03-04-2014 05:48 PM - edited 03-07-2019 06:31 PM
Hi Guys,
I am setting up the wireless access point function of a Cisco 887VA-W.
I have got it broadcasting and security working.
Except for some reason DHCP is not working. I have to manually set IP and gateway on devices and once i have done that everything works perfectly.
DHCP is controlled by a Windows 2012 server at address 192.168.0.11
Below is the config for the AP service module of the router.
Is this config incorrect? or is there config i need to do on the Windows Server?
ap#sh run
Building configuration...
Current configuration : 3135 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ap
!
logging rate-limit console 9
enable secret 5 password
!
no aaa new-model
ip name-server 192.168.0.11
!
!
dot11 syslog
!
dot11 ssid MY WIFI
vlan 1
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 0 0404680399
!
!
!
username cisco privilege 15 secret 5 Password
username user privilege 15 secret 5 Password
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers aes-ccm tkip
!
ssid MY WIFI
!
antenna gain 0
mbssid
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
no ip route-cache
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 192.168.0.4 255.255.255.0
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
!
line con 0
privilege level 15
login local
no activation-character
line vty 0 4
login local
!
cns dhcp
end
03-06-2014 05:51 PM
here is a sh run from the router as well as the above is from the AP
router#sh run
Building configuration...
Current configuration : 4451 bytes
!
! Last configuration change at 09:36:06 GMT Wed Mar 5 2014 by user
! NVRAM config last updated at 09:31:15 GMT Wed Mar 5 2014 by user
! NVRAM config last updated at 09:31:15 GMT Wed Mar 5 2014 by user
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
clock timezone GMT 8 0
!
crypto pki trustpoint TP-self-signed-4148457899
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4148457899
revocation-check none
rsakeypair TP-self-signed-4148457899
!
!
crypto pki certificate chain TP-self-signed-4148457899
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34313438 34353738 3939301E 170D3133 31323238 30373332
35345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31343834
35373839 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B241 9EC9F22B E90B7A65 B552CF49 B529F8FD 0DD64DAE BD48F30A D4E7760A
C3D2D85A 19CB89A0 F0738062 E2F41E37 A549EA08 E8A400A5 B3DC6D13 CE765144
DF75D718 966420F8 3BF21A27 71978F50 A2BB2093 DE81241A 3A9E3C63 89FED35C
89BD6501 B0ED477B A75B525D 875001A0 66FC16E2 38AC42A4 0AEF07CA CD7C5C23
4D4B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 142A85B1 96895E4B 4C96E1F6 08E684D0 26B739DE FB301D06
03551D0E 04160414 2A85B196 895E4B4C 96E1F608 E684D026 B739DEFB 300D0609
2A864886 F70D0101 05050003 81810087 857EC023 2F8950B4 6EE4E06C F73CF9B7
596854DD 98C9EB8C D0C8974C C65AD693 1AED70FA 92CD32DE FD56CD23 6D8E030C
08D002E3 8AAD6CF0 40353ABE 86736353 867BC3F8 82FD897C 3E03EE64 72BD9C47
67C07734 CE615DF9 9A40AF08 F6786F23 5265175E 11038BBA E6F5D1E4 45E536AC
25D97F02 B8873E86 EA7F7A01 030D78
quit
ip cef
!
!
!
ip dhcp excluded-address 10.10.10.1
!
!
!
ip domain name mydomain.com
ip name-server 192.168.0.11
no ipv6 cef
!
!
license udi pid C887VA-W-A-K9 sn FTX1752832Q
!
!
username user privilege 15 secret 4 password
!
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
description WAN INTERFACE
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface Ethernet0
no ip address
shutdown
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
no ip address
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
!
interface Dialer0
ip address x.x.x.x 255.255.255.252
ip mtu 1452
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username myemail@email.com password 7 password
ppp ipcp dns request
no cdp enablef
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 199 interface Dialer0 overload
ip nat inside source static udp 192.168.0.12 443 interface Dialer0 443
ip nat inside source static tcp 192.168.0.12 3389 interface Dialer0 3389
ip nat inside source static udp 192.168.0.12 3389 interface Dialer0 3389
ip nat inside source static tcp 192.168.0.12 443 interface Dialer0 443
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 199 permit ip any any
dialer-list 1 protocol ip permit
no cdp run
!
!
!
line con 0
login local
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
07-30-2014 08:50 AM
Hi,
Did you ever get this resolved? I have ran into the same issue. I can ping from the AP both ways to the vlan interface on the routers and the endpoint if i set a static ip. I can't ping through from the endpoint to the router though. Not sure what config im missing!
07-30-2014 06:41 PM
Hey,
The issue seemed to resolve itself after i moved the router to another office (company moved). So it maybe it just needed a reboot.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide