Re: connecting 4402 wlc to 3550 with a 1131 ap with the 3550

j1223aw · ‎07-06-2013

Thanks vinay sharma, my 1131 ap did get an ip via option 43 using your video to help. can you make a video connecting 4402 wlc to 3550 with a 1131 ap with the 3550 getting its internet from a linksys router connect to optimum ISP? I am having a problem with this setup. I have 3 vlans and on some I can access the internet via pc connect directly to port on 3550 and on other I have no connection. when I connect via ap I cannot access wlc via https.

j1223aw · ‎07-06-2013

Cisco3550#show run

Building configuration...

Current configuration : 4447 bytes

!

! No configuration change since last restart

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Cisco3550

!

enable secret 5 $1$uKpW$0IodtHgpYKIwl1i4XyT990

!

clock timezone EST -5

ip subnet-zero

ip routing

ip dhcp excluded-address 192.168.4.95 192.168.4.150

ip dhcp excluded-address 192.168.3.100 192.168.3.110

!

ip dhcp pool VLAN30_WIRELESS_MANAGEMENT

network 192.168.4.0 255.255.255.0

dns-server 4.2.2.1

option 43 hex f104.c0a8.0462

default-router 192.168.1.2

lease 8

!

ip dhcp pool WIRLESS_GUEST

network 192.168.3.0 255.255.255.0

default-router 192.168.3.100

dns-server 4.2.2.1

domain-name Cisco3550test.net

lease 30

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface FastEthernet0/1

switchport access vlan 30

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/2

switchport access vlan 30

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/3

switchport access vlan 30

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/4

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/5

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/6

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/7

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/8

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/9

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/10

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/11

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/12

switchport access vlan 30

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/13

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/14

switchport access vlan 1000

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

switchport nonegotiate

spanning-tree portfast

!

interface FastEthernet0/15

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/16

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/17

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/18

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/19

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/20

switchport access vlan 1000

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport trunk allowed vlan 10,20,30

switchport mode trunk

!

interface FastEthernet0/21

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/22

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/23

switchport access vlan 1000

switchport mode access

spanning-tree portfast

!

interface FastEthernet0/24

description LINK_TO_LINKSYS_NETWORK

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport trunk allowed vlan 1,10,20,30

switchport mode trunk

!

interface GigabitEthernet0/2

switchport access vlan 1000

switchport mode access

shutdown

spanning-tree portfast

!

interface Vlan1

no ip address

shutdown

!

interface Vlan10

description Me Only

ip address 192.168.1.2 255.255.255.0

!

interface Vlan20

description Wireless Guest

ip address 192.168.3.100 255.255.255.0

!

interface Vlan30

description Management Ap

ip address 192.168.4.100 255.255.255.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.0

ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip http server

!

line con 0

password usa2004

logging synchronous

login

line vty 0 4

password usa2004

login

line vty 5 15

password usa2004

login

!

ntp clock-period 17180657

ntp server 64.90.182.55 prefer

ntp server 96.47.67.105 prefer

end

Controller config

Interface Name Port Vlan Id IP Address Type Ap Mgr Guest

-------------------------------- ---- -------- --------------- ------- ------ -----

ap-manager LAG 10 192.168.1.98 Static Yes No

management LAG 10 192.168.4.99 Static No No

service-port N/A N/A 0.0.0.0 Static No No

virtual N/A N/A 192.168.1.51 Static No No

(Cisco Controller) >

AP Config

InfiniteSys1#show run

Building configuration...

Current configuration : 17599 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname InfiniteSys1

!

logging rate-limit console 9

enable secret 5 $1$2Gp.$F7jpqm4dn3LH5TwNi1EF/.

!

aaa new-model

!

aaa authentication login default local

!

aaa session-id common

power inline negotiation prestandard source

eap profile lwapp_eap_profile

method fast

!

crypto pki trustpoint Cisco_IOS_MIC_cert

revocation-check none

rsakeypair Cisco_IOS_MIC_Keys

!

crypto pki trustpoint cisco-root-cert

revocation-check none

rsakeypair Cisco_IOS_MIC_Keys

!

crypto pki trustpoint airespace-device-root-cert

revocation-check none

rsakeypair Cisco_IOS_MIC_Keys

!

crypto pki trustpoint airespace-new-root-cert

revocation-check none

rsakeypair Cisco_IOS_MIC_Keys

!

crypto pki trustpoint airespace-old-root-cert

revocation-check none

rsakeypair Cisco_IOS_MIC_Keys

!

dot1x credentials lwapp_credentials

username admin

password 7 0523570829195E5A4A01

!

username admin secret 5 $1$H3a5$I5FdaTUW./6g.3Kjtmuvd.

!

ip ssh version 2

!

interface Dot11Radio0

no ip route-cache

mbssid

power client local

packet retries 64 drop-packet

!

interface Dot11Radio1

no ip route-cache

mbssid

power client local

packet retries 64 drop-packet

!

interface FastEthernet0

ip address dhcp client-id FastEthernet0

no ip route-cache

duplex auto

speed auto

dot1x pae supplicant

dot1x credentials lwapp_credentials

dot1x eap profile lwapp_eap_profile

!

no ip http server

logging trap errors

logging origin-id string AP:0021.d836.546a

logging facility kern

logging snmp-trap notifications

logging snmp-trap informational

logging snmp-trap debugging

logging 255.255.255.255

!

control-plane

!

line con 0

line vty 0 4

transport input all

line vty 5 15

transport input all

!

end

j1223aw · ‎07-06-2013

Fixed it

Needed to add a static route on the linksys to the vlans.

connecting 4402 wlc to 3550 with a 1131 ap﻿ with the 3550 getting its internet from a linksys router connect to optimum ISP?

connecting 4402 wlc to 3550 with a 1131 ap with the 3550 getting its internet from a linksys router connect to optimum ISP?