877w router DHCP problem in vlan1

otticavisus · ‎06-15-2011

Hi,

I am not familiar with CISCO products.

I have purchased an 877w router and I have done a basci installation.

Everything by default.

I want my wireless user share the same ip range of the wired user.

If i use the vlan1 there is no way to obtain an IP

If a create a vlan2 and a bvi2 I obtain an IP from the wireles but I am not on the same subnet.

I read a lto of this cases, in which the solution is provided with some command to deliver to the router.

I would like to understand if possible ho to configure it.

thanks a lot in advance.

have a nice day

riroe · ‎06-20-2011

Hello Elena---This Community Forum is for postings for Cisco Small Business Devices only. The Cisco 877 is not a Cisco

Small Business device. You may want to post your request at the forum for Cisco Enterprise devices.

THANKS

Rick Roe

Cisco Small Business Support Center

paolo bevilacqua · ‎06-20-2011

Post your complete config witi BVI, so it can be corrected.

otticavisus · ‎06-20-2011

at the moment I am not in office.tommorow I'll post it.BTW what would I seek in the configuration?

thks a lot

paolo bevilacqua · ‎06-20-2011

Some mistake.

otticavisus · ‎06-21-2011

------------------ show running-config ------------------

Building configuration...

Current configuration : 6003 bytes
!
! Last configuration change at 01:03:23 PCTime Tue Jun 21 2011 by admin
! NVRAM config last updated at 10:04:09 PCTime Tue Jun 21 2011 by admin
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200
logging console critical
enable secret 5
!
no aaa new-model
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
!
crypto pki trustpoint TP-self-signed-460642898
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-460642898
revocation-check none
rsakeypair TP-self-signed-460642898
!
!
crypto pki certificate chain TP-self-signed-460642898
certificate self-signed 01
3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34363036 34323839 38301E17 0D303230 33303130 33323130
325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3436 30363432
38393830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
C151D239 FB15FBFC F9E600E7 A1D1186A 3FDCE7A5 7A12A226 D8239291 889B8205
2ACE7C82 C661208A D0F67DF9 1AFD135F B87DA447 D0CC049C D081905E 0F9E0F1E
E429F34E F4159B40 13A1BED1 4ACD280A 1B077765 B45347EF F9D744B6 AF795A5F
C1086E84 0441A9AF 395DA731 D27F1190 4BCC67CA FA7E7328 63B29225 3D8EBE11
02030100 01A37730 75300F06 03551D13 0101FF04 05300301 01FF3022 0603551D
11041B30 19821779 6F75726E 616D652E 796F7572 646F6D61 696E2E63 6F6D301F
0603551D 23041830 1680143E 333352AF B88D8951 C7D27E86 D6297F0F C4626130
1D060355 1D0E0416 04143E33 3352AFB8 8D8951C7 D27E86D6 297F0FC4 6261300D
06092A86 4886F70D 01010405 00038181 0033903A 9D6C861A 0570F49D CB4A3792
EA166F49 56CE75F9 BE25BCB2 CCB8BC8B AEBFF00E D70F9A8A 14CA424F B2CADBFE
CA1AF957 2E19884E 29FBF85D 3FCF20D0 0A1A8AC4 924FE805 25C627A6 CE25EDB9
09A727F5 6EBFB463 D367E9E4 79E1588A 25A557E1 B02301E0 8460B1AB 4F5995AB
7EBCF0DF C9C6AD08 F8DFADE5 B68B870D 79
   quit
dot11 syslog
!
dot11 ssid vitus
vlan 1
authentication open
guest-mode
!
no ip source-route
ip dhcp excluded-address 192.168.1.1 192.168.1.2
!
ip dhcp pool ccp-pool1
   import all
   network 192.168.1.0 255.255.255.0
   dns-server 151.99.125.2 151.99.125.3
   default-router 192.168.1.2
!
!
ip cef
no ip bootp server
ip domain name yourdomain.com
ip name-server 151.99.125.2
ip name-server 151.99.125.3
!
!
!
!
username admin privilege 15 secret 5
!
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
bridge irb
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip address 31.196.188.206 255.255.255.252
ip flow ingress
ip nat outside
ip virtual-reassembly
pvc 8/35
protocol ip 31.196.188.205 broadcast
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
!
ssid vitus
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 spanning-disabled
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface BVI1
description $ES_LAN$
ip address 192.168.1.2 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1412
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 1 interface ATM0.1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
no cdp run

!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.

It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.

username privilege 15 secret 0

Replace and with the username and password you
want to use.

-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

paolo bevilacqua · ‎06-21-2011

Configure exactly as below.

ssid vitus

no vlan 1
authentication shared

dot11 ssid vitus

interface ATM0
default ip redirects

default ip unreachables
default ip proxy-arp
no ip flow ingress
!
interface ATM0.1 point-to-point

 no ip virtual-reassembly

pvc 8/35

no protocol ip 31.196.188.205 broadcast

interface FastEthernet0
spanning-tree portfast

interface FastEthernet1

spanning-tree portfast

interface FastEthernet2
spanning-tree portfast

!
interface FastEthernet3

spanning-tree portfast

no interface Dot11Radio0.1
!
interface Vlan1
no ip tcp adjust-mss 1452
!
interface BVI1
no ip virtual-reassembly
no ip tcp adjust-mss 1412

bridge 1 route ip

otticavisus · ‎06-21-2011

Do I merge the configuration or substitute it?

otticavisus · ‎06-21-2011

ooooooooooooops

too late ... I substitute it and now I have to reset everything.

Any suggestion to make a new configuration from zero, that includes lan e wlan on same subnet?

thanks for your patient.

Mohammed Islam · ‎06-23-2011

Here is a sample config:-

SSID setup:-

dot11 ssid 'name'

vlan 1

max-associations 2

authentication open

authentication key-management wpa

mbssid guest-mode

wpa-psk ascii 0 'password'

DHCP setup:-

ip dhcp pool 'name'

import all

network 192.168.0.0 255.255.255.248

default-router 192.168.0.1

dns-server 'ip addresses'

bridge irb

Wireless interface:-

interface Dot11Radio0

description Main Radio Interface

no ip address

no dot11 extension aironet

!

encryption vlan 1 mode ciphers tkip

Wireless subinterface for Vlan1:-

interface Dot11Radio0.1

description Dot11 'name'

encapsulation dot1Q 1

ip nat inside

ip virtual-reassembly

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

Vlan 1:-

interface Vlan1

description 'name'

no ip address

ip nat inside

ip virtual-reassembly

no ip route-cache cef

bridge-group 1

Bridge interface for vlan 1:-

interface BVI1

description Bridge for V

ip address 192.168.0.1 255.255.255.0

ip nbar protocol-discovery

ip flow ingress

ip flow egress

ip nat inside

ip virtual-reassembly

bridge 1 protocol ieee

bridge 1 route ip

paolo bevilacqua · ‎06-23-2011

Using only one VLAN, there is NO need for subinterfaces.

Also many unneccesary commands in the example above.