876W Wireless

Discussion in 'Cisco' started by Super Slueth, Nov 18, 2006.

  1. Super Slueth

    Super Slueth Guest

    Hello

    I'm trying to configure the wireless part of a cisco 876 without
    success.
    I can get the wireless to authenticate using wpa, but it will not get
    an IP address.

    If possible i would like them to get an address from the DHCP pool

    Here is my config if anyone can help me please


    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname router
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 51200 warnings
    !
    no aaa new-model
    !
    resource policy
    !

    ip subnet-zero
    ip cef
    no ip dhcp use vrf connected
    ip dhcp excluded-address 192.168.3.1
    !
    ip dhcp pool office
    import all
    network 192.168.3.0 255.255.255.0
    default-router 192.168.3.1
    !
    !
    no ip domain lookup
    ip domain name yourdomain.com
    !
    !
    crypto pki <snip>
    !
    !
    !
    bridge irb
    !
    !
    interface BRI0
    no ip address
    encapsulation hdlc
    shutdown
    !
    interface ATM0
    description $ES_WAN$
    no ip address
    no ip route-cache cef
    no ip route-cache
    no atm ilmi-keepalive
    pvc 2/32
    ubr 500
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    dsl operating-mode auto
    !
    interface ATM0.1 point-to-point
    no ip route-cache
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Dot11Radio0
    no ip address
    ip access-group 101 in
    !
    encryption vlan 1 mode ciphers tkip
    !
    encryption mode ciphers tkip
    !
    ssid Office
    vlan 1
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 0 ********
    !
    speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0
    basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
    station-role root
    !
    interface Dot11Radio0.1
    description office open
    encapsulation dot1Q 1 native
    no snmp trap link-status
    no cdp enable
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    !
    interface Vlan1
    description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$
    ip address 192.168.3.1 255.255.255.0
    ip verify unicast reverse-path
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    bridge-group 1
    bridge-group 1 spanning-disabled
    hold-queue 32 in
    !
    !
    interface Dialer0
    ip address negotiated
    ip verify unicast reverse-path
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap callin
    ppp chap hostname *****
    ppp chap password 7 *************
    ppp pap sent-username ****** password 7 *********
    ppp ipcp dns request
    ppp ipcp mask request
    ppp ipcp address accept
    !
    interface BVI1
    ip address pool office
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0 permanent
    !
    ip http server
    ip http access-class 23
    ip http authentication local
    ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source list 101 interface Dialer0 overload
    !
    access-list 101 permit ip 192.168.3.0 0.0.0.255 any
    dialer-list 1 protocol ip permit

    no cdp run
    !
    control-plane
    !
    !

    end
    Super Slueth, Nov 18, 2006
    #1
    1. Advertising

  2. Super Slueth

    Guest

    Super Slueth wrote:
    > Hello
    >
    > I'm trying to configure the wireless part of a cisco 876 without
    > success.
    > I can get the wireless to authenticate using wpa, but it will not get
    > an IP address.
    >
    > If possible i would like them to get an address from the DHCP pool
    >
    > interface Dot11Radio0
    > no ip address
    > ip access-group 101 in
    > !
    > encryption vlan 1 mode ciphers tkip
    > !
    > encryption mode ciphers tkip
    > !
    > ssid Office
    > vlan 1


    VLAN 1 here is not what I have seen working.

    I use this:-

    ! DHCP omitted but using range
    ! 10.1.37.0 255.255.255.0


    bridge irb
    !
    !
    interface Dot11Radio0
    no ip address
    !
    encryption mode ciphers tkip
    !
    ssid HR_ABC
    authentication open
    authentication key-management wpa
    wpa-psk ascii 7 12160B121

    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0
    station-role root
    no dot11 extension aironet
    no cdp enable
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    !
    interface Vlan1
    no ip address
    ip tcp adjust-mss 1452
    bridge-group 1
    !

    !
    interface BVI1
    ip address 10.1.37.2 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    !
    bridge 1 protocol ieee
    bridge 1 route ip

    I recently tried to get two ssid's operating such that they could be on
    different VLANs and I failed. Ideas welcome.


    Good luck.
    , Nov 18, 2006
    #2
    1. Advertising

  3. Super Slueth

    AM Guest

    wrote:
    > Super Slueth wrote:
    >
    >>Hello
    >>
    >>I'm trying to configure the wireless part of a cisco 876 without
    >>success.
    >>I can get the wireless to authenticate using wpa, but it will not get
    >>an IP address.
    >>
    >>If possible i would like them to get an address from the DHCP pool
    >>
    >>interface Dot11Radio0
    >> no ip address
    >> ip access-group 101 in
    >> !
    >> encryption vlan 1 mode ciphers tkip
    >> !
    >> encryption mode ciphers tkip
    >> !
    >> ssid Office
    >> vlan 1


    I'm trying to do the same thing

    >
    >
    > VLAN 1 here is not what I have seen working.
    >


    Sorry Anybody,

    did or didn't you get the bridge working?
    I have the same conf (authentication apart, I'm at the beginning) but it doesn't work (I've got a 871W)

    > bridge 1 protocol ieee
    > bridge 1 route ip


    maybe the above command makes the difference

    >
    > I recently tried to get two ssid's operating such that they could be on
    > different VLANs and I failed. Ideas welcome.


    As far as I know you can specify which VLAN a SSID is associated to using the command "vlan <#>" within the ssid section

    HTH Alex
    AM, Nov 20, 2006
    #3
  4. Super Slueth

    Guest

    AM wrote:
    > wrote:
    > > Super Slueth wrote:
    > >
    > >>Hello
    > >>
    > >>I'm trying to configure the wireless part of a cisco 876 without
    > >>success.
    > >>I can get the wireless to authenticate using wpa, but it will not get
    > >>an IP address.
    > >>
    > >>If possible i would like them to get an address from the DHCP pool
    > >>
    > >>interface Dot11Radio0
    > >> no ip address
    > >> ip access-group 101 in
    > >> !
    > >> encryption vlan 1 mode ciphers tkip
    > >> !
    > >> encryption mode ciphers tkip
    > >> !
    > >> ssid Office
    > >> vlan 1

    >
    > I'm trying to do the same thing
    >
    > >
    > >
    > > VLAN 1 here is not what I have seen working.
    > >

    >
    > Sorry Anybody,
    >
    > did or didn't you get the bridge working?
    > I have the same conf (authentication apart, I'm at the beginning) but it doesn't work (I've got a 871W)
    >
    > > bridge 1 protocol ieee
    > > bridge 1 route ip

    >
    > maybe the above command makes the difference
    >
    > >
    > > I recently tried to get two ssid's operating such that they could be on
    > > different VLANs and I failed. Ideas welcome.

    >
    > As far as I know you can specify which VLAN a SSID is associated to using the command "vlan <#>" within the ssid section


    The config I posted earlier works.

    As I said I tried something like:-

    vlan database
    vlan 2
    exit


    bridge irb
    !
    !
    interface Dot11Radio0
    no ip address
    !
    encryption mode ciphers tkip
    !
    ssid HR_ABC
    authentication open
    authentication key-management wpa
    wpa-psk ascii 7 12160B121
    vlan 1

    ssid HR_DEF
    authentication open
    authentication key-management wpa
    wpa-psk ascii 7 xxxxxx
    vlan 2

    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0
    station-role root
    no dot11 extension aironet
    no cdp enable
    !
    interface Vlan1
    no ip address
    ip tcp adjust-mss 1452
    bridge-group 2

    !

    interface Vlan2
    no ip address
    ip tcp adjust-mss 1452
    bridge-group 2

    !
    interface BVI1
    ip address 10.1.37.2 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    !
    bridge 1 protocol ieee
    bridge 1 route ip

    bridge 2 protocol ieee
    bridge 2 route ip


    This is from memory and may be faulty.

    It did not work anyway. No IP communications, no DHCP.
    Wireless association was OK.
    , Nov 20, 2006
    #4
  5. Super Slueth

    AM Guest

    wrote:

    > It did not work anyway. No IP communications, no DHCP.
    > Wireless association was OK.
    >


    The same problem I faced.

    Let me investigate

    Alex.
    AM, Nov 20, 2006
    #5
  6. Super Slueth

    AM Guest

    wrote:

    > It did not work anyway. No IP communications, no DHCP.
    > Wireless association was OK.
    >


    The following (just on a test machine) works:

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname W-router
    !
    boot-start-marker
    boot-end-marker
    !
    !
    no aaa new-model
    !
    resource policy
    !
    ip cef
    !
    no ip dhcp use vrf connected
    !
    ip dhcp pool 10_10_10_0_24
    network 10.10.10.0 255.255.255.0
    default-router 10.10.10.254
    !
    ip dhcp pool 20_20_20_0_24
    network 20.20.20.0 255.255.255.0
    default-router 20.20.20.254
    !
    ip dhcp pool 30_30_30_0_24
    network 30.30.30.0 255.255.255.0
    default-router 30.30.30.254
    !
    bridge irb
    !
    interface FastEthernet0
    switchport trunk allowed vlan 1,10,20,30,40,1002-1005
    switchport mode trunk
    !
    interface FastEthernet1
    switchport access vlan 10
    !
    interface FastEthernet2
    switchport access vlan 20
    !
    interface FastEthernet3
    switchport access vlan 30
    !
    interface FastEthernet4
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    interface Dot11Radio0
    no ip address
    !
    ssid VLAN10
    vlan 10
    authentication open
    !
    ssid VLAN20
    vlan 20
    authentication open
    guest-mode
    !
    ssid VLAN30
    vlan 30
    authentication open
    !
    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
    station-role root
    !
    interface Dot11Radio0.1
    encapsulation dot1Q 10
    bridge-group 10
    bridge-group 10 subscriber-loop-control
    bridge-group 10 spanning-disabled
    bridge-group 10 block-unknown-source
    no bridge-group 10 source-learning
    no bridge-group 10 unicast-flooding
    !
    interface Dot11Radio0.2
    encapsulation dot1Q 20
    bridge-group 20
    bridge-group 20 subscriber-loop-control
    bridge-group 20 spanning-disabled
    bridge-group 20 block-unknown-source
    no bridge-group 20 source-learning
    no bridge-group 20 unicast-flooding
    !
    interface Dot11Radio0.3
    encapsulation dot1Q 30
    bridge-group 30
    bridge-group 30 subscriber-loop-control
    bridge-group 30 spanning-disabled
    bridge-group 30 block-unknown-source
    no bridge-group 30 source-learning
    no bridge-group 30 unicast-flooding
    !
    interface Vlan1
    no ip address
    !
    interface Vlan10
    no ip address
    bridge-group 10
    !
    interface Vlan20
    no ip address
    bridge-group 20
    !
    interface Vlan30
    no ip address
    bridge-group 30
    !
    interface Vlan40
    ip address 40.40.40.1 255.255.255.252
    !
    interface BVI10
    ip address 10.10.10.254 255.255.255.0
    !
    interface BVI20
    ip address 20.20.20.254 255.255.255.0
    !
    interface BVI30
    ip address 30.30.30.254 255.255.255.0
    !
    !
    !
    no ip http server
    no ip http secure-server
    !
    !
    !
    !
    !
    control-plane
    !
    bridge 10 protocol ieee
    bridge 10 subscriber-policy 1
    bridge 10 route ip
    bridge 20 protocol ieee
    bridge 20 subscriber-policy 1
    bridge 20 route ip
    bridge 30 protocol ieee
    bridge 30 subscriber-policy 1
    bridge 30 route ip
    !
    line con 0
    no modem enable
    line aux 0
    line vty 0 4
    login
    !
    scheduler max-task-time 5000
    end
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    I think the problem is because you use VLAN 1. CAn you confirm?
    As You can see I used VLANs different from the default one (number 1)

    Let us know.

    HTH Alex.
    AM, Nov 22, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mark
    Replies:
    0
    Views:
    2,117
  2. nazgulero
    Replies:
    0
    Views:
    705
    nazgulero
    Dec 18, 2005
  3. nazgulero
    Replies:
    0
    Views:
    470
    nazgulero
    Dec 18, 2005
  4. Markus Marquardt

    Help with 876w config bridging wireless/lan

    Markus Marquardt, Sep 8, 2007, in forum: Cisco
    Replies:
    12
    Views:
    1,914
  5. Markus Marquardt

    Cisco 876w performance

    Markus Marquardt, Apr 9, 2008, in forum: Cisco
    Replies:
    2
    Views:
    395
    Carsten Schneider
    Apr 15, 2008
Loading...

Share This Page