Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
998
Views
0
Helpful
5
Replies

Can't ping AP or use DHCP.

scotthudson3ht
Level 1
Level 1

‎04-29-2005 01:40 PM - edited ‎07-04-2021 10:43 AM

I've got a Cisco 1230 Aironet and I've got two VLANs running on it. VLAN 120 (192.168.120.x) for wireless users and VLAN 118 (192.168.118.x) for network management.

I have no problem connecting wirelessly to the AP. The problem is I can't get a DHCP address from the AP. I can assign myself an address in the segment and ping the gateway .1, but I can't ping 192.168.120.2, the ip address of the AP. Both the AP's and the switch's Ethernet ports are set to 100/full. I even added "switchport trunk nonegoitate" to the switch the AP is attached to.

I do know that DHCP was working when I has the AP configured very simply. Originally everything was working on the default VLAN. As soon as I started adding VLANs and trunks, DHCP stopped working.

Attached is 'show tech-support'.

Labels:
0 Helpful
5 Replies 5

scotthudson3ht
Level 1
Level 1

‎04-29-2005 01:41 PM

Attachment.

Preview file
73 KB
0 Helpful

rll3
Level 1
Level 1

‎05-03-2005 02:02 PM

What kind of management are you using on 192.168.118.x?

0 Helpful

AndreasWeller
Level 1
Level 1

‎05-04-2005 12:16 AM

What´s you´re IOS Version?

We had the same problem with Version 12.3(2), after installing IOS 12.3(4) everything works fine...

0 Helpful

scotthudson3ht
Level 1
Level 1
In response to AndreasWeller

‎05-04-2005 12:25 PM

I'm using 12.3(4)JA.

Right now I'm just trying to ping the AP on the .118.x network. I'm pretty sure all the trunking is correct.

Here is my new config:

Building configuration...

Current configuration : 3762 bytes

!

version 12.3

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname 3ht-ap1

!

enable secret xxxx

!

ip subnet-zero

ip dhcp excluded-address 192.168.120.1 192.168.120.10

ip dhcp ping packets 3

!

ip dhcp pool wireless

network 192.168.120.0 255.255.255.0

domain-name 3ht.com

dns-server 192.168.117.81 192.168.117.82 192.168.117.83

default-router 192.168.120.1

!

!

no aaa new-model

!

dot11 ssid 3ht!phone

vlan 121

authentication open

!

dot11 ssid 3ht!test

vlan 120

authentication open

!

!

!

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption vlan 120 key 1 size 128bit xxx C transmit-key

encryption vlan 120 mode wep mandatory

!

encryption vlan 121 key 1 size 128bit xxx transmit-key

encryption vlan 121 mode wep mandatory

!

ssid 3ht!phone

!

ssid 3ht!test

!

short-slot-time

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

rts threshold 2312

station-role root

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio0.120

encapsulation dot1Q 120

no ip route-cache

bridge-group 120

bridge-group 120 subscriber-loop-control

bridge-group 120 block-unknown-source

no bridge-group 120 source-learning

no bridge-group 120 unicast-flooding

bridge-group 120 spanning-disabled

!

interface Dot11Radio0.121

encapsulation dot1Q 121

no ip route-cache

bridge-group 121

bridge-group 121 subscriber-loop-control

bridge-group 121 block-unknown-source

no bridge-group 121 source-learning

no bridge-group 121 unicast-flooding

bridge-group 121 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

speed 100

full-duplex

!

interface FastEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface FastEthernet0.120

encapsulation dot1Q 120

no ip route-cache

bridge-group 120

no bridge-group 120 source-learning

bridge-group 120 spanning-disabled

!

interface FastEthernet0.121

encapsulation dot1Q 121

no ip route-cache

bridge-group 121

no bridge-group 121 source-learning

bridge-group 121 spanning-disabled

!

interface BVI1

ip address 192.168.118.10 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.118.1

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1

!

logging snmp-trap emergencies

logging snmp-trap alerts

logging snmp-trap critical

logging snmp-trap errors

logging snmp-trap warnings

!

control-plane

!

!

!

!

line con 0

password xxxx

login

transport preferred all

transport output all

line vty 0 4

password xxx

login

transport preferred all

transport input all

transport output all

line vty 5 15

password xxx

login

transport preferred all

transport input all

transport output all

!

end

0 Helpful

AndreasWeller
Level 1
Level 1
In response to scotthudson3ht

‎05-09-2005 10:54 PM

Hm, seem´s to be the right config. I´m sorry i had not enough time to search for your bug, but here is my config of the aironet. This config works fine with two external dhcp servers on each vlan.

version 12.3

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname XXXX

!

enable secret XXXXXXX

!

username XXXXX privilege 15 password 7 XXXXXXX

ip subnet-zero

!

!

aaa new-model

!

!

aaa group server radius rad_eap

server 10.xxxx auth-port 1812 acct-port 1813

!

aaa group server radius rad_mac

!

aaa group server radius rad_acct

server 10.xxxx auth-port 1812 acct-port 1813

!

aaa group server radius rad_admin

server 10.xxxx auth-port 1812 acct-port 1813

!

aaa group server tacacs+ tac_admin

server 10.xxxxx

!

aaa group server radius rad_pmip

!

aaa group server radius dummy

!

aaa group server tacacs+ tac_acct

server 10.xxxxx

!

aaa authentication login default group tac_admin local

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authentication enable default enable

aaa accounting exec default start-stop group tac_acct

aaa accounting commands 15 default start-stop group tac_acct

aaa accounting network default start-stop group rad_acct

aaa accounting connection default start-stop group tac_acct

aaa accounting system default start-stop group tac_acct

aaa session-id common

dot11 vlan-name GuestVlan vlan 2

!

dot11 ssid 802.1x

vlan 1

authentication open eap eap_methods

authentication network-eap eap_methods

accounting acct_methods

!

dot11 ssid GuestVlan

vlan 2

authentication open

accounting acct_methods

guest-mode

!

!

!

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode wep mandatory

!

encryption vlan 1 mode wep mandatory

!

ssid 802.1x

!

ssid GuestVlan

!

short-slot-time

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

54.0

power local cck 1

power local ofdm 1

channel 2462

station-role root

no cdp enable

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio0.2

encapsulation dot1Q 2

no ip route-cache

bridge-group 2

bridge-group 2 subscriber-loop-control

bridge-group 2 block-unknown-source

no bridge-group 2 source-learning

no bridge-group 2 unicast-flooding

bridge-group 2 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

!

interface FastEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface FastEthernet0.2

encapsulation dot1Q 2

no ip route-cache

bridge-group 2

no bridge-group 2 source-learning

bridge-group 2 spanning-disabled

!

interface BVI1

ip address 10.xxxxx 255.xxxxxx

no ip route-cache

!

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

ip radius source-interface BVI1

!

logging snmp-trap emergencies

logging snmp-trap alerts

logging snmp-trap critical

logging snmp-trap errors

logging snmp-trap warnings

tacacs-server host 10.xxxxx

tacacs-server directed-request

tacacs-server key 7 xxxxx

radius-server attribute 32 include-in-access-req format

radius-server host 10.xxxxx auth-port 1812 acct-port 1813 key 7 xxxxxx

radius-server vsa send accounting!

control-plane

!

bridge 1 route ip

!

line con 0

xxxx

line vty 0 4

xxxxx

line vty 5 15

xxxxxxl

!

end

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card