Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1042
Views
6
Helpful
4
Replies

Help - 871W won't route between LAN and WAN

KuBand123
Level 1
Level 1

‎01-05-2013 08:51 PM - edited ‎03-04-2019 06:35 PM

I am a bit green with IOS and have exhausted everything I can think of with this. The router passes the WAN test in CCP and I am out of ideas right now. Any help would be greatly appreciated and I will be sure to give points to helpful suggestions.

Undoubtedly there are probably a few things in the config that are either redundant or totally unnecessary, but I have been trying a few things to solve this with very little success.

I have no security stuff in here because I have triewd to keep the config as simple as possible to start with. I will add that after I get the routing working.

Here is my most recent config:

Cisco871W#show config

Using 2631 out of 131072 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Cisco871W

!

boot-start-marker

boot-end-marker

!

no logging buffered

enable secret 5 $1$MXxl$LS6pdBB.NYOH2KZ4O6jO7/

!

no aaa new-model

clock timezone PCTime -5

clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00

!

!

dot11 syslog

!

dot11 ssid Cisco871W

   vlan 1

   authentication open

   authentication key-management wpa

   mbssid guest-mode

   infrastructure-ssid optional

   wpa-psk ascii 0 XXXXXXXX

!

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1 10.10.10.9

ip dhcp excluded-address 10.10.10.61 10.10.10.254

!

ip dhcp pool Pool10.10.10.0

   import all

   network 10.10.10.0 255.255.255.0

   dns-server 192.168.1.1 8.8.8.8

!

!

ip name-server 192.168.1.1

!

!

!

username KuBand12 privilege 15 secret 5 $1$ABGm$9vAF9s.Kpd1KjvpWV00W0.

!

!

archive

log config

  hidekeys

!

!

no ip ftp passive

!

bridge irb

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

description $ETH-WAN$

ip address 192.168.1.9 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Dot11Radio0

no ip address

ip nat inside

ip virtual-reassembly

no dot11 extension aironet

!

encryption vlan 1 mode ciphers aes-ccm

!

broadcast-key vlan 1 change 30

!

!

ssid Cisco871W

!

mbssid

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

no ip address

bridge-group 1

!

interface BVI1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

router rip

version 2

network 10.0.0.

network 192.168.1.0

no auto-summary

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.1.1 permanent

!

ip http server

ip http authentication local

no ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface FastEthernet4 overload

!

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 10.10.10.0 0.0.0.255

!

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

!

line con 0

no modem enable

line aux 0

line vty 0 4

exec-timeout 0 0

login local

transport input telnet ssh

transport output telnet ssh

!

scheduler max-task-time 5000

end

Labels:
0 Helpful
4 Replies 4

shamax_1983
Level 3
Level 3

‎01-05-2013 09:30 PM

Hello Dwight,

Your dhcp pool doesn't have a default router configuration..

you should have it like this with the default router configuration

!

ip dhcp pool Pool10.10.10.0

   import all

   network 10.10.10.0 255.255.255.0

   dns-server 192.168.1.1 8.8.8.8

  default-router 10.10.10.1

!

Please rate this post if helpful.

Thanks

Shamal

kcnajaf
Level 7
Level 7

‎01-05-2013 09:30 PM

Hi Dwight,

Do you have problem with both wired as well as wireless client. From the router are you able to ping the gateway (

192.168.1.1)?

Regards

Najaf

KuBand123
Level 1
Level 1

‎01-06-2013 11:33 AM

Thanks very much for both your suggestions. Although neither actually resolved the problem by itself, they both gave me ideas on where to look.

I failed to mention in the first post that I was using a Ubiquiti wireless station/router between the 192.168.1.1 router wireless LAN interface and the 871W router ethernet WAN interface. The purpose of this was to connect wirelessly to the 192.168.1.1 router on it's WAN interface and provide routing on it's ethernet LAN interface to connect to the 871W WAN interface.

I was doing this so that I could take the 871W(with the compact Ubiquiti router) to different locations and hook up to various wireless networks with a minimum amount of reconfiguration. The only reconfiguration could be done easily on the Ubiquiti device which is a much simpler programming interface. I am using the 871W strictly for getting familiar with the Cisco IOS, so I wanted to be sure that I had a reliable connection setup and could focus on being able to configure other options in the IOS.

This Ubiquit bridge was incorrectly addressed so it was never able to talk to the 871W WAN interface. This was part of my problem, but definitely not all.

I reconfigured the addressing on the bridge so that the WAN side of the 871W could finally get an internet connection via the 192.168.1.1 router.

Then I reconfigured the addressing on the WAN port of the 871W. I did incorporate the default router instruction and I finally picked up on the addressing inconsistencies while checking the wireless and wired client side of the 871W.

Everything is working fine now. I am using the 871W to write this reply. Below is a copy of my basic IOS running config.

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Cisco871W

!

boot-start-marker

boot-end-marker

!

no logging buffered

enable secret 5 $1$MXxl$LS6pdBB.NYOH2KZ4O6jO7/

!

no aaa new-model

clock timezone PCTime -5

clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00

!

!

dot11 syslog

!

dot11 ssid Cisco871W

   vlan 1

   authentication open

   authentication key-management wpa

   mbssid guest-mode

   infrastructure-ssid optional

   wpa-psk ascii 0 XXXXXXXX

!

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1 10.10.10.9

ip dhcp excluded-address 10.10.10.61 10.10.10.254

!

ip dhcp pool Pool10.10.10.0

   import all

   network 10.10.10.0 255.255.255.0

   dns-server 192.168.1.1 8.8.8.8

   default-router 10.10.10.1

!

!

ip name-server 192.168.1.1

!

!

!

username KuBand12 privilege 15 secret 5 $1$ABGm$9vAF9s.Kpd1KjvpWV00W0.

!

!

archive

log config

  hidekeys

!

!

no ip ftp passive

!

bridge irb

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

description $ETH-WAN$

ip address 192.168.1.140 255.255.255.128

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Dot11Radio0

no ip address

ip nat inside

ip virtual-reassembly

no dot11 extension aironet

!

encryption vlan 1 mode ciphers aes-ccm

!

broadcast-key vlan 1 change 30

!

!

ssid Cisco871W

!

mbssid

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

no ip address

bridge-group 1

!

interface BVI1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

router rip

version 2

network 10.0.0.0

network 192.168.1.0

no auto-summary

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.1.139 permanent

!

ip http server

ip http authentication local

no ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface FastEthernet4 overload

!

access-list 1 remark CCP_ACL Category=2

access-list 1 permit 10.10.10.0 0.0.0.255

!

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

!

line con 0

no modem enable

line aux 0

line vty 0 4

exec-timeout 0 0

login local

transport input telnet ssh

transport output telnet ssh

!

scheduler max-task-time 5000

end

0 Helpful

shamax_1983
Level 3
Level 3
In response to KuBand123

‎01-06-2013 03:00 PM

Thanks for the update.. Good to here everything's working now

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card