01-25-2020 08:39 AM - edited 11-18-2020 03:13 AM
I have:
Product/Model Number : AIR-SAP1602I-E-K9
with
Cisco IOS Software, C1600 Software (AP1G2-K9W7-M), Version 15.3(3)JC, RELEASE SOFTWARE (fc1)
I need to have internet access via eth in a deep place of my basement. So I bought a small thing called wifi extender - Netis E1+ This small thing connects to my cisco AP via wifi but allows other devices connect to it via eth or the same wifi (so extending it) and give internet access to them. This device works in kind of a bridge mode which seems to be an issue to the AP and I dont know why. It gets the IP from cisco AP but all devices connected to extender via wifi or eth are not getting the IPs. I believe this kind of setup is not something uncommon. I have checked that this wifi extender works OK when using other (non cisco AP) wifi so the problem is with the setup of cisco ap. Maybe someone has an idea how to fix this? Below is my config extract, I tried all of SSIDs from there:
Building configuration...
Current configuration : 4890 bytes
!
! No configuration change since last restart
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
!
logging rate-limit console 9
!
no ip source-route
no ip cef
!
!
!
!
dot11 syslog
dot11 vlan-name guests vlan 3
dot11 vlan-name kids vlan 2
dot11 vlan-name sma vlan 1
!
dot11 ssid sma
vlan 1
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 ***
!
dot11 ssid sma_guests
vlan 3
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 ***
!
dot11 ssid sma_kids
vlan 2
rate-limit tcp input data-rate 1000 burst-size 1000
rate-limit tcp output data-rate 1000 burst-size 1000
rate-limit udp input data-rate 1000 burst-size 1000
rate-limit udp output data-rate 1000 burst-size 1000
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 ***
!
!
!
no ipv6 cef
bridge irb
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
encryption vlan 1 mode ciphers aes-ccm
!
encryption vlan 2 mode ciphers aes-ccm
!
encryption vlan 3 mode ciphers aes-ccm
!
ssid sma
!
ssid sma_guests
!
ssid sma_kids
!
antenna gain 0
stbc
beamform ofdm
mbssid
no preamble-short
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.3
encapsulation dot1Q 3
ip access-group only_internet_ACL in
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
!
encryption mode ciphers aes-ccm
!
encryption vlan 1 mode ciphers aes-ccm
!
encryption vlan 2 mode ciphers aes-ccm
!
encryption vlan 3 mode ciphers aes-ccm
!
ssid sma
!
ssid sma_guests
!
ssid sma_kids
!
antenna gain 0
peakdetect
no dfs band block
stbc
mbssid
channel width 40-below
channel dfs
station-role root
!
interface Dot11Radio1.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1.3
encapsulation dot1Q 3
ip access-group only_internet_ACL in
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface BVI1
mac-address ***
ip address 192.168.8.96 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.8.1
ip forward-protocol nd
ip access-list extended only_internet_ACL
!
bridge 1 route ip
!
end
Hey Scott, thanks for reply. I dont see this 'passive client' option in configuration guide for this AP. I am suprised there is no other workaround for this (without wlc) as these 'extenders' are pretty common nowadays... For now I have an old router with tomato which I have set up as a wifi client and it does nat for the end eth device. The good thing is that end device has internet access, whats not so good its behind (another) nat, plus the router is not so small as the extender...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: