Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
617
Views
0
Helpful
1
Replies

can I have 2 separate wireless LANs on one router?

jerrywardensmith
Level 1
Level 1

‎02-17-2011 05:45 AM - edited ‎07-03-2021 07:50 PM

I have an 857 wireless router on which I would like to have 2 wireless LANs, one for public (but secure) access and another for private secure access. Can I do this through the virtual LANs on the 857 router? Many thanks. Jerry

Labels:
0 Helpful
1 Reply 1

Serge Yasmine
Cisco Employee
Cisco Employee

‎02-17-2011 07:28 AM

This can be of help for you. It is a flat config with 3 ssids, 3 vlans but with no security.

you can add security per ssid example:

dot11 ssid public

vlan1

authentication open

athentication key management wpa

wpa psk ascii <12345678>

int do0

encryption vlan 1 cipher tkip

dot11 ssid private

vlan2

authentication open

athentication key management wpa

wpa psk ascii <12345678>

int do0

encryption vlan 2 cipher tkip

Begin paste from my router.

Router#show run
Building configuration...

Current configuration : 3765 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5
!
no aaa new-model
!
dot11 ssid 1800_ssid_vlan1
   vlan 1
   authentication open
!
dot11 ssid 1800_ssid_vlan2
   vlan 2
   authentication open
!
dot11 ssid 1800_ssid_vlan3
   vlan 3
   authentication open
!
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.254
ip dhcp excluded-address 192.168.2.254
ip dhcp excluded-address 192.168.3.254
!
ip dhcp pool vlan1
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.254
!
ip dhcp pool vlan2
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.254
!
ip dhcp pool vlan3
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.254
!
!
!
multilink bundle-name authenticated
!
!
!
!
username password 0
!
!
controller DSL 0
line-term cpe
!
!
bridge irb
!
!
!
interface FastEthernet0
ip address 10.10.10.3 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface FastEthernet1
description in VLAN1
!
interface FastEthernet2
description in VLAN2
switchport access vlan 2
!
interface FastEthernet3
description in VLAN3
switchport access vlan 3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface Dot11Radio0
no ip address
!
ssid 1800_ssid_vlan1
!
ssid 1800_ssid_vlan2
!
ssid 1800_ssid_vlan3
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.2
encapsulation dot1Q 2
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 spanning-disabled
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
!
interface Dot11Radio0.3
encapsulation dot1Q 3
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 spanning-disabled
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
!
interface Dot11Radio1
no ip address
shutdown
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
no ip address
bridge-group 1
!
interface Vlan2
no ip address
bridge-group 2
!
interface Vlan3
no ip address
bridge-group 3
!
interface BVI1
ip address 192.168.1.254 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface BVI2
ip address 192.168.2.254 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface BVI3
ip address 192.168.3.254 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip route 0.0.0.0 0.0.0.0 10.10.10.1
!
!
no ip http server
no ip http secure-server
ip nat inside source list 100 interface FastEthernet0 overload
!
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
access-list 100 permit ip 192.168.3.0 0.0.0.255 any
!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
bridge 3 protocol ieee
bridge 3 route ip
!
line con 0
line aux 0
line vty 0 4
login local
!
end

Router#

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card