cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2760
Views
5
Helpful
3
Replies

Unable To Ping across subinterface on 1941w

pugs17211721
Level 1
Level 1

I am currently working on a 1941w router. The problem that I am having is that I am unable to ping the switch that is directly connected to it and I am unable to ping from the switch to the router. If I take the address off of vlan 1 and move it to gi0/0.1 the pings work, but then client traffic on the wireless ap inside the 1941w fails. Can someone please help ? Thanks

Here is the releveant config off of the 1941w

version 15.0

no service pad

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

!

hostname SATX-1941W-001

!

boot-start-marker

boot-end-marker

!

logging buffered 16384 notifications

enable secret 5 $1$kGmQ$r2bXwOVZ8ffF0A0i.T8j6.

!

no aaa new-model

!

!

!

memory-size iomem 10

clock timezone EST -5

service-module wlan-ap 0 bootimage autonomous

!

no ipv6 cef

ip source-route

ip cef

!

!

ip dhcp database CLIENT write-delay 120 timeout 60

ip dhcp excluded-address 10.11.12.1

ip dhcp excluded-address 172.21.18.1 172.21.18.99

ip dhcp excluded-address 172.21.18.200 172.21.18.254

!

ip dhcp pool VLAN2

   import all

   network 10.11.12.0 255.255.255.0

   dns-server 192.69.21.200 206.51.156.28

   default-router 10.11.12.1

!

ip dhcp pool CLIENT

   import all

   network 172.21.18.0 255.255.255.0

   default-router 172.21.18.1

   domain-name us.crownlift.net

   dns-server 172.20.62.208 192.69.21.200

   lease 365

!

!

no ip domain lookup

ip domain name dicke.com

ip name-server 192.69.21.200

!

multilink bundle-name authenticated

!

!

!

license udi pid CISCO1941W-A/K9 sn FTX152884V7

hw-module ism 0

!

!

!

archive

log config

  hidekeys

username (removed) privilege 15 secret 5 (removed)

!

redundancy

!

!

ip tcp synwait-time 10

ip ssh time-out 60

ip ssh authentication-retries 2

ip ssh version 2

!

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

crypto isakmp key (FLOH-IPSEC-KEY) address (FLOH-VPN-TARGET)

crypto isakmp key (NBOH-IPSEC-KEY) address (NBOH-VPN-TARGET)

!

!

crypto ipsec transform-set DES-3SHA esp-3des esp-sha-hmac

!

crypto map 108T-FA000 local-address FastEthernet0/0/0

crypto map 108T-FA000 30 ipsec-isakmp

set peer (NBOH-VPN-TARGET)

set transform-set DES-3SHA

match address NBOH

!

crypto map 108T-GI01 local-address GigabitEthernet0/1

crypto map 108T-GI01 31 ipsec-isakmp

set peer (FLOH-VPN-TARGET)

set transform-set DES-3SHA

match address FLOH

!

bridge irb

!

!

!

!

interface Loopback0

ip address 172.21.100.18 255.255.255.255

!

!

interface Tunnel30

description T-NBOH

ip address 172.20.255.102 255.255.255.252

ip mtu 1500

ip flow ingress

keepalive 10 3

tunnel source 172.21.100.18

tunnel destination 172.20.240.2

!

!

interface Tunnel31

description T-FtLoramie-Family

ip address 172.20.255.98 255.255.255.252

ip mtu 1500

ip flow ingress

keepalive 10 3

tunnel source 172.21.100.18

tunnel destination 172.20.240.31

!

!

interface Wlan-GigabitEthernet0/0

description Internal switch interface connecting to the embedded AP

switchport mode trunk

!

!

interface GigabitEthernet0/0

no ip address

ip flow ingress

duplex auto

speed auto

no mop enabled

!

!

interface GigabitEthernet0/0.1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$

encapsulation dot1Q 1 native

ip flow ingress

ip virtual-reassembly

bridge-group 1

!

interface GigabitEthernet0/0.2

encapsulation dot1Q 2

ip flow ingress

ip nat inside

ip virtual-reassembly

bridge-group 2

!

interface wlan-ap0

description Service module interface to manage the embedded AP

no ip address

arp timeout 0

no mop enabled

no mop sysid

!

!

interface GigabitEthernet0/1

description $ES_WAN$$FW_OUTSIDE$

ip address (CABLE-MODEM-IP) 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

no cdp enable

crypto map 108T-GI01

!

!

interface FastEthernet0/0/0

description $ES_WAN$$FW_OUTSIDE$

ip address (DSL-MODEM-IP) 255.255.255.248

ip access-group LetIn in

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

no cdp enable

crypto map 108T-FA000

!

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$

ip address 172.21.18.1 255.255.255.0

ip flow ingress

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

no autostate

!

!

interface Vlan2

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$

ip address 10.11.12.1 255.255.255.0

ip flow ingress

ip tcp adjust-mss 1452

no autostate

bridge-group 2

!

!

ip default-gateway (DSL-MODEM-GW)

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

no ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip flow-export source Tunnel31

ip flow-export version 5

ip flow-export destination 172.20.62.245 6343

!        

ip nat inside source list 1 interface GigabitEthernet0/1 overload

ip nat inside source list 2 interface FastEthernet0/0/0 overload

ip route 0.0.0.0 0.0.0.0 (DSL-MODEM-GW)

ip route 0.0.0.0 0.0.0.0 (CABLE-MODEM-GW) 20

ip route 172.20.0.0 255.255.0.0 Tunnel31

ip route 172.20.0.0 255.255.0.0 172.20.255.97

ip route 172.20.0.0 255.255.0.0 172.20.255.101 20

ip route 172.20.0.0 255.255.0.0 Tunnel30 20

ip route 172.20.240.2 255.255.255.255 (DSL-MODEM-GW)

ip route 172.20.240.31 255.255.255.255 (CABLE-MODEM-GW)

ip route (NBOH-VPN-TARGET) 255.255.255.255 (DSL-MODEM-GW)

ip route (FLOH-VPN-TARGET) 255.255.255.255 (CABLE-MODEM-GW)