How do I share connection between 2 dhcp pools?

kweightman · ‎12-08-2013

Hi All

we currently run our LAN on a 192.168.2.x 255.255.255.0 network. We separated our wireless access points to run off 192.168.3.x network. The WAPs give out dhcp fine, but gets no internet or internal connection.

How do we make the .3.x wlan connect to the .2.x lan and get internet and connect to internal resources?

Im new to cisco so please be patient!

Thanks!

John Blakley · ‎12-08-2013

The wireless clients should be on a separate vlan. The data clients are probably on your native vlan. (Maybe you could post the config.) If the data clients are getting to the internet, but the wireless clients aren't, it's probably got something to do with either routing or nat.

Is dhcp on a router/switch or a server?

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

kweightman · ‎12-08-2013

the WAN goes into a 891 switch (config is below) which connects to a 3000 switch with both wired and wireless clients. The wireless is on a different vlan(we named vlan 10), and gets dhcp fine, so i think problem is we need to connect the two vlans somehow?

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

!

aaa new-model

!

aaa authentication ppp default local

!

aaa session-id common

!

crypto pki trustpoint TP-self-signed-298659689

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-298659689

revocation-check none

rsakeypair TP-self-signed-298659689

!

ip source-route

!

ip dhcp excluded-address 192.168.2.1 192.168.2.10

ip dhcp excluded-address 192.168.2.200 192.168.2.254

ip dhcp excluded-address 192.168.2.1

ip dhcp excluded-address 192.168.2.10

ip dhcp excluded-address 192.168.2.200

ip dhcp excluded-address 192.168.2.254

!

ip dhcp pool 0

import all

network 192.168.2.0 255.255.255.0

default-router 192.168.2.1

dns-server 192.168.2.1 192.168.2.1

lease infinite

!

ip dhcp pool 10

network 192.168.3.0 255.255.255.0

default-router 192.168.2.1

dns-server 192.168.2.1

!

interface Loopback0

no ip address

!

interface FastEthernet0

switchport mode trunk

duplex full

speed 100

!

interface FastEthernet1

shutdown

!

interface FastEthernet2

shutdown

!

interface FastEthernet3

shutdown

!

interface FastEthernet4

shutdown

!

interface FastEthernet5

shutdown

!

interface FastEthernet6

shutdown

!

interface FastEthernet7

shutdown

!

interface FastEthernet8

description $ES_WAN$$FW_OUTSIDE$

bandwidth 1800

bandwidth receive 13000

ip address 192.168.0.254 255.255.255.0

ip access-group 103 in

ip nat enable

ip tcp adjust-mss 1452

duplex full

speed 100

priority-group 5

crypto map ipsec-rackspace

!

interface Virtual-Template1

ip unnumbered Vlan1

ip access-group 104 in

ip access-group 104 out

ip nat enable

peer default ip address pool defaultpool

ppp encrypt mppe auto required

ppp authentication ms-chap ms-chap-v2

!

interface GigabitEthernet0

no ip address

shutdown

duplex auto

speed auto

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$

ip address 192.168.2.1 255.255.255.0

ip access-group 102 in

ip access-group 102 out

ip flow ingress

ip nat enable

ip tcp adjust-mss 1452

!

interface Vlan10

description $WI-FI VLAN 1$

ip address 192.168.3.1 255.255.255.0

ip access-group 123 in

ip access-group 123 out

ip flow ingress

ip nat inside

ip nat enable

ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface Async1

no ip address

encapsulation slip

!

router eigrp 1

network 192.168.2.0

network 192.168.3.0

!

ip local pool defaultpool 10.0.2.1 10.0.2.255

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

Drew Browning · ‎12-08-2013

Do you have the SVI created on core for the inter-vlan routing?

kweightman · ‎12-08-2013

no idea, the config is above?

Rolf Fischer · ‎12-08-2013

Hi Kyle,

ip dhcp pool 10

network 192.168.3.0 255.255.255.0

default-router 192.168.2.1

dns-server 192.168.2.1

!

the default-gateway for the clients in the 192.168.3.0/24 network should be 192.168.3.1

HTH

Rolf

kweightman · ‎12-08-2013

ok bwhat about DNS?

if i change the GW to .3.1 will that be able to connect to internet then?

thanks for this, not very experienced!

Rolf Fischer · ‎12-08-2013

With a new DHCP lease, a wireless client now should be able to reach it's default gateway (ping 192.168.3.1).

I'd expect that that 192.168.2.1 is be reachalbe too, so DNS should work as well.

If the wireless client can ping 192.168.2.1, you can test DNS with "nslookup www.cisco.com".

kweightman · ‎12-08-2013

would 192.168.2.1 (the 891) be reachable from a .3.1 client though?

If not, what should i check for?

Rolf Fischer · ‎12-08-2013

Perhaps we should have a look at the access-lists.

Could you post the outputs of

show access-list 102
show access-list 123

kweightman · ‎12-08-2013

Extended IP access list 102

10 permit tcp any any eq www log (4655378 matches)

20 permit tcp any eq www any log (5026056 matches)

30 permit tcp any any eq domain log

40 permit tcp any eq domain any log

50 permit ip any any (3654644 matches)

ciscorouter#show access-list 123

Extended IP access list 123

10 permit tcp any any eq www (167 matches)

20 permit tcp any any eq domain

30 permit udp any any eq domain (49 matches)

40 permit ip any host 192.168.2.205

50 permit ip any host 192.168.2.250 (35 matches)

60 permit ip any host 192.168.2.241

70 permit ip any host 192.168.2.204 (14 matches)

80 permit ip any host 192.168.2.248 (8 matches)

90 permit ip any host 192.168.2.228

100 permit ip any host 192.168.2.229

110 permit ip any host 192.168.2.247 (9 matches)

120 permit ip any host 192.168.2.251

130 permit ip any host 192.168.2.252

140 permit ip any host 192.168.2.202

150 permit ip any any (2111 matches)

Edit: i should also say that when connecting to wirelss, it assigns 192.168.3.x addresses fine, but cant connect to internet or network resources. I presume because they are all on 192.168.2.x network?

thanks