01-28-2013 09:00 PM - edited 03-07-2019 11:22 AM
I search and read several forums that I have to Bridge the AP to VLAN1 which has the DHCP pool. For some reason when I try to do this from iOS console it tells me that gig0 is not a bridgable interface. I am newb to Cisco iOS (24 hours new ). I got the Cisco Configuration Professional working and would like to fix my issue through there if possible. Anyone able to look at my config below and let me know why my AP wont get anything but APIPA addresses? Thanks for your help!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CiscoRouter
!
boot-start-marker
warm-reboot
boot-end-marker
!
logging message-counter syslog
no logging buffered
no logging console
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-1706181937
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1706181937
revocation-check none
rsakeypair TP-self-signed-1706181937
!
!
crypto pki certificate chain TP-self-signed-1706181937
certificate self-signed 01
30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373036 31383139 3337301E 170D3133 30313237 32323531
35385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37303631
38313933 3730819F 300D0609 2A864886 F7DDD101 01050003 818D0030 81890281
8100CF0A 18D242A0 F9FCAAD3 66470346 273666DD 2888A5A3 FAC6CFDA C485892F
84D0298F D04519AE 423BE691 5B22B9F8 99ACE21D 4AE4242D BE82F307 0D250C1E
0F1226AF FEF33143 9B0C333E B972D3DA 1D0C74BC 6A06531E A068E99E 2A29BEAB
861EDB93 522334A1 93A800E5 197B8119 A262AB1B A54E34F3 6170C1DB 71330153
7BCD0203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603
551D1104 1D301B82 19436973 636F526F 75746572 2E636973 636F6765 61722E63
6F6D301F 0603551D 23041830 16801486 87A937F7 C6C2F953 6E2BB01E B06020EC
7FA30030 1D060355 1D0E0416 04148687 A937F7C6 C2F9536E 2BB01EB0 6020EC7F
A300300D 06092A86 4886F70D 01010405 00038181 0018CACF 50AD1B35 FC43A4E2
12D8E5F1 08EDD1CE 3A5D51D2 54C1ED6B 879743BA D72F14B7 C8A5C91E E3B08135
CDE1AAD6 FE20BCC3 3B904258 8B9E5FB5 F4AB3786 B8A581DD CCF3E63B 63B7B6CB
C48698F9 5773DB70 C60A39CB B7B84849 ECB42761 DEC971B2 26C0EFB5 BF231ECD
516F6DF3 583E9EB2 3F5B1E1F A63D4283 52514196 73
quit
ip source-route
ip dhcp excluded-address 192.168.1.1 192.168.1.9
!
ip dhcp pool LAN_Addresses
import all
network 192.168.1.0 255.255.255.0
domain-name CiscoGear.com
default-router 192.168.1.1
lease infinite
!
!
ip cef
ip domain name ciscogear.com
!
!
!
!
vtp mode transparent
username admin privilege 15 password 0 XXXXXX
!
!
!
archive
log config
hidekeys
!
!
vlan 2
!
vlan 10
name PP-VLAN
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address dhcp
ip nat outside
ip virtual-reassembly
shutdown
duplex auto
speed auto
!
interface wlan-ap0
description Service module interface to manage the embedded AP
no ip address
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan2
ip address 192.168.2.1 255.255.255.0
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list 1 interface FastEthernet4 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
line vty 0 4
login local
transport input all
!
scheduler max-task-time 5000
end
Solved! Go to Solution.
01-29-2013 06:42 PM
It should be bridge group 1 under radio interface..
The configuration which I have posted on the previous post was to connect to wireless module. Hope that is working now..
Regards
Najaf
Sent from Cisco Technical Support iPhone App
01-28-2013 10:07 PM
Sorry Jon,
Do you want to make this access point as dhcp server for wireless client? I dont see any wireless configurations on this device?
The Gig port is always going to be a switch port and will be configured as Trunk port..
Try to configure the wireless as below.
configure terminal
dot11 ssid CatchVirusHere
vlan 1
authentication open
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
exit
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 192.168.1.2 255.255.255.0
!
ip default-gateway 192.168.1.1
!
bridge 1 protocol ieee
bridge 1 route ip
!
Regards
Najaf
Please rate when applicable or helpful !!!
01-29-2013 06:15 PM
Thank you for your help!
That is wierd I didnt even notice that. I have been using the Cisco Configuration Manager UI and just trusing it was flashing the config. I don't know why its not doing that but I am having the hardest time trying to get into the AP module. I am getting:
CiscoRouter#service-module wlan-ap 0 session
IP address needs to be configured on interface wlan-ap0
When I try to configure the interface to have an IP it tells me to use the service-module cmd seems liek a endless loop. Any ideas?
01-29-2013 06:31 PM
Hi Jon,
Try this..
conf terminal
interface wlan-ap0
ip unnumbered Vlan1
Regards
Najaf
Please rate when applicable or helpful !!!
01-29-2013 06:34 PM
Ok I found the wireless config from launching the http: configuration server on the AP. Maybe config should be Bridge Gropup 1?
! ! Last configuration change at 18:40:22 UTC Thu Apr 20 1905 by Cisco ! NVRAM config last updated at 18:40:22 UTC Thu Apr 20 1905 by Cisco ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname ap.CiscoGear.com. ! enable secret 5 $1$JFEK$e0.2kqVzcvLSyqgvVv2dX0 ! no aaa new-model ! ! ! dot11 ssid CISCOWIFI vlan 1 authentication open authentication key-management wpa mbssid guest-mode wpa-psk ascii 7 04501913032B144D1A ! ! ! username admin privilege 15 secret 5 $1$E2S4$CVZ/7DaDU4s2ovmiv1pTE. ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 1 mode ciphers aes-ccm ! broadcast-key vlan 1 change 30 ! ! ssid CISCOWIFI ! station-role root access-point ! interface Dot11Radio0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 2 bridge-group 2 subscriber-loop-control bridge-group 2 block-unknown-source no bridge-group 2 source-learning no bridge-group 2 unicast-flooding bridge-group 2 spanning-disabled ! interface GigabitEthernet0 description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router no ip address no ip route-cache ! interface GigabitEthernet0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface BVI1 ip address 192.168.1.2 255.255.255.0 no ip route-cache ! ip default-gateway 192.168.1.1 ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag bridge 1 route ip ! ! ! line con 0 no activation-character line vty 0 4 login local ! end
01-29-2013 06:42 PM
It should be bridge group 1 under radio interface..
The configuration which I have posted on the previous post was to connect to wireless module. Hope that is working now..
Regards
Najaf
Sent from Cisco Technical Support iPhone App
01-29-2013 07:07 PM
Ok the AP side keeps reloading the default configuration. I was able to fix the switch to not do that by following the directions here:
http://www.cisco.com/image/gif/paws/6201/lose_config_6201.pdf
The config register on the AP side is:
Configuration register is 0xF
Is that correct? If not I noticed there is no config-register ont he AP side. I think If I can just fix this the whole thing should work.
So close
Thanks!
01-29-2013 07:15 PM
Hi Jon,
0xF is fine.
Are you saving the configuration on the NVRAM with wr command. Or the AP's may be rebooting for some other reasons
Regards
Najaf
01-29-2013 08:51 PM
Ok I managed to get it set to Bridge 1 and I got an IP perfect... ..
Almost
Now the WAN port Fe4 will not bind
I get
CiscoRouter#renew dhcp fastEthernet 4
Not in Bound state.
Here is the interface details:
FastEthernet4 is up, line protocol is up
Hardware is PQII_PRO_UEC, address is 0022.9017.5ace (bia 0022.9017.5ace)
Internet address will be negotiated using DHCP
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:02, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
11091 packets input, 772482 bytes
Received 11091 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
182 packets output, 95855 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
2 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
I think this is the last thing holding me from having this thing fully configured.
Thanks I owe you a beer!
01-29-2013 09:34 PM
Hi Jon,
Where is this Ethernet 4 connected to?
Regards
Najaf
01-29-2013 10:03 PM
Interesting... I had it pluged into my old wireless router so that internet was still available and it should have provided an IP, it does for any other device plugged into the port. I pluged it direct into my modem and got and IP (I had done this first but it wasnt working, in hindsight its the reason in the next sentence). It seems though that I cannot get out to the internet even with the correct IP. The client shows connected to the AP and the client wireless interface shows IPV4 has internet access but nothing goes beyond the WAN interface; well http request anyway.
This is the config for that part:
interface FastEthernet4
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source list 1 interface FastEthernet4 overload
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
Thanks Najaf!
01-29-2013 10:13 PM
Hi Jon,
So when you connect this box directly to your modem your getting an ip address on Ethernet4? If so what is the ip address you are getting on Ethernet4.
Also try pinging 4.2.2.2 from this box and see if you are getting reply from internet.
Also looks like you have not specified the DNS servers in the DHCP scope (this is what i can see from the initial configuration which you have shared). Try putting DNS on the DHCP scope or try manually assigning the DNS as 4.2.2.2 on wireless client.
Let us know how it goes.
Regards
Najaf
Please rate when applicable or helpful !!!
01-29-2013 10:41 PM
I swore at it and it started working :-).. I have no idea why! Thank you for all your help really appreciate your time (five stars for sure!)
01-29-2013 10:44 PM
Hi Jon,
Great to hear that...
Regards
Najaf
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide