I've updated to IOS version 12.4, in order to use WPA2-PSK with AES-CCMP encryption, and I can verify that the bridge is successfully associated with the AP, with "show dot11 association all" command. (Excepted with TP-Link access points, which I could only associate using WEP or no security, but this is subject for another topic).
I am able to verify at the wired device the mac-address of the AP and other devices connected to the same WiFi network. I can get an address with DHCP from the same AP, but I can't get connectivity (even ping).
Tried to change to infrastructure-ssid, and infrastructure-client in order to don't mess with mac-adress, but still can't get ping response between access-point (which is the gateway for testing purposes) and the wired device.
"show bridge" command at the C3210 successfully presents the mac-address and interface of all devices.
With wireshark I could verify that the ping originated in the wired device reaches the network, but the response doesn't go through the bridge.
Here is the running-config: ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname BRIDGE_C3201 ! logging rate-limit console 9 ! no aaa new-model ! ! dot11 syslog ! dot11 ssid NET@001 authentication open authentication key-management wpa version 2 encryption mode ciphers aes-ccm wpa-psk ascii 0 some_network_password
! dot11 holdoff-time 15 ! ! username Cisco privilege 15 password 0 Cisco ! ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! ssid NET@001 ! speed basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role workgroup-bridge universal bridge-group 1 ! interface FastEthernet0 no ip address no ip route-cache duplex auto speed auto bridge-group 1 ! interface BVI1 ip address 10.0.0.1 255.255.255.0 no ip route-cache ! ip http server ip http authentication local no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius source-interface BVI1 bridge 1 route ip bridge 1 aging-time 120 ! ! ! line con 0 line vty 0 4 login local line vty 5 15 login local ! end
Someone could help in that issue? Is there anything obvious that I'm not seeing?
It’s been about two and half years, since the launch of next generation Cisco Catalyst 9800 Wireless LAN Controllers that has the most deployment flexibility and runs the modular, scalable, highly reliable, open and programmable operating system, I...
Hi All, I have made this video for Cisco Pitch the Future Contest in Malaysia which talks about Wi-Fi 6 and EWC Demo. Please feel free to view the video below and please support me for this contest by giving the video a like as the Contest will end o...
On the Cisco Catalyst 9800 Series WLC, enabling/disabling the remote LAN (RLAN) ports on APs requires going into the configuration for each AP and manually enabling/disabling the ports. However, as the number of APs that need to have their RLAN...
It’s been a long road for our AireOS wireless controllers. In fact these products have been around Cisco in some form since 2005. As you may have heard, Cisco made the decision to End-of-Sale (EOS) these products last month.
That means that these AireOS ...