08-28-2010 09:29 AM - edited 03-04-2019 09:35 AM
Hello
I need help on this issue - I'm really at a loss.
My company just bought a new 1811 Wireless router.
I configured lots of stuff on it using CLI (that was quite
interesting I must say!).
I then configured wireless using Cisco Configuration Professional(CCP).
The issue is, the devices on each network could not communicate
that is, I can neither ping from any device connected through wireless
to another device on the LAN, nor the VLAN on the router.
The LAN is connected using a 2960 connected to the Fast Ethernet 1
interface on the router, while thee router VLAN is on the 8-Port
inbuilt switch.
Please what am I missing out? Do I need to configure a routing
protocol and advertise each network? I thought all the devices
could ping one another since it's the same router.
Please note that I could ping ALL d router interface IP addresses
from ALL the devices.
The configuration is pated below:
........Output cut
dot11 syslog
!
dot11 ssid ADMIN_WIRELESS
vlan 2
authentication open
mbssid guest-mode
!
ip source-route
!
!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.10.2
ip dhcp excluded-address 172.17.1.1 172.17.1.9
ip dhcp excluded-address 10.10.10.4
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
ip dhcp pool ADMIN_WIRELESS
import all
network 172.17.1.0 255.255.255.0
default-router 172.17.1.1
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
bridge irb
!
!
!
interface Dot11Radio0
no ip address
!
encryption vlan 2 key 1 size 40bit 7 C7846CDFA6A6 transmit-key
encryption vlan 2 mode wep mandatory
!
broadcast-key vlan 2 change 30
!
!
ssid ADMIN_WIRELESS
!
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
basic-54.0
channel 2437
station-role root
!
interface Dot11Radio0.2
encapsulation dot1Q 2 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
no ip address
!
encryption vlan 2 key 1 size 40bit 7 1F6A7ED8DF3F transmit-key
encryption vlan 2 mode wep mandatory
!
broadcast-key vlan 2 change 30
!
!
ssid ADMIN_WIRELESS
!
mbssid
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 basic-54.0
channel 5745
station-role root
no cdp enable
!
interface Dot11Radio1.2
encapsulation dot1Q 2 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface FastEthernet0
ip address 44.44.44.1 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet1
ip address 192.168.3.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
description $ES_LAN$
ip address 10.10.10.1 255.255.255.248
ip access-group 100 in
!
interface Vlan2
no ip address
bridge-group 1
!
interface Async1
no ip address
encapsulation slip
!
interface BVI1
ip address 172.17.1.1 255.255.255.0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
access-list 23 remark CCP_ACL Category=16
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 remark Auto generated by SDM Management Access feature
access-list 100 remark CCP_ACL Category=1
access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq telnet
access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq 22
access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq www
access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq 443
access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq cmd
access-list 100 deny tcp any host 10.10.10.1 eq telnet
access-list 100 deny tcp any host 10.10.10.1 eq 22
access-list 100 deny tcp any host 10.10.10.1 eq www
access-list 100 deny tcp any host 10.10.10.1 eq 443
access-list 100 deny tcp any host 10.10.10.1 eq cmd
access-list 100 deny udp any host 10.10.10.1 eq snmp
access-list 100 permit ip any any
access-list 101 remark CCP_ACL Category=1
access-list 101 permit ip 10.10.10.0 0.0.0.7 any
access-list 102 remark CCP_ACL Category=1
access-list 102 permit ip 10.10.10.0 0.0.0.7 any
!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
password 7 122A20312D28232A
login
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
access-class 101 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 102 in
privilege level 15
login local
transport input telnet ssh
!
end
Please help...Im confused.
Thanks for your contributions.
A.K
08-28-2010 11:48 AM
Hi,
Try to add belows.
conf t
ssid ADMIN_WIRELESS
vlan 2
exit
int vlan 2
bridge-group 1 spanning-disabled
exit
KK.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide