Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2444
Views
0
Helpful
2
Replies

configuring 871W to bridge wired and wireless, with IPv4 NAT and IPv6 tunnel

matthhal
Level 1
Level 1

‎03-29-2013 12:37 AM - edited ‎03-03-2019 07:01 AM

Hi all,

I was trying to set up an ISR 871W to bridge the wireless and three wired ports, with IPv4 upstream through a DSL bridge, via DHCP and IPv6 upstream via 6in4 tunnel. The DSL bridge passes me the upstream IP with DHCP (2WIRE DMZ setup).

I got pretty close, but when I tried to configure the wired-wireless bridging things quit working for me. The router can ping things fine with IPv4 or IPv6, but the devices in the LAN can only ping the router IP and are incapable of getting to anything else besides that, including traceroute, no hops possible.

Can anybody spot what I must have missed? I'm not as familiar with the ISR products yet.

Matthew.

!

! Last configuration change at 06:36:31 UTC Fri Mar 29 2013

! NVRAM config last updated at 06:40:00 UTC Fri Mar 29 2013

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname c871w

!

boot-start-marker

boot-end-marker

!

enable secret 5 ...

enable password ...

!

no aaa new-model

ip subnet-zero

ip cef

!

!

ip dhcp excluded-address 192.168.0.1 192.168.0.10

!

ip dhcp pool inside

   network 192.168.0.0 255.255.255.0

   dns-server 8.8.8.8 8.8.4.4

   default-router 192.168.0.1

!

!

ip domain name ...

ip name-server 8.8.8.8

ip name-server 8.8.4.4

ip ips po max-events 100

ipv6 unicast-routing

no ftp-server write-enable

!

!

!

!

!

bridge irb

!

!

interface Tunnel0

no ip address

ipv6 address 2607:.../64

ipv6 mtu 1472

ipv6 virtual-reassembly

tunnel source BVI1

tunnel destination ...

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

dsl operating-mode auto

!

interface FastEthernet0

switchport access vlan 2

no ip address

!

interface FastEthernet1

no ip address

!

interface FastEthernet2

no ip address

!

interface FastEthernet3

no ip address

!

interface Dot11Radio0

no ip address

!

broadcast-key change 3600

!

broadcast-key vlan 1 change 600

!

!

encryption mode ciphers tkip

!

encryption vlan 1 mode ciphers tkip

!

ssid ...

    vlan 1

    authentication open

    authentication key-management wpa

    wpa-psk ascii 0 ...

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

no cdp enable

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

no ip address

ip nat inside

ip virtual-reassembly

bridge-group 1

!

interface Vlan2

ip address dhcp

!

interface BVI1

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ipv6 address 2607:...::1/64

!

ip classless

!

!

no ip http server

no ip http secure-server

ip nat inside source list 1 interface Vlan2 overload

!

access-list 1 permit 192.168.0.0 0.0.255.255

ipv6 route ::/0 Tunnel0

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

!

line con 0

no modem enable

transport preferred all

transport output all

speed 115200

line aux 0

transport preferred all

transport output all

line vty 0 4

password ...

login

transport preferred all

transport input all

transport output all

!

scheduler max-task-time 5000

ntp clock-period 17177913

ntp server 131.107.13.100

end

Labels:
0 Helpful
2 Replies 2

blau grana
Level 7
Level 7

‎03-29-2013 12:34 PM

Hello Matthew,

I do not see any static route for IPv4 traffic, do you obtain refault route via DHCP?

Can you ping internet from router?

#ping 8.8.8.8

Can you provide output of these command when you are trying access internet from PC.

#show ip int brief

#show ip route

#show ip nat translation

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
0 Helpful

matthhal
Level 1
Level 1
In response to blau grana

‎03-29-2013 04:34 PM

Pinging the upstream default GW and the upstream DNS works fine from IOS, but fails from nodes behind the NAT + Bridge. The setup does work without bridge enabled, but then you can't connect between the wired and wireless segments after that. I'll get the other outputs collected and post them also.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card