cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1098
Views
0
Helpful
0
Replies

1941W no internet access through wireless ap

Oswaldo30
Level 1
Level 1

I have a 1941W router that I've been configuring for a while now! From the router, I can ping internal and external ip addresses (e.g. 4.2.2.2). But any device connected through the wireless ap cannot ping anything.

My network is configured as follows (brief):

Copper over ethernet connected to Adtran 908e connected to ASA 5505 (port: 192.168.150.254) connected to 1941W (GiE0/0).

If anyone can help me with this configuration i would be very grateful.

Attached is my current config. Thanks

Sterling#sh run

Building configuration...

Current configuration : 2245 bytes

!

! Last configuration change at 16:03:06 UTC Tue Sep 6 2011

!

version 15.0

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Sterling

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

service-module wlan-ap 0 bootimage autonomous

!

no ipv6 cef

ip source-route

ip cef

!

!

ip dhcp excluded-address 192.168.150.1 192.168.150.10

ip dhcp excluded-address 192.168.151.1

ip dhcp excluded-address 192.168.150.1 192.168.150.254

!

ip dhcp pool LAN-POOL

   network 192.168.151.0 255.255.255.0

   default-router 192.168.151.1

   dns-server 4.2.2.2

   lease 7

!

ip dhcp pool Sterling

!

ip dhcp pool lan-pool

!

!

no ip domain lookup

multilink bundle-name authenticated

!

!

!

license udi pid CISCO1941W-A/K9 sn FTX140580W4

!

!

!

!

!

!

!

!

interface Wlan-GigabitEthernet0/0

description Internal switch interface connecting to the embedded AP

!

interface GigabitEthernet0/0

ip address dhcp

ip access-group to-lan in

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface wlan-ap0

description internal switch int connecting to the embedded ap

ip address 192.168.152.1 255.255.255.0

arp timeout 0

no mop enabled

no mop sysid

!

interface GigabitEthernet0/1

ip address 192.168.153.1 255.255.255.0

ip access-group from-lan in

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface Vlan1

ip address 192.168.151.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

ip nat inside source list NAT interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0

ip route 0.0.0.0 0.0.0.0 192.168.150.254

ip route 192.0.0.0 255.255.255.0 192.168.150.1

!

ip access-list extended nat-list

permit ip 192.0.0.0 0.255.255.255 any

permit icmp 192.0.0.0 0.255.255.255 any

permit icmp any any

permit ip any any

!

!

!

!

control-plane

!

banner motd ^CNo Unauthorized Personel Allowed^C

!

line con 0

logging synchronous

line aux 0

line 67

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

line vty 0 4

logging synchronous

login

!

scheduler allocate 20000 1000

end

Sterling#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is 192.168.150.254 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 192.168.150.254

                is directly connected, GigabitEthernet0/0

S     192.0.0.0/24 [1/0] via 192.168.150.1

      192.168.150.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.150.0/24 is directly connected, GigabitEthernet0/0

L        192.168.150.153/32 is directly connected, GigabitEthernet0/0

      192.168.151.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.151.0/24 is directly connected, Vlan1

L        192.168.151.1/32 is directly connected, Vlan1

      192.168.152.0/24 is variably subnetted, 2 subnets, 2 masks

C        192.168.152.0/24 is directly connected, wlan-ap0

L        192.168.152.1/32 is directly connected, wlan-ap0

Sterling#sh ip int bri

Interface                  IP-Address      OK? Method Status                Protocol

Wlan-GigabitEthernet0/0    unassigned      YES unset  up                    up     

GigabitEthernet0/0         192.168.150.153 YES DHCP   up                    up     

wlan-ap0                   192.168.152.1   YES manual up                    up     

GigabitEthernet0/1         192.168.153.1   YES manual down                  down   

Vlan1                      192.168.151.1   YES manual up                    up     

NVI0                       192.168.150.153 YES unset  up                    up     

Sterling#session ????????????rvice -module wlan-ap0 session

Trying 192.168.152.1, 2067 ... Open

Connecting to AP console, enter Ctrl-^ followed by x,

then "disconnect" to return to router prompt

No Unauthorized Personel Allowed

ap>enable

Password: 

ap#sh run

Building configuration...

Current configuration : 3495 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ap

!

enable secret 5 ??????????

enable password 7 ??????????

!

no aaa new-model

no ip domain lookup

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.155.1 192.168.155.10

!

ip dhcp pool lan-pool

   network 192.168.150.0 255.255.255.0

   default-router 192.168.151.1

   dns-server 4.2.2.2

   lease 7

!

!

dot11 syslog

!

dot11 ssid SterlingAcces

!

dot11 ssid SterlingAccess

   vlan 1

   authentication open

   authentication key-management wpa

   guest-mode

   wpa-psk ascii 7 ??????????

!

dot11 ssid StrerlingAccess

!

!

!

username Sterling????

username ?????????? password 7 ??????????

!

!

bridge irb

!

!

interface Dot11Radio0

description 802.11bgn radio

no ip address

no ip route-cache

!

encryption mode ciphers aes-ccm

!

encryption vlan 1 mode ciphers tkip

!

broadcast-key change 3600

!

!

ssid SterlingAccess

!

antenna gain 0

speed  basic-1.0 basic-2.0 basic-5.5 basic-11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0

power local 14

station-role root access-point

no cdp enable

bridge-group 21

bridge-group 21 subscriber-loop-control

bridge-group 21 block-unknown-source

no bridge-group 21 source-learning

no bridge-group 21 unicast-flooding

bridge-group 21 spanning-disabled

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio1

description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router

mac-address 001c.58c1.c3e0

bandwidth 10000000

no ip address

no ip route-cache

shutdown

!

encryption mode ciphers tkip

!

broadcast-key change 3600

!

antenna gain 0

no dfs band block

channel dfs

station-role root

payload-encapsulation dot1h

infrastructure-client

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface GigabitEthernet0

description the embedded gigabitethernet 0 is an internal int connecting ap with the host router

no ip address

no ip route-cache

!

interface GigabitEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface GigabitEthernet0.21

description 802.11bgn bridge

encapsulation dot1Q 21

no ip route-cache

bridge-group 21

bridge-group 21 subscriber-loop-control

bridge-group 21 block-unknown-source

no bridge-group 21 source-learning

no bridge-group 21 unicast-flooding

bridge-group 21 spanning-disabled

!

interface BVI1

ip address 192.168.150.2 255.255.255.0

no ip route-cache

!

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

!

ip access-list extended nat-list

permit tcp 192.168.151.0 0.0.0.255 any

permit ip 192.168.153.0 0.0.0.255 any

bridge 1 route ip

!

!

alias exec dot11radio service-module wlan-ap0 session

!

line con 0

no activation-character

line vty 0 4

login local

no activation-character

no exec

transport preferred none

transport input all

!

end

ap#

0 Replies 0
Review Cisco Networking for a $25 gift card