My company just bought a new 1811 Wireless router. I configured lots of stuff on it using CLI (that was quite interesting I must say!). I then configured wireless using Cisco Configuration Professional(CCP). The issue is, the devices on each network could not communicate that is, I can neither ping from any device connected through wireless to another device on the LAN, nor the VLAN on the router. The LAN is connected using a 2960 connected to the Fast Ethernet 1 interface on the router, while thee router VLAN is on the 8-Port inbuilt switch.
Please what am I missing out? Do I need to configure a routing protocol and advertise each network? I thought all the devices could ping one another since it's the same router. Please note that I could ping ALL d router interface IP addresses from ALL the devices. The configuration is pated below:
dot11 syslog ! dot11 ssid ADMIN_WIRELESS vlan 2 authentication open mbssid guest-mode ! ip source-route ! ! ip dhcp excluded-address 10.10.10.1 ip dhcp excluded-address 10.10.10.2 ip dhcp excluded-address 172.17.1.1 172.17.1.9 ip dhcp excluded-address 10.10.10.4 ! ip dhcp pool ccp-pool import all network 10.10.10.0 255.255.255.248 default-router 10.10.10.1 lease 0 2 ! ip dhcp pool ADMIN_WIRELESS import all network 172.17.1.0 255.255.255.0 default-router 172.17.1.1 ! ! ip cef no ip domain lookup ip domain name yourdomain.com no ipv6 cef ! multilink bundle-name authenticated ! ! ! bridge irb ! ! ! interface Dot11Radio0 no ip address ! encryption vlan 2 key 1 size 40bit 7 C7846CDFA6A6 transmit-key encryption vlan 2 mode wep mandatory ! broadcast-key vlan 2 change 30 ! ! ssid ADMIN_WIRELESS ! mbssid speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 basic-54.0 channel 2437 station-role root ! interface Dot11Radio0.2 encapsulation dot1Q 2 native bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio1 no ip address ! encryption vlan 2 key 1 size 40bit 7 1F6A7ED8DF3F transmit-key encryption vlan 2 mode wep mandatory ! broadcast-key vlan 2 change 30 ! ! ssid ADMIN_WIRELESS ! mbssid speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 basic-54.0 channel 5745 station-role root no cdp enable ! interface Dot11Radio1.2 encapsulation dot1Q 2 native bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface FastEthernet0 ip address 184.108.40.206 255.255.255.248 duplex auto speed auto ! interface FastEthernet1 ip address 192.168.3.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ! interface FastEthernet5 ! interface FastEthernet6 ! interface FastEthernet7 ! interface FastEthernet8 ! interface FastEthernet9 ! interface Vlan1 description $ES_LAN$ ip address 10.10.10.1 255.255.255.248 ip access-group 100 in ! interface Vlan2 no ip address bridge-group 1 ! interface Async1 no ip address encapsulation slip ! interface BVI1 ip address 172.17.1.1 255.255.255.0 ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 FastEthernet0 ip http server ip http access-class 23 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! ! ! access-list 23 remark CCP_ACL Category=16 access-list 23 permit 10.10.10.0 0.0.0.7 access-list 100 remark Auto generated by SDM Management Access feature access-list 100 remark CCP_ACL Category=1 access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq telnet access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq 22 access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq www access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq 443 access-list 100 permit tcp 10.10.10.0 0.0.0.7 host 10.10.10.1 eq cmd access-list 100 deny tcp any host 10.10.10.1 eq telnet access-list 100 deny tcp any host 10.10.10.1 eq 22 access-list 100 deny tcp any host 10.10.10.1 eq www access-list 100 deny tcp any host 10.10.10.1 eq 443 access-list 100 deny tcp any host 10.10.10.1 eq cmd access-list 100 deny udp any host 10.10.10.1 eq snmp access-list 100 permit ip any any access-list 101 remark CCP_ACL Category=1 access-list 101 permit ip 10.10.10.0 0.0.0.7 any access-list 102 remark CCP_ACL Category=1 access-list 102 permit ip 10.10.10.0 0.0.0.7 any ! ! ! ! ! ! control-plane ! bridge 1 protocol ieee bridge 1 route ip ! line con 0 password 7 122A20312D28232A login line 1 modem InOut stopbits 1 speed 115200 flowcontrol hardware line aux 0 line vty 0 4 access-class 101 in privilege level 15 login local transport input telnet ssh line vty 5 15 access-class 102 in privilege level 15 login local transport input telnet ssh ! end
Please help...Im confused. Thanks for your contributions.
Cisco DNA Center version 2.2.2.x includes the features and improvements that
New intelligence provides an easy, gradual, and complete adoption of SD-Access. Faster Cisco DNA Center set-up saves time and effort.
When using Cisco cellular modules with a SIM card an APN must be provided. The APN cannot be stored in the SIM card and is supplied by your SIM card provider. Cisco cellular software contains a database of well-known APNs based on the country and ...
Cisco 3850: IOS-XE/Firmware Upgrade
This procedure is aimed at Cisco 3850 switch ONLY.
IOS-XE Bundle Mode is not covered.
9300, 9500 (vanilla & high-performance), ISR 1k, ISR 4k and ASR is not covered.
Listen: https://smarturl.it/CCRS8E46Follow us: twitter.com/ciscochampionsIt’s been several years since the release of Cisco DNA Center, and it’s matured into a complete network management system, an automation and orchestration engine, an AI/ML analy...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...