cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1504
Views
0
Helpful
16
Replies

Guest Wi-Fi not working after power outage

Jeff_Perry
Level 1
Level 1

Hi everyone,

 

So we just finished setting up our new Cisco router last weekend and we had everything working perfectly...then we had a power outage over the weekend. I have everything back up and running except our guest wifi. SSID is NevadaCall_Guest, it should be pulling IPs from vlan3. It shows up as a wifi network and we can connect to it but it says "failed to obtain IP address". Things I have tried: deleting and reconfiguring vlan3, deleting and reconfiguring NevadaCall_Guest. Here is our running config: any help would be appreciated.

 

version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cccrouter
!
boot-start-marker
boot system flash:c800-universalk9-mz.SPA.157-3.M3.bin
boot-end-marker
!
!
no logging buffered
enable secret 5 $1$3ecE$v.iAbPg4sJUpZgmA.zaYt.
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-1346438716
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1346438716
revocation-check none
rsakeypair TP-self-signed-1346438716
!
!
crypto pki certificate chain TP-self-signed-1346438716
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31333436 34333837 3136301E 170D3139 30343136 31373337
34375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33343634
33383731 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009966 2688918D AD91BD47 8284C81A BDCE57A0 7FF38670 DF1B0054 541A3F6B
3C51A54C 650A31AD C43AC6A3 12650B9D 69449BA5 5C85CB8C AD465E20 64B629D2
EB6ECBCA 62AE01CF 91855F45 C1A2B876 6E22A59D 71FEACAF 47EACE5C 9FA5B56E
F085E915 A3522DCD 3D397724 5D499E88 E03CCD97 7FD56AC9 BDCCF170 D7AD69EE
573D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14CB2F10 FF5DE4AB B2B83F80 4E0CEBEE 953F49A7 12301D06
03551D0E 04160414 CB2F10FF 5DE4ABB2 B83F804E 0CEBEE95 3F49A712 300D0609
2A864886 F70D0101 05050003 81810005 A17069CE F4D38066 8A5DE845 D91C60A9
862903CA 70AC23A9 89E62CB7 08BC573E AF64B619 53123641 DA26BBC8 DA5FE658
F8FF0CB7 6095DB91 AFC59869 D3152513 624A541E 5FC0FF07 F60C57F8 842CAB62
9F40EDCD AC2CE32D A6CA82FC 3B3234C9 4CE959D5 FF5B9BBB DD135263 892EA21D
98CC7AB8 5D6B7C7C 944408AA 9534A8
quit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
!
ip dhcp pool vlan1
network 192.168.8.0 255.255.255.0
default-router 192.168.8.1
dns-server 192.168.8.3
!
ip dhcp pool vlan3
import all
network 192.168.2.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.8.1
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
license udi pid C891FW-A-K9 sn FJC2013L0M3
!
!
username admin privilege 15 password 7 030758082657711D18
!
redundancy
!
!
!
!
!
!
crypto ctcp port 10000
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.108.1.1 255.255.255.0
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface FastEthernet0
ip address 71.92.169.2 255.255.255.240
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0
no ip address
!
interface GigabitEthernet1
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
no ip address
!
interface GigabitEthernet5
no ip address
!
interface GigabitEthernet6
no ip address
!
interface GigabitEthernet7
no ip address
!
interface GigabitEthernet8
no ip address
shutdown
duplex auto
speed auto
!
interface Wlan-GigabitEthernet8
switchport mode trunk
no ip address
!
interface wlan-ap0
ip unnumbered Vlan3
!
interface Vlan1
ip address 192.168.8.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan3
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Async3
no ip address
encapsulation slip
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list NAT interface FastEthernet0 overload
ip default-network 192.168.8.254
ip route 0.0.0.0 0.0.0.0 71.92.169.1
!
ip access-list extended NAT
permit ip 192.168.8.0 0.0.0.255 any
permit ip 192.168.2.0 0.0.0.255 any
!
ipv6 ioam timestamp
!
!
control-plane
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
vstack
!
line con 0
exec-timeout 120 0
password 7 094F4D0A395D47435D
logging synchronous
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line 3
modem InOut
speed 115200
flowcontrol hardware
line vty 0 4
exec-timeout 60 0
privilege level 15
password 7 130614112B54547B7D
logging synchronous
login local
transport input telnet ssh
line vty 5 15
exec-timeout 60 0
privilege level 15
password 7 130614112B54547B7D
logging synchronous
login local
transport input none
!
scheduler allocate 20000 1000
!
!
!
!
!
!
!
end

1 Accepted Solution

Accepted Solutions

Jeff_Perry
Level 1
Level 1

Ok we were able to get it working again. We basically just deleted everything and reconfigured. thank you everybody for your help:)

View solution in original post

16 Replies 16

Jaderson Pessoa
VIP Alumni
VIP Alumni

@Jeff_Perry hello,

 

 

ip dhcp pool vlan1
network 192.168.8.0 255.255.255.0
default-router 192.168.8.1 << this is ok
dns-server 192.168.8.3
!
ip dhcp pool vlan3
import all
network 192.168.2.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.8.1  << this address is wrong..  not in interface range   ( change to 192.168.2.1 )

!
!

interface Vlan1
ip address 192.168.8.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan3
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in

 

Regards,

Jaderson Pessoa
*** Rate All Helpful Responses ***

Thank you for your reply. I went ahead and changed the default gateway for vlan3:

ip dhcp pool vlan3
import all
network 192.168.2.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.2.1

 

It is still failing to get an IP address. I forgot the network and reconnected with no luck...

Right,

This router is connect in others switches, right? If yes, does your vlan is alredy configured in other devices? Does it allowed on the trunk?

Could you share your a simple topology of your design?
Jaderson Pessoa
*** Rate All Helpful Responses ***

vlan1 is routed to a switch as well as our main wireless network. vlan1 is what all of our computers wired via ethernet are connected to via a switch. Everything on vlan1 appears to be working properly. vlan3 however is only setup for our guest wifi. It should not routing to anywhere but the guest wifi. This is the one that is not distributing IPs. We are using Cisco Configuration Pro for our router configuration. Before the power outage we were able to "Discover" the .2.1 default gateway but now it says "discovery failed". discovery failed.PNG

Great,

I think that your switch is connected to interface below, right?
interface Wlan-GigabitEthernet8
switchport mode trunk
no ip address

Could you provide a configuration of switch that your router is connected?
Jaderson Pessoa
*** Rate All Helpful Responses ***

So our switch is connected to GigabitEthernet0. I know this is probably a dumb question but how do I get the configuration of my switch? This is what came up when I use show interface GigabitEthernet0 and show interface wlan-GigabitEthernet8...I'm not sure if this is the info that you need.

 

GigabitEthernet0 is up, line protocol is up
Hardware is Gigabit Ethernet, address is 0035.1a28.9a47 (bia 0035.1a28.9a47)
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 27000 bits/sec, 14 packets/sec
5 minute output rate 60000 bits/sec, 15 packets/sec
5546844 packets input, 1061937375 bytes, 0 no buffer
Received 71106 broadcasts (46555 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
8390261 packets output, 10150661847 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
1 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out

 

Wlan-GigabitEthernet8 is up, line protocol is up
Hardware is WLAN Gigabit Ethernet, address is 0035.1a28.9a4f (bia 0035.1a28.9a4f)
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:30, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 2000 bits/sec, 2 packets/sec
188652 packets input, 20537983 bytes, 0 no buffer
Received 1138 broadcasts (5311 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
467046 packets output, 401599277 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out

well, i need other type information, run command below, please;

show running-configuration and input here.


Regards,
Jaderson Pessoa
*** Rate All Helpful Responses ***

Here is my output from show running-config. 

 

Building configuration...


Current configuration : 5769 bytes
!
! Last configuration change at 17:45:06 UTC Wed Apr 24 2019 by admin
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cccrouter
!
boot-start-marker
boot system flash:c800-universalk9-mz.SPA.157-3.M3.bin
boot-end-marker
!
!
no logging buffered
enable secret 5 $1$3ecE$v.iAbPg4sJUpZgmA.zaYt.
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
!
!
!
!
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-1346438716
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1346438716
revocation-check none
rsakeypair TP-self-signed-1346438716
!
!
crypto pki certificate chain TP-self-signed-1346438716
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31333436 34333837 3136301E 170D3139 30343136 31373337
34375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33343634
33383731 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009966 2688918D AD91BD47 8284C81A BDCE57A0 7FF38670 DF1B0054 541A3F6B
3C51A54C 650A31AD C43AC6A3 12650B9D 69449BA5 5C85CB8C AD465E20 64B629D2
EB6ECBCA 62AE01CF 91855F45 C1A2B876 6E22A59D 71FEACAF 47EACE5C 9FA5B56E
F085E915 A3522DCD 3D397724 5D499E88 E03CCD97 7FD56AC9 BDCCF170 D7AD69EE
573D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14CB2F10 FF5DE4AB B2B83F80 4E0CEBEE 953F49A7 12301D06
03551D0E 04160414 CB2F10FF 5DE4ABB2 B83F804E 0CEBEE95 3F49A712 300D0609
2A864886 F70D0101 05050003 81810005 A17069CE F4D38066 8A5DE845 D91C60A9
862903CA 70AC23A9 89E62CB7 08BC573E AF64B619 53123641 DA26BBC8 DA5FE658
F8FF0CB7 6095DB91 AFC59869 D3152513 624A541E 5FC0FF07 F60C57F8 842CAB62
9F40EDCD AC2CE32D A6CA82FC 3B3234C9 4CE959D5 FF5B9BBB DD135263 892EA21D
98CC7AB8 5D6B7C7C 944408AA 9534A8
quit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
!
ip dhcp pool vlan1
network 192.168.8.0 255.255.255.0
default-router 192.168.8.1
dns-server 192.168.8.3
!
ip dhcp pool vlan3
import all
network 192.168.2.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.2.1
!
ip dhcp pool vlan2
import all
network 192.168.3.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.3.1
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
!
flow record nbar-appmon
match ipv4 source address
match ipv4 destination address
match application name
collect interface output
collect counter bytes
collect counter packets
collect timestamp absolute first
collect timestamp absolute last
!
!
flow monitor application-mon
cache timeout active 60
record nbar-appmon
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
license udi pid C891FW-A-K9 sn FJC2013L0M3
!
!
object-group network local_cws_net
!
object-group network local_lan_subnets
any
!
object-group network vpn_remote_subnets
any
!
username admin privilege 15 password 7 030758082657711D18
!
redundancy
!
!
!
!
!
zone security LAN
zone security WAN
zone security VPN
zone security DMZ
!
crypto ctcp port 10000
!
crypto isakmp policy 1
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.108.1.1 255.255.255.0
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface FastEthernet0
ip address 71.92.169.2 255.255.255.240
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0
no ip address
!
interface GigabitEthernet1
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
no ip address
!
interface GigabitEthernet5
no ip address
!
interface GigabitEthernet6
no ip address
!
interface GigabitEthernet7
no ip address
!
interface GigabitEthernet8
no ip address
shutdown
duplex auto
speed auto
!
interface Wlan-GigabitEthernet8
switchport mode trunk
no ip address
!
interface wlan-ap0
ip unnumbered Vlan3
!
interface Vlan1
ip address 192.168.8.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan2
ip address 192.168.3.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan3
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Async3
no ip address
encapsulation slip
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list NAT interface FastEthernet0 overload
ip default-network 192.168.8.254
ip route 0.0.0.0 0.0.0.0 71.92.169.1
!
ip access-list extended NAT
permit ip 192.168.8.0 0.0.0.255 any
permit ip 192.168.2.0 0.0.0.255 any
permit ip 192.168.3.0 0.0.0.255 any
ip access-list extended nat-list
permit ip object-group local_lan_subnets any
!
ipv6 ioam timestamp
!
!
!
!
control-plane
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
vstack
!
line con 0
exec-timeout 120 0
password 7 094F4D0A395D47435D
logging synchronous
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line 3
modem InOut
speed 115200
flowcontrol hardware
line vty 0 4
exec-timeout 60 0
password 7 130614112B54547B7D
logging synchronous
transport input telnet ssh
line vty 5 15
exec-timeout 60 0
password 7 130614112B54547B7D
logging synchronous
transport input none
!
scheduler allocate 20000 1000
!
!
!
!
!
!
!
end

try run this on router

 

no interface vlan 2
no interface vlan 3

interface g0.2
encapsulation dot1q 2
ip address 192.168.3.1 255.255.255.0
no shutdown
ip nat inside

interface g0.3
encapsulation dot1q 3
ip address 192.168.2.1 255.255.255.0
no shutdown
ip nat inside

Jaderson Pessoa
*** Rate All Helpful Responses ***

grabonlee
Level 4
Level 4

Hi,

Do you have a backup of the config prior to the outage?

 

Does the SSID you're using have the correct VLAN?

Is you Gig0 carrying traffic to the LAN for both VLAN 1 and 3 set up as a trunk port/sub-interface?

Do you have a backup of the config prior to the outage? no, i don't have a backup unfortunately. I do have a backup of the access point before the outage but I think the issue lies  

 

Does the SSID you're using have the correct VLAN? yes, our main SSID is pointed at Vlan1. This one we can get to get IP addresses. Our guest wifi is pointed at VLAN3. This one hasn't been distributing IP addresses since the outage. Also when we try to access the router address at vlan3 at 192.168.2.1 through putty or configuration pro it will not connect. Before the outage we could connect to the router through putty and configuration pro at 192.168.2.1 but now we are unable to do so. I suspect if we can get this online our guest wifi will work. I just don't understand why it isn't connecting now. It looks like it's configured the same way as VLAN1. I don't understand why VLAN1 is working but VLAN3 isn't. It shows that VLAN3's operational status is down on configuration pro shown in the picture below.

 

Is you Gig0 carrying traffic to the LAN for both VLAN 1 and 3 set up as a trunk port/sub-interface? I'm not sure...I think Gig0 only carries traffic for VLAN1. VLAN3 is only for our guest wifi. 

 

Capture.PNG

when i try to access 192.168.2.1 through putty it says % Destination unreachable; gateway or host down

Ok. By default Gig0 will carry VLAN 1. If it is to carry other L3 VLANs, then it should be configured with sub interfaces.

I noticed that you configured wlan-gig8 as the default gateway for your Guest, but Gig8 on the router is Admin down. Is that interface unshut and is it connected to your LAN?

 

ok so just an update. I was able to get vlan 3 up and was able to login to the access point on putty! Here is the running-config for the embedded access point. NevadaCall is working with no issues. NevadaCall_Guest is not assigning ip addresses. Below that is the current running-config for the router.


Current configuration : 2750 bytes
!
! Last configuration change at 21:21:19 UTC Wed Apr 24 2019
! NVRAM config last updated at 21:23:52 UTC Wed Apr 24 2019
! NVRAM config last updated at 21:23:52 UTC Wed Apr 24 2019
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
!
logging rate-limit console 9
enable secret 5 $1$28KG$hf8jXmobCFQPEa3.cxcBI/
!
no aaa new-model
no ip source-route
no ip cef
!
!
!
!
dot11 pause-time 100
dot11 syslog
!
dot11 ssid NevadaCall
vlan 1
max-associations 15
authentication open
authentication key-management wpa
accounting accounting-method-list
guest-mode
mbssid guest-mode
wpa-psk ascii 7 105E080A16001D190807292875
!
dot11 ssid NevadaCall_Guest
vlan 3
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 096F5C000A54044352
!
!
!
no ipv6 cef
!
!
username admin privilege 15 secret 5 $1$qKG6$imntIeUGGGsDT72B5jioX/
!
!
!
bridge irb
!
!
!
interface Dot11Radio0
no ip address
!
encryption vlan 3 mode ciphers aes-ccm
!
encryption vlan 1 mode ciphers aes-ccm
!
broadcast-key vlan 3 change 30
!
!
ssid NevadaCall
!
ssid NevadaCall_Guest
!
antenna gain 0
mbssid
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.3
encapsulation dot1Q 3
!
interface Dot11Radio1
no ip address
!
encryption vlan 3 mode ciphers aes-ccm
!
encryption vlan 1 mode ciphers aes-ccm
!
broadcast-key vlan 3 change 30
!
!
ssid NevadaCall
!
ssid NevadaCall_Guest
!
antenna gain 0
peakdetect
dfs band 3 block
mbssid
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1.3
encapsulation dot1Q 3
!
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface GigabitEthernet0.3
encapsulation dot1Q 3
!
interface BVI1
mac-address 0035.1a28.9a5a
ip address dhcp client-id GigabitEthernet0
no ip route-cache
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
!
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
transport input all
!
end

 

-----------------------------------------------------------------------------------------------------------

 

Here is the current running-config for the router:


Building configuration...


Current configuration : 6008 bytes
!
! Last configuration change at 21:21:09 UTC Wed Apr 24 2019 by admin
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cccrouter
!
boot-start-marker
boot system flash:c800-universalk9-mz.SPA.157-3.M3.bin
boot-end-marker
!
!
no logging buffered
enable secret 5 $1$3ecE$v.iAbPg4sJUpZgmA.zaYt.
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login local_access local
aaa authorization exec default local
!
!
!
!
!
!
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-1346438716
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1346438716
revocation-check none
rsakeypair TP-self-signed-1346438716
!
!
crypto pki certificate chain TP-self-signed-1346438716
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31333436 34333837 3136301E 170D3139 30343136 31373337
34375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 33343634
33383731 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009966 2688918D AD91BD47 8284C81A BDCE57A0 7FF38670 DF1B0054 541A3F6B
3C51A54C 650A31AD C43AC6A3 12650B9D 69449BA5 5C85CB8C AD465E20 64B629D2
EB6ECBCA 62AE01CF 91855F45 C1A2B876 6E22A59D 71FEACAF 47EACE5C 9FA5B56E
F085E915 A3522DCD 3D397724 5D499E88 E03CCD97 7FD56AC9 BDCCF170 D7AD69EE
573D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14CB2F10 FF5DE4AB B2B83F80 4E0CEBEE 953F49A7 12301D06
03551D0E 04160414 CB2F10FF 5DE4ABB2 B83F804E 0CEBEE95 3F49A712 300D0609
2A864886 F70D0101 05050003 81810005 A17069CE F4D38066 8A5DE845 D91C60A9
862903CA 70AC23A9 89E62CB7 08BC573E AF64B619 53123641 DA26BBC8 DA5FE658
F8FF0CB7 6095DB91 AFC59869 D3152513 624A541E 5FC0FF07 F60C57F8 842CAB62
9F40EDCD AC2CE32D A6CA82FC 3B3234C9 4CE959D5 FF5B9BBB DD135263 892EA21D
98CC7AB8 5D6B7C7C 944408AA 9534A8
quit
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
ip dhcp excluded-address 192.168.2.1
!
ip dhcp pool vlan1
network 192.168.8.0 255.255.255.0
default-router 192.168.8.1
dns-server 192.168.8.3
!
ip dhcp pool vlan2
import all
network 192.168.3.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.3.1
!
ip dhcp pool vlan3
import all
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 8.8.8.8
!
!
!
ip name-server 192.168.8.3
ip cef
no ipv6 cef
!
!
flow record nbar-appmon
match ipv4 source address
match ipv4 destination address
match application name
collect interface output
collect counter bytes
collect counter packets
collect timestamp absolute first
collect timestamp absolute last
!
!
flow monitor application-mon
cache timeout active 60
record nbar-appmon
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
license udi pid C891FW-A-K9 sn FJC2013L0M3
!
!
object-group network local_cws_net
!
object-group network local_lan_subnets
any
!
object-group network vpn_remote_subnets
any
!
username admin privilege 15 password 7 030758082657711D18
!
redundancy
!
!
!
!
!
!
class-map type inspect match-all INTERNAL_DOMAIN_FILTER
zone security LAN
zone security WAN
zone security VPN
zone security DMZ
!
crypto ctcp port 10000
!
crypto isakmp policy 1
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.108.1.1 255.255.255.0
!
interface BRI0
no ip address
encapsulation hdlc
isdn termination multidrop
!
interface FastEthernet0
ip address 71.92.169.2 255.255.255.240
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0
no ip address
!
interface GigabitEthernet1
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
no ip address
!
interface GigabitEthernet5
no ip address
!
interface GigabitEthernet6
no ip address
!
interface GigabitEthernet7
no ip address
!
interface GigabitEthernet8
no ip address
duplex auto
speed auto
!
interface Wlan-GigabitEthernet8
switchport mode trunk
no ip address
!
interface wlan-ap0
ip unnumbered Vlan3
!
interface Vlan1
ip address 192.168.8.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan2
ip address 192.168.3.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan3
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Async3
no ip address
encapsulation slip
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list NAT interface FastEthernet0 overload
ip default-network 192.168.8.254
ip route 0.0.0.0 0.0.0.0 71.92.169.1
!
ip access-list extended NAT
permit ip 192.168.8.0 0.0.0.255 any
permit ip 192.168.2.0 0.0.0.255 any
permit ip 192.168.3.0 0.0.0.255 any
ip access-list extended nat-list
permit ip object-group local_lan_subnets any
!
ipv6 ioam timestamp
!
!
!
!
control-plane
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
vstack
!
line con 0
exec-timeout 120 0
password 7 094F4D0A395D47435D
logging synchronous
login authentication local_access
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line 3
modem InOut
speed 115200
flowcontrol hardware
line vty 0 4
access-class 23 in
exec-timeout 60 0
privilege level 15
password 7 130614112B54547B7D
logging synchronous
login authentication local_access
transport input telnet ssh
line vty 5 15
exec-timeout 60 0
password 7 130614112B54547B7D
logging synchronous
transport input none
!
scheduler allocate 20000 1000
!
!
!
!
!
!
!
end

 

"Ok. By default Gig0 will carry VLAN 1. If it is to carry other L3 VLANs, then it should be configured with sub interfaces." How do I go about doing this?

 

"I noticed that you configured wlan-gig8 as the default gateway for your Guest, but Gig8 on the router is Admin down. Is that interface unshut and is it connected to your LAN?" I just ran the no shutdown command on gig8, it's not connected to the LAN.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: