05-26-2006 12:57 PM - edited 07-04-2021 12:11 PM
I am trying to get an 871 soho router wireless connections to work.
The SDM is useless.
I have tried to find docs on how and why and what to do - but no luck.
Been at the this for a week. Got the DSL and fw parts working, but not
wireless.
I have a Authentication Open setup - guest-mode enabled.
So I should be pretty wide open for connections.
I can see the SSID on a client PC, but cannot connect.
I'm running DHCP to clients
--------------------
config below
--------------------
bridge irb
!
interface FastEthernet4
description $ES_WAN$$FW_OUTSIDE$$ETH-WAN$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
!
interface Dot11Radio0
no ip address
!
ssid 1138
vlan 1
authentication open
guest-mode
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
48.0 54.0
station-role root
no cdp enable
bridge-group 1
bridge-group 1 spanning-disabled
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
ip address 192.168.0.109 255.255.255.0
ip access-group 102 in
ip nat inside
ip virtual-reassembly
!
interface Dialer1
description $FW_OUTSIDE$
mtu 1492
ip address negotiated
ip access-group 103 in
ip inspect DEFAULT100 out
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username xxxxxx@xxxxxx.net password xxx
ppp ipcp dns request accept
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source list 1 interface Dialer1 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 100 remark auto-generated by Cisco SDM Express firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto-generated by Cisco SDM Express firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 deny ip 192.168.0.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any
access-list 102 remark auto generated by SDM firewall configuration
access-list 102 remark SDM_ACL Category=1
access-list 102 deny ip host 255.255.255.255 any
access-list 102 deny ip 127.0.0.0 0.255.255.255 any
access-list 102 permit ip any any
access-list 103 remark auto generated by SDM firewall configuration
access-list 103 remark SDM_ACL Category=1
access-list 103 deny ip 192.168.0.0 0.0.0.255 any
access-list 103 permit icmp any any echo-reply
access-list 103 permit icmp any any time-exceeded
access-list 103 permit icmp any any unreachable
access-list 103 deny ip 10.0.0.0 0.255.255.255 any
access-list 103 deny ip 172.16.0.0 0.15.255.255 any
access-list 103 deny ip 192.168.0.0 0.0.255.255 any
access-list 103 deny ip 127.0.0.0 0.255.255.255 any
access-list 103 deny ip host 255.255.255.255 any
access-list 103 deny ip host 0.0.0.0 any
access-list 103 deny ip any any log
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Solved! Go to Solution.
09-20-2007 05:51 AM
Hello,
Just want to add my working version to the pool. What's posted here did not work for me, but the thread was very helpful.
Also helpful was this link:
http://www.velocityreviews.com/forums/t295238-cisco-871-wireless-setup-questions.html
Mine is a 877 Wireless with Adv Security - only 1 VLAN allowed.
hostname
!
boot-start-marker
boot system flash:/c870-advsecurityk9-mz.124-4.T7.bin
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address
ip dhcp excluded-address
ip dhcp excluded-address
ip dhcp excluded-address
!
ip dhcp pool
network
dns-server
default-router
!
!
no ip domain lookup
ip domain name
!
!
bridge irb
!
!
interface ATM0
no ip address
no ip mroute-cache
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface FastEthernet0
switchport mode trunk
speed 100
!
interface FastEthernet1
switchport mode trunk
speed 100
!
interface FastEthernet2
switchport mode trunk
speed 100
!
interface FastEthernet3
switchport mode trunk
speed 100
!
interface Dot11Radio0
no ip address
no ip route-cache cef
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
ssid
vlan 1
authentication open
authentication key-management wpa
guest-mode
wpa-psk
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
no snmp trap link-status
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
no ip address
no ip redirects
no ip proxy-arp
ip virtual-reassembly
ip route-cache flow
bridge-group 1
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname
ppp chap password
!
interface Dialer0
no ip address
no cdp enable
!
interface BVI1
ip address
no ip redirects
no ip proxy-arp
ip nat inside
ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map RMAP_1 interface Dialer1 overload
!
dialer-list 1 protocol ip permit
no cdp run
route-map RMAP_1 permit 1
match ip address NONAT
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide