06-15-2020 05:13 AM - edited 07-05-2021 12:10 PM
Hello there fellow networkers
I have problem setting up my 802.11n access point. I followed tutorial "Configuring the Access Point for the First Time"
I can ping internet from AP however when I connect my Iphone as I client I get "No internet connection"
The problem!
I recently passed my CCNA and studying towards CCNP Enterprise. In the new ENCOR exam there is 4 chapters of wifi but nothing about CLI configuration. The problem is that with Ethernet I can go back and reread chapters if I dont understand something, in case with WiFi I just have to follow tutorials even though I dont have a clue what the particular command means I just can try to guess.
If a wise man/women could help me I would appreciate that.
Thank you in advance
C897VAG-LTE-GA-K9 ***********************************
Core#show run
Building configuration...
Current configuration : 3632 bytes
!
! No configuration change since last restart
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Core
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$1x.t$M7kl4Fx2z0XnMFHiHMUUQ/
!
no aaa new-model
ethernet lmi ce
clock timezone GMT 1 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.1.1
!
ip dhcp pool vlan 2
network 192.168.1.0 255.255.255.248
default-router 192.168.1.1
dns-server 8.8.8.8
!
ip dhcp pool vlan 3
network 192.168.3.0 255.255.255.248
dns-server 8.8.8.8
default-router 192.168.3.1
!
!
!
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
chat-script lte "" "AT!CALL" TIMEOUT 20 "OK"
!
!
!
!
!
license udi pid C897VAG-LTE-GA-K9 sn FCZ194393LQ
!
!
vtp mode transparent
!
!
!
!
!
controller VDSL 0
!
controller Cellular 0
lte modem link-recovery rssi onset-threshold -110
lte modem link-recovery monitor-timer 20
lte modem link-recovery wait-timer 10
lte modem link-recovery debounce-count 6
!
vlan 2
name MEDIA
!
vlan 3
!
!
!
!
!
!
!
!
!
!
!
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
!
interface Cellular0
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation slip
dialer in-band
dialer string lte
dialer-group 1
routing dynamic
!
interface Cellular1
no ip address
encapsulation slip
!
interface Ethernet0
no ip address
shutdown
!
interface GigabitEthernet0
description NAS Gigabit1
switchport access vlan 2
no ip address
duplex full
speed 1000
spanning-tree portfast
!
interface GigabitEthernet1
description TV main
switchport access vlan 2
no ip address
duplex full
spanning-tree portfast
!
interface GigabitEthernet2
description LAN
switchport access vlan 2
no ip address
spanning-tree portfast
!
interface GigabitEthernet3
no ip address
duplex full
speed 1000
spanning-tree portfast
!
interface GigabitEthernet4
no ip address
duplex full
spanning-tree portfast
!
interface GigabitEthernet5
no ip address
duplex full
spanning-tree portfast
!
interface GigabitEthernet6
switchport access vlan 3
no ip address
duplex full
spanning-tree portfast
!
interface GigabitEthernet7
description wifi
switchport access vlan 3
no ip address
duplex full
speed 1000
!
interface GigabitEthernet8
no ip address
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.2.1 255.255.255.248
ip nat inside
ip virtual-reassembly in
!
interface Vlan2
ip address 192.168.1.1 255.255.255.248
ip nat inside
ip virtual-reassembly in
!
interface Vlan3
description Aironet WiFi 802.11n
ip address 192.168.3.1 255.255.255.248
ip nat inside
ip virtual-reassembly in
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface Cellular0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0
ip route 192.168.0.0 255.255.0.0 Cellular0
!
logging source-interface GigabitEthernet6
dialer-list 1 protocol ip permit
!
access-list 1 permit any
!
control-plane
!
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
line con 0
logging synchronous
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line 3
script dialer lte
no exec
rxspeed 100000000
txspeed 50000000
line 8
no exec
rxspeed 100000000
txspeed 50000000
line vty 0 4
login
transport input none
!
scheduler allocate 20000 1000
ntp server 0.europe.pool.ntp.org
!
end
AIR-CAP3502I-E-K9 *********************************
ap#show run
Building configuration...
Current configuration : 2276 bytes
!
! Last configuration change at 01:42:48 UTC Sun Mar 3 2002
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
!
logging rate-limit console 9
enable secret 5 $1$fU2f$WYRNfXXs5zyyQsKFeYDwj0
!
no aaa new-model
no ip source-route
ip routing
ip cef
!
!
!
!
dot11 pause-time 100
dot11 syslog
!
dot11 ssid aironet
vlan 3
authentication open
!
!
!
no ipv6 cef
!
!
username Cisco password 7 123A0C041104
!
!
bridge irb
!
!
!
interface Dot11Radio0
no ip address
shutdown
antenna gain 0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
no ip address
!
ssid aironet
!
antenna gain 0
peakdetect
no dfs band block
speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
channel width 40-below
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1.3
encapsulation dot1Q 3
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 spanning-disabled
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
!
interface GigabitEthernet0
ip address 192.168.3.4 255.255.255.248
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface GigabitEthernet0.3
encapsulation dot1Q 3
bridge-group 3
bridge-group 3 spanning-disabled
no bridge-group 3 source-learning
!
interface BVI1
mac-address e8b7.4859.e8d1
ip address dhcp client-id GigabitEthernet0
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
!
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
transport input all
!
end
06-15-2020 12:19 PM
Hi
You said you can ping from AP to the Internet but can you ping URL ou only IP address? Can you test using a notbook and then try to run the command nslookup www.google.com ?
-If I helped you somehow, please, rate it as useful.-
06-15-2020 12:49 PM - edited 06-15-2020 01:05 PM
ap>ping www.google.com
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2A00:1450:4009:807::2004, timeout is 2 seconds:
% No valid route for destination
Success rate is 0 percent (0/1)
ap>ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 19/24/38 ms
noname@noname-SATELLITE-C50-B:~/Desktop$: nslookup www.google.com
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: www.google.com
Address: 172.217.169.68
Name: www.google.com
Address: 2a00:1450:4009:818::2004
06-15-2020 09:05 PM
Hi
Unfortunetaly that did not work. 248 is because I dont plan to use more than 2 devices
***************************************************
ap#show run
Building configuration...
Current configuration : 2368 bytes
!
! Last configuration change at 17:54:32 UTC Sun Mar 3 2002
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
!
logging rate-limit console 9
enable secret 5 $1$fU2f$WYRNfXXs5zyyQsKFeYDwj0
!
no aaa new-model
no ip source-route
ip routing
ip cef
!
!
!
!
dot11 pause-time 100
dot11 syslog
!
dot11 ssid aironet
vlan 3
authentication open
!
!
!
no ipv6 cef
!
!
username Cisco password 7 123A0C041104
!
!
bridge irb
!
!
!
interface Dot11Radio0
no ip address
shutdown
antenna gain 0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
no ip address
!
ssid aironet
!
antenna gain 0
peakdetect
no dfs band block
speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
channel width 40-below
channel dfs
station-role root
!
interface Dot11Radio1.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1.3
encapsulation dot1Q 3
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 spanning-disabled
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
!
interface GigabitEthernet0
no ip address
duplex auto
speed 1000
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface GigabitEthernet0.3
encapsulation dot1Q 3
bridge-group 3
bridge-group 3 spanning-disabled
no bridge-group 3 source-learning
!
interface BVI1
mac-address e8b7.4859.e8d1
ip address dhcp client-id GigabitEthernet0
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
!
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
transport input all
!
end
06-15-2020 02:43 PM
Since Autonomous AP is not the way forward, it is not greatly cover in CCNA/CCNP courses.
However, regarding your issue, try the following suggestions.
1. Remove IP addressing from Gig0 interface and remove bridge-group 1. Interface BVI should get DHCP IP address if everything works correctly.
interface GigabitEthernet0ip address 192.168.3.4 255.255.255.248
duplex auto
speed autobridge-group 1
This post may give little bit of context when configuring autonomous AP
https://mrncciew.com/2012/10/24/multiple-ssid-config-on-autonomous-ap/
2. Create sub-interfaces
int d1.1
encapsulation dot1q 1 native
bridge-group 1
!
int g0.1
encapsulation dot1q 1 native
bridge-group 1
3. I noticed you have defined subnet mask 255.255.255.248 (only have 6 valid IPs and two you use for router and AP, so only four IP addresses left to wireless clients. Make it 255.255.255.0 (give 254 valid host IPs)
HTH
Rasika
*** Pls rate all useful responses
06-17-2020 11:53 AM
Hi
I came to the point when I can ping ip but not url. I have this aironet wifi as an access point which connects to my router and this is were things gets tricky. The 8-gbit interfaces operate at L2 and than I have to create vlans and assign interface to it. The thing is that the only way out to the world is via Cellular LTE interface which doesnt have static ip.
ap#ping www.google.com
Translating "www.google.com"...domain server (8.8.8.8) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2A00:1450:4009:819::2004, timeout is 2 seconds:
% No valid route for destination
Success rate is 0 percent (0/1)
*************************************************************************************************************
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide