07-06-2013 08:48 AM - edited 07-04-2021 12:21 AM
Thanks vinay sharma, my 1131 ap did get an ip via option 43 using your video to help. can you make a video connecting 4402 wlc to 3550 with a 1131 ap with the 3550 getting its internet from a linksys router connect to optimum ISP? I am having a problem with this setup. I have 3 vlans and on some I can access the internet via pc connect directly to port on 3550 and on other I have no connection. when I connect via ap I cannot access wlc via https.
07-06-2013 10:03 AM
Cisco3550#show run
Building configuration...
Current configuration : 4447 bytes
!
! No configuration change since last restart
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Cisco3550
!
enable secret 5 $1$uKpW$0IodtHgpYKIwl1i4XyT990
!
clock timezone EST -5
ip subnet-zero
ip routing
ip dhcp excluded-address 192.168.4.95 192.168.4.150
ip dhcp excluded-address 192.168.3.100 192.168.3.110
!
ip dhcp pool VLAN30_WIRELESS_MANAGEMENT
network 192.168.4.0 255.255.255.0
dns-server 4.2.2.1
option 43 hex f104.c0a8.0462
default-router 192.168.1.2
lease 8
!
ip dhcp pool WIRLESS_GUEST
network 192.168.3.0 255.255.255.0
default-router 192.168.3.100
dns-server 4.2.2.1
domain-name Cisco3550test.net
lease 30
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/8
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 1000
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport mode trunk
switchport nonegotiate
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 1000
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 10,20,30
switchport mode trunk
!
interface FastEthernet0/21
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 1000
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
description LINK_TO_LINKSYS_NETWORK
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 1,10,20,30
switchport mode trunk
!
interface GigabitEthernet0/2
switchport access vlan 1000
switchport mode access
shutdown
spanning-tree portfast
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
description Me Only
ip address 192.168.1.2 255.255.255.0
!
interface Vlan20
description Wireless Guest
ip address 192.168.3.100 255.255.255.0
!
interface Vlan30
description Management Ap
ip address 192.168.4.100 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.0
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
!
!
!
line con 0
password usa2004
logging synchronous
login
line vty 0 4
password usa2004
login
line vty 5 15
password usa2004
login
!
ntp clock-period 17180657
ntp server 64.90.182.55 prefer
ntp server 96.47.67.105 prefer
end
Controller config
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
-------------------------------- ---- -------- --------------- ------- ------ -----
ap-manager LAG 10 192.168.1.98 Static Yes No
management LAG 10 192.168.4.99 Static No No
service-port N/A N/A 0.0.0.0 Static No No
virtual N/A N/A 192.168.1.51 Static No No
(Cisco Controller) >
AP Config
InfiniteSys1#show run
Building configuration...
Current configuration : 17599 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname InfiniteSys1
!
logging rate-limit console 9
enable secret 5 $1$2Gp.$F7jpqm4dn3LH5TwNi1EF/.
!
aaa new-model
!
!
aaa authentication login default local
!
aaa session-id common
power inline negotiation prestandard source
eap profile lwapp_eap_profile
method fast
!
!
crypto pki trustpoint Cisco_IOS_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint cisco-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-device-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-new-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-old-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
!
dot1x credentials lwapp_credentials
username admin
password 7 0523570829195E5A4A01
!
username admin secret 5 $1$H3a5$I5FdaTUW./6g.3Kjtmuvd.
!
!
ip ssh version 2
!
!
interface Dot11Radio0
no ip route-cache
mbssid
power client local
packet retries 64 drop-packet
!
interface Dot11Radio1
no ip route-cache
mbssid
power client local
packet retries 64 drop-packet
!
interface FastEthernet0
ip address dhcp client-id FastEthernet0
no ip route-cache
duplex auto
speed auto
dot1x pae supplicant
dot1x credentials lwapp_credentials
dot1x eap profile lwapp_eap_profile
!
no ip http server
logging trap errors
logging origin-id string AP:0021.d836.546a
logging facility kern
logging snmp-trap notifications
logging snmp-trap informational
logging snmp-trap debugging
logging 255.255.255.255
!
control-plane
!
!
line con 0
line vty 0 4
transport input all
line vty 5 15
transport input all
!
end
07-06-2013 11:02 AM
Fixed it
Needed to add a static route on the linksys to the vlans.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: