192.168.100.10 mask 255.255.255.0
!
interface GigabitEthernet1/1
 nameif outside
 security-level 0
 ip address dhcp setroute
 ipv6 address autoconfig
!
interface GigabitEthernet1/2
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
!
interface GigabitEthernet1/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/4
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/5
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/6
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/7
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/8
 shutdown
 no nameif
 no security-level
 no ip address
!
interface GigabitEthernet1/9
 nameif wifi
 security-level 100
 ip address 192.168.10.1 255.255.255.0
!
interface Management1/1
 management-only
 no nameif
 no security-level
 no ip address
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup outside
dns domain-lookup inside
dns domain-lookup wifi
dns server-group DefaultDNS
 name-server 192.168.1.8
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
 subnet 0.0.0.0 0.0.0.0
object network Torrents
 host 192.168.1.18
object network cosmos
 host 192.168.1.18
object network united
 host 192.168.1.8
object network HTTP
 host 192.168.1.8
object network torr_udp
 host 192.168.1.18
object network webserver
 host 192.168.1.8
object network Internal-Subnet
 subnet 192.168.1.0 255.255.255.0
object network L2TP-Subnet
 subnet 192.168.100.0 255.255.255.248
object network VPN_Pool
 subnet 192.168.100.0 255.255.255.0
object network RDP
 host 192.168.1.8
object network remote_access
 host 192.168.1.8
object network firewall
 host 192.168.1.1
object network wifigw
 host 192.168.10.1
object network nat_wifi
 subnet 0.0.0.0 255.255.255.0
object-group service DM_INLINE_SERVICE_1
 service-object tcp destination eq 50555
 service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_2
 service-object tcp destination eq 50555
 service-object udp destination eq 50555
object-group service DM_INLINE_SERVICE_3
 service-object tcp destination eq domain
 service-object udp destination eq domain
object-group service DM_INLINE_SERVICE_4
 service-object ip
 service-object udp
 service-object tcp
 service-object udp destination eq netbios-dgm
 service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_5
 service-object ip
 service-object udp
 service-object tcp
 service-object udp destination eq netbios-dgm
 service-object udp destination eq netbios-ns
object-group service DM_INLINE_SERVICE_6
 service-object tcp destination eq domain
 service-object udp destination eq domain
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any object cosmos
access-list outside_access_in extended permit tcp any object united eq www
access-list Split-Tunnel-ACL standard permit 192.168.1.0 255.255.255.0
access-list Split-Tunnel standard permit 192.168.1.0 255.255.255.0
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_3 any any
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_4 any any
access-list inbound extended permit icmp any any time-exceeded inactive
access-list inbound extended permit icmp any any unreachable inactive
access-list inbound extended permit object-group DM_INLINE_SERVICE_2 any any
access-list inbound extended permit tcp any any eq www
access-list inbound extended permit tcp any any eq 3389 inactive
access-list inbound extended permit tcp any any eq pptp
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_6 any any
access-list wifi_access_in extended permit icmp any any
access-list wifi_access_in extended permit object-group DM_INLINE_SERVICE_5 any any
pager lines 24
logging enable
logging buffer-size 8192
logging asdm-buffer-size 500
logging asdm warnings
mtu outside 1500
mtu inside 1500
mtu wifi 1500
ip verify reverse-path interface outside
no failover
no monitor-interface service-module
icmp unreachable rate-limit 1 burst-size 1
icmp deny any outside
asdm image disk0:/asdm-743.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
!
object network obj_any
 nat (inside,outside) dynamic interface
object network Torrents
 nat (any,outside) static interface service tcp 50555 50555
object network torr_udp
 nat (any,outside) static interface service udp 50555 50555
object network webserver
 nat (any,outside) static interface service tcp www www
object network remote_access
 nat (any,outside) static interface service tcp pptp pptp
object network nat_wifi
 nat (wifi,outside) dynamic interface
access-group inbound in interface outside
access-group inside_access_in in interface inside
access-group wifi_access_in in interface wifi
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
user-identity default-domain LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http server idle-timeout 1440
http 192.168.1.0 255.255.255.0 inside
http 192.168.10.0 255.255.255.0 wifi
no snmp-server location
no snmp-server contact
service sw-reset-button
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set mode transport
crypto ipsec ikev1 transform-set trans1 esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set trans1 mode transport
crypto ipsec ikev1 transform-set trans2 esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set trans2 mode transport
crypto ipsec ikev2 ipsec-proposal L2TP-IKE1-Transform-Set
 protocol esp encryption aes
 protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans1
 protocol esp encryption 3des
 protocol esp integrity sha-1
crypto ipsec ikev2 ipsec-proposal trans2
 protocol esp encryption aes-256
 protocol esp integrity sha-1
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map L2TP-MAP 10 set ikev1 transform-set L2TP-IKE1-Transform-Set
crypto dynamic-map L2TP-MAP 10 set ikev2 ipsec-proposal trans2 trans1 L2TP-IKE1-Transform-Set
crypto map L2TP-VPN-MAP 20 ipsec-isakmp dynamic L2TP-MAP
crypto map L2TP-VPN-MAP interface outside
crypto ca trustpoint ASDM_Launcher_Access_TrustPoint_0
 enrollment self
 subject-name CN=192.168.1.1,CN=ciscoasa
 crl configure
crypto ca trustpool policy
crypto ikev2 policy 1
 encryption 3des
 integrity sha
 group 1
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 2
 encryption 3des
 integrity sha
 group 1
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 5
 encryption 3des
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 6
 encryption 3des
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 10
 encryption aes-192
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 policy 11
 encryption aes-192
 integrity sha
 group 2
 prf sha
 lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 policy 1
 authentication pre-share
 encryption 3des
 hash sha
 group 1
 lifetime 86400
crypto ikev1 policy 5
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto ikev1 policy 10
 authentication pre-share
 encryption aes-192
 hash sha
 group 2
 lifetime 86400
telnet timeout 1440
no ssh stricthostkeycheck
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 60
ssh key-exchange group dh-group1-sha1
console timeout 0
no ipv6-vpn-addr-assign aaa
no ipv6-vpn-addr-assign local
dhcp-client client-id interface outside
dhcpd auto_config outside
!
dhcpd address 192.168.1.50-192.168.1.132 inside
dhcpd dns 192.168.1.8 interface inside
!
dhcpd address 192.168.10.2-192.168.10.254 wifi
dhcpd dns 192.168.1.8 interface wifi
dhcpd wins 192.168.1.8 interface wifi
dhcpd domain zone.wifi interface wifi
dhcpd update dns both interface wifi
dhcpd enable wifi
!
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address 192.168.1.0 255.255.255.0
threat-detection scanning-threat shun except ip-address 192.168.10.0 255.255.255.0
threat-detection statistics host number-of-rate 3
threat-detection statistics port number-of-rate 3
threat-detection statistics protocol number-of-rate 3
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
dynamic-filter updater-client enable
dynamic-filter use-database
dynamic-filter enable interface outside
dynamic-filter enable interface inside
ntp server 174.142.10.100 source outside
ssl cipher default custom "AES256-SHA:AES128-SHA:DES-CBC3-SHA"
ssl cipher tlsv1 custom "AES256-SHA:AES128-SHA:DES-CBC3-SHA"
ssl cipher dtlsv1 custom "AES256-SHA:AES128-SHA:DES-CBC3-SHA"
webvpn
 anyconnect-essentials
 error-recovery disable
group-policy L2TP-Policy internal
group-policy L2TP-Policy attributes
 wins-server value 192.168.1.8
 dns-server value 192.168.1.8
 vpn-tunnel-protocol l2tp-ipsec
 split-tunnel-policy tunnelall
 default-domain value infonp.lan
 split-tunnel-all-dns enable
 intercept-dhcp enable
dynamic-access-policy-record DfltAccessPolicy
username admin password DeoU7lerQZQu8xfL encrypted privilege 15
username vpnhome password Y2ZpF9MLWp6NvGyb3Ky+AA== nt-encrypted
username vpnhome attributes
 vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
tunnel-group DefaultRAGroup general-attributes
 address-pool L2TP-Pool
 default-group-policy L2TP-Policy
tunnel-group DefaultRAGroup ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
 no authentication chap
 authentication ms-chap-v2
!
class-map global-class
 match any
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect pptp
  inspect icmp
 class global-class
  sfr fail-open
 class class-default
  set connection decrement-ttl
  user-statistics accounting
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
hpm topN enable
Cryptochecksum:b5cc8697ef474d39e493d0fae84d6b4b
: end
0
Neil PreeperAuthor Commented:
i added this line instead

object network obj_any
 nat (any,outside) dynamic interface

everything works thanks for the push in the right direction...had a brain fart moment ....
0
Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

Trent SmithCommented:
Are you able to access your wired network from within the wireless network?
0
Neil PreeperAuthor Commented:
no, I cannot access file systems on computers on the wifi network,
0
Trent SmithCommented:
Set a policy to allow traffic between the wifi and inside networks.  This should make it so you will be able to get to your internal network.  Let's work on the wifi connecting to inside network first so that we can get that portion up first.
0
Neil PreeperAuthor Commented:
Hi trent,

thanks for the info. I will have to test this some other time as I think i have broken my wireless AP by trying to do an update to the firmware. I am going to submit a new question soon with the issues that i am now having. I can't seem to find any resources on how to replace or factory default the integrated AP on these devices.
0
Trent SmithCommented:
What type of AP do you have?  Make and model please.  Don't open a new question let's just add it to this one.
0
Neil PreeperAuthor Commented:
its the one built into the ASA 5506w-x. it would seem that its similar to the 702i.

this is my issue:

i downloaded a file from the cisco website ap1g1-k9w8-tar.153-3.JBB1.tar and used the upgrade feature of the WIFI controller to update the software. Since then, i cannot access the http managment on 192.168.10.2. I've tried running the command hw-module module wlan recover configuration. this use to work befor, but since the upgrade it has not.

I've tried resetting the asa to factory defaults.

when i access the wlan session i get the following

*Mar  2 20:49:20.539: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Mar  2 20:49:23.743: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.10.34, mask 255.255.255.0, hostname AP547c.69db.e302

Translating "CISCO-CAPWAP-CONTROLLER.home"...domain server (192.168.2.1)

Not in Bound state.


Any suggestion ?
0
Trent SmithCommented:
How are you physically connecting to the switch?
0
Neil PreeperAuthor Commented:
I'm connected on a layer 2 switch to port 1/2 I have 8 ports behind on my asa but the 1/9 is internal which is where the wirless is. The ports on this model is layers 3 switch
switch.jpg
0
Trent SmithCommented:
Can you console cable into the device?  Since you reset it to factory defaults that may be the easiest way to get in.
0
Neil PreeperAuthor Commented:
the only console is the ASA. from there i do the following :
To access the wireless access point console, perform the following steps.

Step 1 From the ASA CLI, session to the access point:

session wlan console
 
ciscoasa# session wlan console
opening console session with module wlan
connected to module wlan. Escape character sequence is ‘CTRL-^X’
 
ap>
0
Trent SmithCommented:
Can you post the config for the device?
0
Neil PreeperAuthor Commented:
AP547c.69db.e302#show configuration
startup-config is not present
AP547c.69db.e302#
0
Neil PreeperAuthor Commented:
show run gives me the following


AP547c.69db.e302#show run
Building configuration...

Current configuration : 20767 bytes
!
! Last configuration change at 21:39:14 UTC Tue Mar 2 1993 by Cisco
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP547c.69db.e302
!
!
logging rate-limit console 9
enable secret 5 $1$7vks$4jfJi/bvncWDT6BJrAb3t0
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
aaa session-id common
no ip routing
no ip cef
!
!
!
!
power inline negotiation prestandard source
eap profile lwapp_eap_profile
 method fast
!
!
crypto pki trustpoint cisco-m2-root-cert
 revocation-check none
 rsakeypair Cisco_IOS_M2_MIC_Keys
!
crypto pki trustpoint Cisco_IOS_M2_MIC_cert
 revocation-check none
 rsakeypair Cisco_IOS_M2_MIC_Keys
!
crypto pki trustpoint airespace-old-root-cert
 --More--
Not in Bo revocation-check none
 rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-device-root-cert
 revocation-check none
 rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint Cisco_IOS_MIC_cert
 revocation-check none
 rsakeypair Cisco_IOS_MIC_Keys
!
!
crypto pki certificate chain cisco-m2-root-cert
 certificate ca 01
  30820313 308201FB A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
  2B310E30 0C060355 040A1305 43697363 6F311930 17060355 04031310 43697363
  6F20526F 6F742043 41204D32 301E170D 31323131 31323133 30303138 5A170D33
  37313131 32313330 3031385A 302B310E 300C0603 55040A13 05436973 636F3119
  30170603 55040313 10436973 636F2052 6F6F7420 4341204D 32308201 22300D06
  092A8648 86F70D01 01010500 0382010F 00308201 0A028201 0100D806 2521134F
  8D3A757C E93DC874 413B4DA0 65F9C2BF 9484EF6B 0B7187D4 58C26032 2CBACCBA
  BB6334DB B312426A 798586B3 E87FC992 8BE3A737 45D39483 686520DB 8AD44341
  DFCA4CD4 D710CD68 2795724E 744A54F5 DA71E9A5 AF4D0CB1 6C31FB0C DE73829A
  50095E0E E335BEBA 4EC2CAE0 6EC8842D 8AB3EE92 EC0482E4 C76E4D18 B5E964CB
  6486D2F0 B8E15916 3AA62648 05EE6329 1E1583EF 1E79C182 0029D456 8F0A6DC2
  C858392D 63B87180 3AE1DCEB B3135222 05514700 88876DED D13CD7B8 DA857924
  C62A5D1D F2834D81 1FA7CDD4 198EAB69 40E6FB07 0AF28E65 3E6DE53D C132EE06
  262DECBB 1EB14562 512BF059 1731721A CC0074C3 0CBB84CA 73AD0203 010001A3
  42304030 0E060355 1D0F0101 FF040403 0201063
*Mar  2 21:40:10.487: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.0 0F060355 1D130101 FF040530
  030101FF 301D0603 551D0E04 160414C9 00F91F8A 1FC266BD A5D26D65 0E222E34
  C305A030 0D06092A 864886F7 0D01010B 05000382 0101007A BE3C8D27 E8CDE492
  1CA68B30 6EC1D9D6 891AC3C0 9975F74E B582C895 2259B7A0 A8508E59 190B6F16
  D90FF219 274D504D DEF46D0C E6745C74 F1447F82 92BC5C5E E3B37E25 A38BB910
  3C6B5D5D 3E693BDC A85BEDA7 C2BAE8C2 F768CB28 8B707291 CF2C3FBA 75597333
  52198294 ED709ED2 67147631 1B26A6A9 F97E7B19 B6E2A752 A2D453EA 6F867833
  07C1DE7D DF15D03D 6CA225BC C732F049 7B6DF230 669BD914 5DB60FA5 6C5B926B
  86B41304 8763F57D 69AE2262 6C767292 9AF3055E 6633E597 20E00D79 346F311D
  585ECDE0 25C1C3A5 DD10DCCE 7E95F6DB 44A75DC6 7192CFA1 81FAF08D E9A6D992
  C3E4F0AD DB6CAFEE ADDA8B09 4AFBDA2A 9E981650 077F87
        quit
crypto pki certificate chain Cisco_IOS_M2_MIC_cert
 certificate 24B271C8000000226D6A
  3082046F 30820357 A0030201 02020A24 B271C800 0000226D 6A300D06 092A8648
  86F70D01 010B0500 3036310E 300C0603 55040A13 05436973 636F3124 30220603
  55040313 1B436973 636F204D 616E7566 61637475 72696E67 20434120 53484132
  301E170D 31353036 31363139 32353133 5A170D32 35303631 36313933 3531335A
  30818C31 0B300906 03550406 13025553 31133011 06035504 08130A43 616C6966
  6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365 31163014 06035504
  0A130D43 6973636F 20537973 74656D73 311B3019 06035504 03131241 50314731
  2D353437 63363964 62653330 32312030 1E06092A 864886F7 0D010901 16117375
  70706F72 74406369 73636F2E 636F6D30 82012230 0D06092A 864886F7 0D010101
  05000382 010F0030 82010A02 82010100 A59DAA13 A8BC2AB4 218E2578 C034DA5A
  C52227CF 6F147A7A FB5BDDDD 022837AE AD628B0D 07A1862F F681F3C7 AE24A9CC
  91533034 67AB4C4F FC6540B8 7021E5C7 D6BB0810 03B6D2E8 B37185BF 21BF7EC5
  12B2BF6A CDE7864B 18E9AA3F 5423DA56 C519859B 50C430BA 1CB90FEE 2CA1051F
  95AD1A07 55F0D193 8858D83D 5EBD4FED 6B9191E2 EE65F707 DADF27E7 6ED50FDE
  DEB1DFFA 8F9CDF9A 8D10F969 169DAC9B E612C7CC 62A31D19 F15C232D D91D0EDF
  32BCF44E 09FB1382 4E9A1AF5 EAB87334 75A0DD3D 601EC16F DE97907E 28750A39
  846C1AF7 524452C7 EF6C64D1 F99DA6D0 855750C6 7DFF72DC 205EE44F C8FF824A
  4BF364
*Mar  2 21:40:13.691: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.10.40, mask 255.255.255.C5 73BFDEFA 26CE4744 EA3B6CE7 02030100 01A38201 26308201 22300E06
  03551D0F 0101FF04 04030205 A0301D06 03551D0E 04160414 70D426D4 5BB51ADF
  E7E3F3B8 035CEC49 C23F3F3D 301F0603 551D2304 18301680 147AD779 95CABB48
  2BB85514 FDA3C00F BCA70F96 19304006 03551D1F 04393037 3035A033 A031862F
  68747470 3A2F2F77 77772E63 6973636F 2E636F6D 2F736563 75726974 792F706B
  692F6372 6C2F636D 6361322E 63726C30 4D06082B 06010505 07010104 41303F30
  3D06082B 06010505 07300286 31687474 703A2F2F 7777772E 63697360, hostname AP547c.69db.e302
3 6F2E636F
  6D2F7365 63757269 74792F70 6B692F63 65727473 2F636D63 61322E63 6572303F
  06092B06 01040182 37140204 321E3000 49005000 53004500 43004900 6E007400
  65007200 6D006500 64006900 61007400 65004F00 66006600 6C006900 6E006530
  0D06092A 864886F7 0D01010B 05000382 01010032 088F12DF 3E964FB0 07B8EE93
  53049587 02F3BABA 7EFD8513 DCD7A166 C32B6058 7AB62F58 13A33BDE 847948EB
  FBB7DB21 5A660AE2 6DDAF6D0 DA61606D 59B63845 E22E5D7C 7E408641 35529BC2
  799BA101 87A7A019 2204E15D C26B6E09 7DA24E90 75D62A13 7E77D65E DAA49604
  440DCDC5 DF059E6D 54C7F875 D8D2F4A0 3E1E2DD2 6F65C72C 5842FE94 EC5F7561
  2EC96B49 8AB21170 19D6ED65 1CCBBA1A 2FD1B7FF AEB8A19F 8EC7C59F 546EC330
  48910A7C B1C6DA46 F6C15A47 23F6D956 B50E2E97 D34299F5 65553631 442D9D29
  E75BD8C5 584DD4EC 3FE84FAF D199E460 40B363E7 2404161B 732089AF F8CCA68E
  FC902B82 E19A408A 481178AC E4FCE00B 2A2E57
        quit
 certificate ca 02
  30820465 3082034D A0030201 02020102 300D0609 2A864886 F70D0101 0B050030
  2B310E30 0C060355 040A1305 43697363 6F311930 17060355 04031310 43697363
  6F20526F 6F742043 41204D32 301E170D 31323131 31323133 35303538 5A170D33
  37313131 32313330 3031375A 3036310E 300C0603 55040A13 05436973 636F3124
  30220603 55040313 1B436973 636F204D 616E7566 61637475 72696E67 20434120
  53484132 30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A
  02820101 00F4364B 42023267 DE493DF2 153BC145 69E9094E 16B948B4 471EE82A
  5B7D8A5E 2DD51E65 DB80A3E4 B4A2DCD3 949C12D8 194C859B 5A72EF6F 5297E65B
  DC3B9D0A 3DCD54F7 7B23EE84 5FFAFFD4 C4755067 EF9CDBE4 27D5F84E A577E7C7
  9EE3E217 206EF870 C3251777 EF73A9FB DE7B21DA 16C8FBC3 F211D1D4 7246149D
  C924A060 D1449C2F 8242C257 AEF7C5EA FF23E502 A0611316 BB6B6FDF A9299903
  4BD9206D 5B05F599 63C66D49 E4F12A0D DE5B29D5 FB112569 B1EA4C33 1859FFB6
  A1BB3860 1E6520D4 DB6201F2 4444CFE9 3F17AFA4 ED0F4877 EB9E0E50 7716FB59
  9E06EFE3 72D96E30 AA697928 D5B6BA1F E6FB7EA5 B9028348 900008EC 2F4A9CCD
  3DF268D5 EF020301 0001A382 01873082 0183300E 0603551D 0F0101FF 04040302
  01063012 0603551D 130101FF 04083006 0101FF02 0100305C 0603551D 20045530
  53305106 0A2B0601 04010915 01120030 43304106 082B0601 05050702 01163568
  7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375 72697479 2F706B69
  2F706F6C 69636965 732F696E 6465782E 68746D6C 301D0603 551D0E04 1604147A
  D77995CA BB482BB8 5514FDA3 C00FBCA7 0F961930 41060355 1D1F043A 30383036
  A034A032 86306874 74703A2F 2F777777 2E636973 636F2E63 6F6D2F73 65637572
  6974792F 706B692F 63726C2F 63726361 6D322E63 726C307C 06082B06 01050507
  01010470 306E303E 06082B06 01050507 30028632 68747470 3A2F2F77 77772E63
  6973636F 2E636F6D 2F736563 75726974 792F706B 692F6365 7274732F 63726361
  6D322E63 6572302C 06082B06 01050507 30018620 68747470 733A2F2F 746F6F6C
  732E6369 73636F2E 636F6D2F 706B692F 6F637370 301F0603 551D2304 18301680
  14C900F9 1F8A1FC2 66BDA5D2 6D650E22 2E34C305 A0300D06 092A8648 86F70D01
  010B0500 03820101 00735936 AC7E984F 88EE171B 3DABB39B CDF70A6C DBCEC83B
  1A53B6AF E081C55E 69FF2717 E706652F 631008D8 7C77C516 F42AD1B5 24691F7D
  08D502D0 5BA135F2 9CB690B2 8FE38F8E 993AE6C8 17CCBA1E 8DE74C0B FB43A547
  92A48275 90A556EF 75CDB1D5 F4515843 327
Translating "CISCO-CAPWAP-CONTROLLER.home"...domain server (192.168.2.1)
18F0D 50801D1A E08B52E3 285D9A09
  77A03344 71BDEDAD 07B3AD0D FFF39EFF 212A8119 52C46CA1 CEBBC1FA CCE2E1C4
  0819D3C6 9ED68410 409A3092 2D086DDF 8B44B1A8 BED1302E 0F32CAA8 93206BDE
  ED514BDA C45AF19D EB2BDB65 C0A547DA 4A4528D0 1E377ADF 285AABD3 FC1E4747
  322A998B 32B4814C 165CC507 09098178 5FA14EFF 7D8A3AA7 3124520E 28654852
  3BC0BE2A 0EAA876E 73
        quit
crypto pki certificate chain airespace-old-root-cert
 certificate ca 00
  30820406 3082032F A0030201 02020100 300D0609 2A864886 F70D0101 04050030
  818F310B 30090603 55040613 02555331 13301106 03550408 130A4361 6C69666F
  726E6961 3111300F 06035504 07130853 616E204A 6F736531 16301406 0355040A
  130D6169 72657370 61636520 496E6331 0D300B06 0355040B 13046E6F 6E65310B
  30090603 55040313 02636131 24302206 092A8648 86F70D01 09011615 73757070
  6F727440 61697265 73706163 652E636F 6D301E17 0D303330 32313232 33333835
  355A170D 31323131 31313233 33383535 5A30818F 310B3009 06035504 06130255
  53311330 11060355 0408130A 43616C69 666F726E 69613111 300F0603 55040713
  0853616E 204A6F73 65311630 14060355 040A130D 61697265 73706163 6520496E
  63310D30 0B060355 040B1304 6E6F6E65 310B3009 06035504 03130263 61312430
  2206092A 864886F7 0D010901 16157375 70706F72 74406169 72657370 6163652E
  636F6D30 81DF300D 06092A86 4886F70D 01010105 000381CD 003081C9 0281C100
  DB9D3901 30059DD1 05CB2793 9B9907F8 1FF57FA9 24065BF7 1A5865F8 B9CFCCB3
  679354D4 69BAB847 1CA327AE EA006AAC 90479C9D C23B67DE FACC0D28 32C6103F
  A59C41E2 E8B4250B 4D2903EB 52629A99 D618B747 C4A94151 1AB995BB 14905404
  5F4A0B9F F387F346 D5F3A249 2AED1B6A 3DD639D8 4924366A 1234DD2D B13CD489
  7E2EA101 63BCCC82 2F7A6D0B 33AB5705 3C784A6D A3DD1E5B 96CF54C6 CF4D59BC
  1BFD6CB6 E72FCB29 88DCBE6D 4D76FB83 1FAF5683 E4E20822 00A9EB2E 3BEF0DF9
  02030100 01A381EF 3081EC30 1D060355 1D0E0416 04149457 DF7D1482 2D31BB28
  772E8996 1886DA46 84BA3081 BC060355 1D230481 B43081B1 80149457 DF7D1482
  2D31BB28 772E8996 1886DA46 84BAA181 95A48192 30818F31 0B300906 03550406
  13025553 31133011 06035504 08130A43 616C6966 6F726E69 61311130 0F060355
  04071308 53616E20 4A6F7365 31163014 06035504 0A130D61 69726573 70616365
  20496E63 310D300B 06035504 0B13046E 6F6E6531 0B300906 03550403 13026361
  31243022 06092A86 4886F70D 01090116 15737570 706F7274 40616972 65737061
  63652E63 6F6D8201 00300C06 03551D13 04053003 0101FF30 0D06092A 864886F7
  0D010104 05000381 C100AEB0 349DC0F9 2AAA3A57 75B3A79C 5421A9D0 15389261
  95C03479 04DA81D4 120F58FA E2299223 BEB54A90 6D70F7F7 2192EFAF A4B0F488
  604E3094 BBCC77A3 60A88129 0849B87B 5CA1AA17 21922A55 6B68E0D3 1ADC7264
  C4C4D6B2 33345C86 254E4988 096645CD 40F12761 8BC37E71 DAD91677 25322361
  71D87A16 F92AF7C1 51CB8892 443BC666 59BEA47B 985E8866 68A1EBD4 88BBF6E7
  A949FDF8 7711D518 A80E203D A12BEBDC 6963EDA7 B76079A3 22380C96 0CB8D324
  CADD949D EA39E0EF 033D
        quit
crypto pki certificate chain airespace-device-root-cert
 certificate ca 03
  3082047F 308203A8 A0030201 02020103 300D0609 2A864886 F70D0101 04050030
  81A6310B 30090603 55040613 02555331 13301106 03550408 130A4361 6C69666F
  726E6961 3111300F 06035504 07130853 616E204A 6F736531 17301506 0355040A
  130E4169 72657370 61636520 496E632E 31143012 06035504 0B130B45 6E67696E
  65657269 6E67311A 30180603 55040313 11416972 65737061 63652052 6F6F7420
  43413124 30220609 2A864886 F70D0109 01161573 7570706F 72744061 69726573
  70616365 2E636F6D 301E170D 30353034 32383232 33373133 5A170D31 35303132
  36323233 3731335A 3081A831 0B300906 03550406 13025553 31133011 06035504
  08130A43 616C6966 6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365
  31173015 06035504 0A130E41 69726573 70616365 20496E63 2E311430 12060355
  040B130B 456E6769 6E656572 696E6731 1C301A06 03550403 13134169 72657370
  61636520 44657669 63652043 41312430 2206092A 864886F7 0D010901 16157375
  70706F72 74406169 72657370 6163652E 636F6D30 81DF300D 06092A86 4886F70D
  01010105 000381CD 003081C9 0281C100 A93C0158 E7284E75 FF86A57A 886ACA37
  430BECF0 7582F56B DB6AC514 554FB06E AA327B3E CE3C9391 03C93BA4 0C0AF932
  A6CB5DA3 F1C3C528 53BF4E19 2C1BFC48 467EBD93 06B4974A 1273BF35 8AD8540F
  261E612B A2673B68 D239C87E 1E9E967B 2654D285 45BB7F78 5F4E9D4B 7B8001AA
  2F455CFF 4552ECDB 5667E3FC E7093E06 8FAE353D 4228B48D 8B415D9B F496342D
  C1459987 B69BFA4B 51FB67B4 A0C21E7F C6269A39 47EB1D48 5E83B129 8B079E5E
  1EDAB5A0 BE5E1DE0 109FF0BD 4750E32B 02030100 01A38201 37308201 33300C06
  03551D13 04053003 0101FF30 2E060960 86480186 F842010D 0421161F 41697265
  73706163 65204465 76696365 20434120 43657274 69666963 61746530 1D060355
  1D0E0416 04140A52 3BB12570 523B9CEA 747FB2AD 3D8F95EA 3FCC3081 D3060355
  1D230481 CB3081C8 8014538D 8360478D C20F8066 3232E9E1 7070552B 17EAA181
  ACA481A9 3081A631 0B300906 03550406 13025553 31133011 06035504 08130A43
  616C6966 6F726E69 61311130 0F060355 04071308 53616E20 4A6F7365 31173015
  06035504 0A130E41 69726573 70616365 20496E63 2E311430 12060355 040B130B
  456E6769 6E656572 696E6731 1A301806 03550403 13114169 72657370 61636520
  526F6F74 20434131 24302206 092A8648 86F70D01 09011615 73757070 6F727440
  61697265 73706163 652E636F 6D820100 300D0609 2A864886 F70D0101 04050003
  81C100A0 E8D59D9B DA9EED0C 96045DFE A37084EC 59B5C3D3 71694DB0 70664E0C
  8060D69E E366E81F 9F3CCF68 8AB0498E CCFA6CA7 2854F2D8 046690C9 8FEC84EF
  2F7F0F08 C90F719D C0F4C125 CED1B525 6DD93E51 777BD5E8 7F1DC79F CC502DC2
  0242C05D 1682DEE3 DF7541B8 C55B433C 10DFE2BF D2E802E7 D923329A 23A2076F
  86BCC048 D569B383 59AC8979 97F02C55 6F8FE318 754F605C 43CDA7C8 1847B085
  1DADF0D6 CD62C8DE A86E6E12 4A7CDCBF A6FCC7E1 852A1DB1 529D63B3 688305F6 7BD25F
        quit
crypto pki certificate chain Cisco_IOS_MIC_cert
 certificate 3AB3AB8E000000043294
  30820470 30820358 A0030201 02020A3A B3AB8E00 00000432 94300D06 092A8648
  86F70D01 01050500 30393116 30140603 55040A13 0D436973 636F2053 79737465
  6D73311F 301D0603 55040313 16436973 636F204D 616E7566 61637475 72696E67
  20434130 1E170D31 35303631 36313932 3230365A 170D3235 30363136 31393332
  30365A30 818C310B 30090603 55040613 02555331 13301106 03550408 130A4361
  6C69666F 726E6961 3111300F 06035504 07130853 616E204A 6F736531 16301406
  0355040A 130D4369 73636F20 53797374 656D7331 1B301906 03550403 13124150
  3147312D 35343763 36396462 65333032 3120301E 06092A86 4886F70D 01090116
  11737570 706F7274 40636973 636F2E63 6F6D3082 0122300D 06092A86 4886F70D
  01010105 00038201 0F003082 010A0282 010100B3 91217779 D32CCE22 5623B724
  396F3AAF 5DB79119 31618AE8 AF852B8C 3939199B 8CB594F4 FBA2CEE4 9A758068
  5BF986E3 ED15AF84 79D5713D 5290212A 7E738A1F 6CA946C9 0E7583FF 7B4C266F
  0EF78B3D 95C33B11 E2757847 4F8C0FB9 294EDC53 D737CA5D 81D499C0 3B8B3315
  F42AB6A3 87B3578F C21F6926 5E424B80 7F18C52B 2489123A 7758DC8E BFD8786E
  1DB5E289 7C99EB52 BB30BE40 5D657D50 6D7C2CAF 3D472EFA A5B95DCF 3E316374
  9704D365 BBEAC751 9D321C80 BBD2D1E3 8A875468 40D94EE2 9C892709 5E6090BA
  2449EBCE 002C62E5 3377040A B61C423E FF2E40BF C89216DC 9A1F78BF 28D23C86
  21F79136 067674A9 B163339F 81D2F449 CAB06F02 03010001 A3820124 30820120
  300E0603 551D0F01 01FF0404 030205A0 301D0603 551D0E04 1604147F 7815E069
  7A5CCFCA 9BC64762 77DCD6AF B880D230 1F060355 1D230418 30168014 D0C52226
  AB4F4660 ECAE0591 C7DC5AD1 B047F76C 303F0603 551D1F04 38303630 34A032A0
  30862E68 7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375 72697479
  2F706B69 2F63726C 2F636D63 612E6372 6C304C06 082B0601 05050701 01044030
  3E303C06 082B0601 05050730 02863068 7474703A 2F2F7777 772E6369 73636F2E
  636F6D2F 73656375 72697479 2F706B69 2F636572 74732F63 6D63612E 63657230
  3F06092B 06010401 82371402 04321E30 00490050 00530045 00430049 006E0074
  00650072 006D0065 00640069 00610074 0065004F 00660066 006C0069 006E0065
  300D0609 2A864886 F70D0101 05050003 82010100 4691B85D 59A0B082 846BB4B8
  C170ED90 0641D4E9 771A8A71 2E433B60 C3F726B3 8EE2F076 7836F649 AE937EF3
  1F582522 A44311A3 6DB9C45A 18A24B1B 08D3F25D 1D5BD5D3 A990AB53 76DFCB50
  4E63FEFD DF4EAC90 8F5D199E 98F2FFA7 2485F93E 4098DD56 89C4D0D5 2598A667
  EBEB835D E1752EA6 B95ECF60 5684A10E FDB33528 7F4131D1 1CD06E83 83F316BB
  0EC6F36B 3A1FFC18 0FF7880B 0E78B5CE E6D39AD4 AF99179D 0FEEF37E 699DF584
  7CBA03E2 3EEE897F 3FC61BE1 8B14215A 7DEC5FA9 0E1CEEAD 145707BD 45F198E0
  4BFA7142 F2D4EEF6 A0DCE7A8 6B4174E3 748BB106 FAEF8D9B F4108718 35C4F87F
  49A4D16A 49F619B3 D3FD580C 3AE5F193 0AFB0F7F
        quit
 certificate ca 6A6967B3000000000003
  308204D9 308203C1 A0030201 02020A6A 6967B300 00000000 03300D06 092A8648
  86F70D01 01050500 30353116 30140603 55040A13 0D436973 636F2053 79737465
  6D73311B 30190603 55040313 12436973 636F2052 6F6F7420 43412032 30343830
  1E170D30 35303631 30323231 3630315A 170D3239 30353134 32303235 34325A30
  39311630 14060355 040A130D 43697363 6F205379 7374656D 73311F30 1D060355
  04031316 43697363 6F204D61 6E756661 63747572 696E6720 43413082 0120300D
  06092A86 4886F70D 01010105 00038201 0D003082 01080282 010100A0 C5F7DC96
  943515F1 F4994EBB 9B41E17D DB791691 BBF354F2 414A9432 6262C923 F79AE7BB
  9B79E807 294E30F5 AE1BC521 5646B0F8 F4E68E81 B816CCA8 9B85D242 81DB7CCB
  94A91161 121C5CEA 33201C9A 16A77DDB 99066AE2 36AFECF8 0AFF9867 07F430EE
  A5F8881A AAE8C73C 1CCEEE48 FDCD5C37 F186939E 3D71757D 34EE4B14 A9C0297B
  0510EF87 9E693130 F548363F D8ABCE15 E2E8589F 3E627104 8726A415 620125AA
  D5DFC9C9 5BB8C9A1 077BBE68 92939320 A86CBD15 75D3445D 454BECA8 DA60C7D8
  C8D5C8ED 41E1F55F 578E5332 9349D5D9 0FF836AA 07C43241 C5A7AF1D 19FFF673
  99395A73 67621334 0D1F5E95 70526417 06EC535C 5CDB6AEA 35004102 0103A382
  01E73082 01E33012 0603551D 130101FF 04083006 0101FF02 0100301D 0603551D
  0E041604 14D0C522 26AB4F46 60ECAE05 91C7DC5A D1B047F7 6C300B06 03551D0F
  04040302 01863010 06092B06 01040182 37150104 03020100 30190609 2B060104
  01823714 02040C1E 0A005300 75006200 43004130 1F060355 1D230418 30168014
  27F3C815 1E6E9A02 0916AD2B A089605F DA7B2FAA 30430603 551D1F04 3C303A30
  38A036A0 34863268 7474703A 2F2F7777 772E6369 73636F2E 636F6D2F 73656375
  72697479 2F706B69 2F63726C 2F637263 61323034 382E6372 6C305006 082B0601
  05050701 01044430 42304006 082B0601 05050730 02863468 7474703A 2F2F7777
  772E6369 73636F2E 636F6D2F 73656375 72697479 2F706B69 2F636572 74732F63
  72636132 3034382E 63657230 5C060355 1D200455 30533051 060A2B06 01040109
  15010200 30433041 06082B06 01050507 02011635 68747470 3A2F2F77 77772E63
  6973636F 2E636F6D 2F736563 75726974 792F706B 692F706F 6C696369 65732F69
  6E646578 2E68746D 6C305E06 03551D25 04573055 06082B06 01050507 03010608
  2B060105 05070302 06082B06 01050507 03050608 2B060105 05070306 06082B06
  01050507 0307060A 2B060104 0182370A 0301060A 2B060104 01823714 02010609
  2B060104 01823715 06300D06 092A8648 86F70D01 01050500 03820101 0030F330
  2D8CF2CA 374A6499 24290AF2 86AA42D5 23E8A2EA 2B6F6923 7A828E1C 4C09CFA4
  4FAB842F 37E96560 D19AC6D8 F30BF5DE D027005C 6F1D91BD D14E5851 1DC9E3F7
  38E7D30B D168BE8E 22A54B06 E1E6A4AA 337D1A75 BA26F370 C66100A5 C379265B
  A719D193 8DAB9B10 11291FA1 82FDFD3C 4B6E65DC 934505E9 AF336B67 23070686
  22DAEBDC 87CF5921 421AE9CF 707588E0 243D5D7D 4E963880 97D56FF0 9B71D8BA
  6019A5B0 6186ADDD 6566F6B9 27A2EE2F 619BBAA1 3061FDBE AC3514F9 B82D9706
  AFC3EF6D CC3D3CEB 95E981D3 8A5EB6CE FA79A46B D7A25764 C43F4CC9 DBE882EC
  0166D410 88A256E5 3C57EDE9 02A84891 6307AB61 264B1A13 9FE4DCDA 5F
        quit
username Cisco secret 5 $1$oX64$i5/EIhkbmZYUaGGW5Bxrb.
!
!
ip ssh version 2
lldp run
bridge irb
!
!
!
interface Dot11Radio0
 no ip route-cache
 antenna gain 0
 mbssid
 power local 5
 power client local
 packet retries 64 drop-packet
 station-role root
 no cdp enable
!
interface Dot11Radio1
 no ip route-cache
 antenna gain 0
 peakdetect
 mbssid
 power local 4
 power client local
 packet retries 64 drop-packet
 station-role root
 no cdp enable
!
interface GigabitEthernet0
 no ip route-cache
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface BVI1
 mac-address 547c.69db.e302
 no ip address
 no ip route-cache
 ipv6 address dhcp
 ipv6 address autoconfig
 ipv6 enable
!
ip forward-protocol nd
no ip http server
!
logging trap emergencies
logging origin-id string AP:547c.69db.e302
logging facility kern
logging host 255.255.255.255
!
!
bridge 1 protocol ieee
bridge 1 route ip
parser view capwap-config-view
 secret 5 $1$7vks$4jfJi/bvncWDT6BJrAb3t0
 commands configure include all capwap
 commands exec include all enable
 commands exec include configure terminal
 commands exec include configure
 commands exec include all show capwap
 commands exec include show running-config
 commands exec include show
!
!
line con 0
line vty 0 4
 transport input none
line vty 5 198
 transport input none
!
end

AP547c.69db.e302#$
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.