Wireless Config

smarshalek · ‎10-19-2011

Hello,

I have a Cisco 871W in a home office environment. My problrem is my wifi laptop cannot reach the internet.

I have the router configured with auto configuration and DHCP and the laptop is pulling the correct IP(I compared the IP to my working tower). and I cab browse to the router via IP(which is also my default gateway. I just can't get beyond that i.e. google.com, etc.

I have excellent signal strenght. I think it may be a router config issue. Please advise. Thank you.

Jon Marshall · ‎10-19-2011

Stan

It may well be a router config issue as you say but we can't tell because you haven't supplied the config

Can you post the config, it could well be a NAT issue ?

With your DHCP setup are you handing out a valid DNS server ?

From the router can you ping an internet IP ?

Jon

smarshalek · ‎10-19-2011

Hi Jon.

As I stated - I compared the DNS to my working tower and it is correct. The host IP is correct. No I cannot PING anything on the internet.

Current configuration : 3924 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime localtime show-timezone
no service password-encryption
!
hostname SJMRouter
!
boot-start-marker
boot-end-marker
!
logging buffered 16384 informational
enable secret 5 $1$L595$KHbJKC0kS3Nb0h2u92ojf.
!
no aaa new-model
clock timezone EST -5
clock save interval 8
!
crypto pki trustpoint TP-self-signed-3636220250
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3636220250
revocation-check none
rsakeypair TP-self-signed-3636220250
!
!
crypto pki certificate chain TP-self-signed-3636220250
certificate self-signed 01
3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33363336 32323032 3530301E 170D3032 30373139 30313133
32385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 36333632
32303235 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CF48 90F82435 DBE17A1F F5029D03 ED3B34CB 4ED603E2 6DAACB5E 12517DFD
7CF44AC3 F69DD671 CF72F4D6 C736C7E3 E7D5297C 6F87EBD4 4F7255DF 09B30998
7C40916A 325338F2 FF43717B 6D6B7598 186931A2 A6E97688 FC691B1C F9420E15
92579F6E 89AB7D96 9A4F2380 310A3CD0 59C4C5DC E044ABE6 646E2992 0BDB18AC
069B0203 010001A3 75307330 0F060355 1D130101 FF040530 030101FF 30200603
551D1104 19301782 15534A4D 526F7574 65722E63 6F6D6361 73742E6E 6574301F
0603551D 23041830 1680144F 249744C1 828F85DD F4ABD9F3 698EE514 9B0B3F30
1D060355 1D0E0416 04144F24 9744C182 8F85DDF4 ABD9F369 8EE5149B 0B3F300D
06092A86 4886F70D 01010405 00038181 00864127 E9D5E8C9 5C3AB322 33A336DB
1C0CACDC E5138E1B AA194C60 0AA661C5 C9594EFA 686B96B9 EB1F4A19 B07D0F54
        quit
dot11 syslog
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
!
ip dhcp pool LANDHCP
   import all
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 68.87.77.134 68.87.72.134
   lease 3
!
!
ip domain name comcast.net
!
!
!
!
archive
log config
hidekeys
!
!
ip ssh version 2
!
!
!
interface Loopback0
no ip address
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description INTERNET WAN PORT
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Dot11Radio0
description WLAN Port
no ip address
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
ip default-gateway 76.112.248.1
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet4 overload
!
logging source-interface Loopback0
access-list 1 permit 192.168.1.0 0.0.0.255
no cdp run
!
!
!
control-plane
!
banner motd ^C
=====================================================
This is a secure router, unauthorized logins
are restricted.
=====================================================

!
line con 0
exec-timeout 30 0
logging synchronous
login
no modem enable
line aux 0
line vty 0 4
access-class 23 in
exec-timeout 20 0
privilege level 15
logging synchronous
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end

Jon Marshall · ‎10-19-2011

Stan

Yes, you did say you had a working DNS server, apologies.

You need to modify your config ie. - you need to bridge the internal wired network and the wireless network. So most of the config below is new but you need to move the IP address from vlan 1 to the bvi interface -

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

description Internal Network

no ip address

ip nat inside

ip virtual-reassembly

bridge-group 1

!

interface BVI1

description Bridge to Internal Network

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

Jon

smarshalek · ‎10-19-2011

Thanks Jon. Does this config replace anything or should I just copy paste into the running config?

Jon Marshall · ‎10-19-2011

Stan

It doesn't replace anything but you need to look at the vlan 1 config on the router and what i have posted and modify accordingly ie. remove the IP and put it under the bvi interface and add the "brige group 1" command under the vlan 1 interface.

Jon

smarshalek · ‎10-19-2011

Thst looks like it is included in your config list. Is that correct? I am a newbie to the Cisco environment. Thanks.

smarshalek · ‎10-19-2011

Hi Jon - this is my boot information after I pasted your commands. The one thing I noticed was the BV1 state is down.

[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]
[OK]

              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Right
              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706

Cisco IOS Software, C870 Software (C870-ADVSECURITYK9-M), Version 12.4(15)T9, RE
LEASE SOFTWARE (fc5)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 29-Apr-09 05:52 by prod_rel_team
Image text-base: 0x8002007C, data-base: 0x81A77A68

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Installed image archive
Cisco 871W (MPC8272) processor (revision 0x300) with 118784K/12288K bytes of mem
ory.
Processor board ID FHK124920CF
MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10
5 FastEthernet interfaces
1 802.11 Radio
128K bytes of non-volatile configuration memory.
24576K bytes of processor board System flash (Intel Strataflash)

SETUP: new interface NVI0 placed in "shutdown" state
% There may not be enough space available to collect the complete crashinfo
% It would be advisable to have 280755 bytes free space on flash:crashinfo

Press RETURN to get started!

*Mar 1 00:00:10.879: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State change
d to: Initialized
*Mar 1 00:00:10.883: %VPN_HW-6-INFO_LOC: Crypto engine: onboard 0 State change
d to: Enabled
*Mar 1 00:00:13.639: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to
up
*Mar 1 00:00:13.639: %LINK-3-UPDOWN: Interface FastEthernet4, changed state to
up
*Mar 1 00:00:14.639: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et0, changed state to up
*Mar 1 00:00:14.639: %LINEPROTO-5-UPDO
=====================================================
This is a secure router, unauthorized logins
are restricted.
=====================================================

User Access Verification

Password: WN: Line protocol on Interface FastEthernet4, changed state to up
*Mar 1 00:00:16.239: USB init complete.
*Feb 28 19:00:17 EST: %SYS-6-CLOCKUPDATE: System clock has been updated from 00:
00:17 UTC Fri Mar 1 2002 to 19:00:17 EST Thu Feb 28 2002, configured from consol
e by console.
*Feb 28 19:00:18 EST: %SYS-5-CONFIG_I: Configured from memory by console
*Oct 5 03:09:33 EST: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C870 Software (C870-ADVSECURITYK9-M), Version 12.4(15)T9, RE
LEASE SOFTWARE (fc5)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 29-Apr-09 05:52 by prod_rel_team
*Oct 5 03:09:33 EST: %SNMP-5-COLDSTART: SNMP agent on host SJMRouter is undergo
ing a cold start
*Oct 5 03:09:33 EST: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Oct 5 03:09:33 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
*Oct 5 03:09:33 EST: %DOT11-6-FREQ_SCAN: Interface Dot11Radio0, Scanning freque
ncies for 19 seconds
*Oct 5 03:09:33 EST: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF
*Oct 5 03:09:33 EST: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF
*Oct 5 03:09:33 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, chan
ged state to down
*Oct 5 03:09:33 EST: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to r
eset
*Oct 5 03:09:34 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio
0, changed state to down
*Oct 5 03:09:34 EST: %LINK-5-CHANGED: Interface NVI0, changed state to administ
ratively down
*Oct 5 03:09:34 EST: %LINK-3-UPDOWN: Interface FastEthernet3, changed state to
up
*Oct 5 03:09:34 EST: %LINK-3-UPDOWN: Interface FastEthernet2, changed state to
up
*Oct 5 03:09:34 EST: %LINK-3-UPDOWN: Interface FastEthernet1, changed state to
up
*Oct 5 03:09:34 EST: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to
up
*Oct 5 03:09:35 EST: %LINK-3-UPDOWN: Interface BVI1, changed state to down
*Oct 5 03:09:35 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et3, changed state to down
*Oct 5 03:09:35 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et2, changed state to down
*Oct 5 03:09:35 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et1, changed state to down
*Oct 5 03:09:35 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern
et0, changed state to down
*Oct 5 03:09:53 EST: %DOT11-6-FREQ_USED: Interface Dot11Radio0, frequency 2427
selected
*Oct 5 03:09:53 EST: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up

*Oct 5 03:09:54 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio
0, changed state to up
*Oct 5 03:10:04 EST: %LINK-3-UPDOWN: Interface BVI1, changed state to up
*Oct 5 03:10:05 EST: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, chan
ged state to up
% Password: timeout expired!
Password:

smarshalek · ‎10-19-2011

Full reset of the LAN. Still cannot access Internet via Wifi....

Jon Marshall · ‎10-20-2011

Stan

Can you post new config + the output of "sh ip int brief"

Jon

smarshalek · ‎10-20-2011

Hi Jon -

SJMRouter#sh ip int brief
Interface IP-Address OK? Method Status Prot
ocol
FastEthernet0 unassigned YES unset up down

FastEthernet1 unassigned YES unset up down

FastEthernet2 unassigned YES unset up down

FastEthernet3 unassigned YES unset up down

FastEthernet4 unassigned YES DHCP up down

Dot11Radio0 unassigned YES NVRAM up up

Dot11Radio0.1 unassigned YES unset up up

Vlan1 unassigned YES NVRAM up down

Loopback0 unassigned YES NVRAM up up

NVI0 unassigned YES unset administratively down down

BVI1 192.168.1.1 YES NVRAM up up

SJMRouter#