little problem : C2611 a dhcp server for the lan

Discussion in 'Cisco' started by sam@nospam.org, Apr 14, 2005.

  1. Guest

    Hello

    I want to give a fix address by dhcp to a wirelless access point by is
    Mac Adress .... but the pb is that this wireless access-point don't
    keep the fixe address and finally take a dynamic address....
    What i have done wrong ?

    Thanks for your help

    Here is the config



    toto.free.fr#show run
    Building configuration...

    Current configuration : 3367 bytes
    !
    ! No configuration change since last restart
    !
    version 12.3
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname toto.free.fr
    !
    boot-start-marker
    boot-end-marker
    !
    enable password 7 xxxx
    !
    clock timezone PCTime 1
    clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
    no aaa new-model
    ip subnet-zero
    no ip source-route
    ip cef
    !
    !
    no ip domain lookup
    ip dhcp excluded-address 192.168.0.1 192.168.0.200
    ip dhcp excluded-address 192.168.0.210 192.168.0.254
    !
    ip dhcp pool wifi
    host 192.168.0.250 255.255.255.0
    hardware-address 0100.4005.d042.b8
    !
    ip dhcp pool 1
    network 192.168.0.0 255.255.255.0
    default-router 192.168.0.244
    dns-server 212.27.32.177 194.149.160.9
    !
    no ip bootp server
    ip audit notify log
    ip audit po max-events 100
    no ftp-server write-enable
    !
    !
    !
    !
    interface Null0
    no ip unreachables
    !
    interface Ethernet0/0
    description connected to EthernetLAN
    ip address 192.168.0.244 255.255.255.0
    ip access-group 100 in
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    half-duplex
    !
    interface Ethernet0/1
    description connected to Internet
    ip address dhcp
    ip access-group 103 in
    no ip proxy-arp
    ip nat outside
    half-duplex
    no cdp enable
    !
    router rip
    version 1
    passive-interface Ethernet0/1
    network 192.168.0.0
    no auto-summary
    !
    ip nat inside source list 1 interface Ethernet0/1 overload
    ip nat inside source static udp 192.168.0.10 5555 interface
    Ethernet0/1 5555
    ip nat inside source static tcp 192.168.0.10 5555 interface
    Ethernet0/1 5555
    ip nat inside source static udp 192.168.0.10 6666 interface
    Ethernet0/1 6666
    ip nat inside source static tcp 192.168.0.10 6666 interface
    Ethernet0/1 6666
    no ip http server
    ip classless
    !
    !
    access-list 1 remark Regle NAT genereale
    access-list 1 permit 192.168.0.0 0.0.0.255
    access-list 100 remark LAN In
    access-list 100 deny ip host 255.255.255.255 any
    access-list 100 deny ip 127.0.0.0 0.255.255.255 any
    access-list 100 permit ip any any
    access-list 102 remark ENTRANT Interface Wan
    access-list 102 permit udp host 195.83.66.36 eq ntp any eq ntp
    access-list 102 permit udp any any eq domain
    access-list 102 permit udp any any eq bootpc
    access-list 102 permit tcp any any eq 5555
    access-list 102 permit udp any any eq 6666
    access-list 102 permit tcp any any eq www
    access-list 102 permit tcp any any eq 5190
    access-list 102 permit icmp any any echo-reply
    access-list 102 permit icmp any any time-exceeded
    access-list 102 permit icmp any any unreachable
    access-list 102 deny ip any any
    access-list 103 remark ENTRANT Interface Wan
    access-list 103 permit udp any eq bootpc host 192.168.0.244 eq bootpc
    access-list 103 deny udp any any eq bootps
    access-list 103 deny udp any any eq snmp
    access-list 103 deny udp any any eq snmptrap
    access-list 103 permit ip any any
    snmp-server community public RO 1
    snmp-server enable traps tty
    banner login ^CAuthorized access only!
    Disconnect IMMEDIATELY if you are not an authorized user!
    ****** Acces reserve - Deconnectez vous immediatement ****!^C
    !
    line con 0
    exec-timeout 0 0
    password 7 xxxxxxx
    login
    line aux 0
    line vty 0 4
    access-class 1 in
    password 7 xxxxx
    login
    !
    ntp clock-period 17208599
    ntp server 195.83.132.135
    ntp server 138.195.130.71
    ntp server 195.83.66.36
    ntp server 207.46.130.100
    !
    !
    end
     
    , Apr 14, 2005
    #1
    1. Advertising

  2. I recommend that, on your DHCP server, you do a
    "show ip dhcp binding" to see what client ID / hw
    address your AP is actually using for its DHCP request.
    Then configure your DHCP accordingly.

    Assuming that your AP is a Cisco IOS AP and that its
    BVI1 is configured with "ip address dhcp client-id FastEthernet0"
    (as it will be by default), then it will issue its request
    using a client ID of 01HH.HHHH.HHHH.HH where "HH.HHHH.HHHH.HH"
    corresponds to its FastEthernet0's burned-in MAC address
    HHHH.HHHH.HHHH.

    My hunch is that your config is almost there; you just need
    to change

    hardware-address 0100.4005.d042.b8

    to

    client-identifier 0100.4005.d042.b8

    Cheers,

    Aaron

    ---

    ~ Hello
    ~
    ~ I want to give a fix address by dhcp to a wirelless access point by is
    ~ Mac Adress .... but the pb is that this wireless access-point don't
    ~ keep the fixe address and finally take a dynamic address....
    ~ What i have done wrong ?
    ~
    ~ Thanks for your help
    ~
    ~ Here is the config
    ~
    ~
    ~
    ~ toto.free.fr#show run
    ~ Building configuration...
    ~
    ~ Current configuration : 3367 bytes
    ~ !
    ~ ! No configuration change since last restart
    ~ !
    ~ version 12.3
    ~ no service pad
    ~ service timestamps debug uptime
    ~ service timestamps log uptime
    ~ service password-encryption
    ~ !
    ~ hostname toto.free.fr
    ~ !
    ~ boot-start-marker
    ~ boot-end-marker
    ~ !
    ~ enable password 7 xxxx
    ~ !
    ~ clock timezone PCTime 1
    ~ clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
    ~ no aaa new-model
    ~ ip subnet-zero
    ~ no ip source-route
    ~ ip cef
    ~ !
    ~ !
    ~ no ip domain lookup
    ~ ip dhcp excluded-address 192.168.0.1 192.168.0.200
    ~ ip dhcp excluded-address 192.168.0.210 192.168.0.254
    ~ !
    ~ ip dhcp pool wifi
    ~ host 192.168.0.250 255.255.255.0
    ~ hardware-address 0100.4005.d042.b8
    ~ !
    ~ ip dhcp pool 1
    ~ network 192.168.0.0 255.255.255.0
    ~ default-router 192.168.0.244
    ~ dns-server 212.27.32.177 194.149.160.9
    ~ !
    ~ no ip bootp server
    ~ ip audit notify log
    ~ ip audit po max-events 100
    ~ no ftp-server write-enable
    ~ !
    ~ !
    ~ !
    ~ !
    ~ interface Null0
    ~ no ip unreachables
    ~ !
    ~ interface Ethernet0/0
    ~ description connected to EthernetLAN
    ~ ip address 192.168.0.244 255.255.255.0
    ~ ip access-group 100 in
    ~ no ip redirects
    ~ no ip unreachables
    ~ no ip proxy-arp
    ~ ip nat inside
    ~ half-duplex
    ~ !
    ~ interface Ethernet0/1
    ~ description connected to Internet
    ~ ip address dhcp
    ~ ip access-group 103 in
    ~ no ip proxy-arp
    ~ ip nat outside
    ~ half-duplex
    ~ no cdp enable
    ~ !
    ~ router rip
    ~ version 1
    ~ passive-interface Ethernet0/1
    ~ network 192.168.0.0
    ~ no auto-summary
    ~ !
    ~ ip nat inside source list 1 interface Ethernet0/1 overload
    ~ ip nat inside source static udp 192.168.0.10 5555 interface
    ~ Ethernet0/1 5555
    ~ ip nat inside source static tcp 192.168.0.10 5555 interface
    ~ Ethernet0/1 5555
    ~ ip nat inside source static udp 192.168.0.10 6666 interface
    ~ Ethernet0/1 6666
    ~ ip nat inside source static tcp 192.168.0.10 6666 interface
    ~ Ethernet0/1 6666
    ~ no ip http server
    ~ ip classless
    ~ !
    ~ !
    ~ access-list 1 remark Regle NAT genereale
    ~ access-list 1 permit 192.168.0.0 0.0.0.255
    ~ access-list 100 remark LAN In
    ~ access-list 100 deny ip host 255.255.255.255 any
    ~ access-list 100 deny ip 127.0.0.0 0.255.255.255 any
    ~ access-list 100 permit ip any any
    ~ access-list 102 remark ENTRANT Interface Wan
    ~ access-list 102 permit udp host 195.83.66.36 eq ntp any eq ntp
    ~ access-list 102 permit udp any any eq domain
    ~ access-list 102 permit udp any any eq bootpc
    ~ access-list 102 permit tcp any any eq 5555
    ~ access-list 102 permit udp any any eq 6666
    ~ access-list 102 permit tcp any any eq www
    ~ access-list 102 permit tcp any any eq 5190
    ~ access-list 102 permit icmp any any echo-reply
    ~ access-list 102 permit icmp any any time-exceeded
    ~ access-list 102 permit icmp any any unreachable
    ~ access-list 102 deny ip any any
    ~ access-list 103 remark ENTRANT Interface Wan
    ~ access-list 103 permit udp any eq bootpc host 192.168.0.244 eq bootpc
    ~ access-list 103 deny udp any any eq bootps
    ~ access-list 103 deny udp any any eq snmp
    ~ access-list 103 deny udp any any eq snmptrap
    ~ access-list 103 permit ip any any
    ~ snmp-server community public RO 1
    ~ snmp-server enable traps tty
    ~ banner login ^CAuthorized access only!
    ~ Disconnect IMMEDIATELY if you are not an authorized user!
    ~ ****** Acces reserve - Deconnectez vous immediatement ****!^C
    ~ !
    ~ line con 0
    ~ exec-timeout 0 0
    ~ password 7 xxxxxxx
    ~ login
    ~ line aux 0
    ~ line vty 0 4
    ~ access-class 1 in
    ~ password 7 xxxxx
    ~ login
    ~ !
    ~ ntp clock-period 17208599
    ~ ntp server 195.83.132.135
    ~ ntp server 138.195.130.71
    ~ ntp server 195.83.66.36
    ~ ntp server 207.46.130.100
    ~ !
    ~ !
    ~ end
    ~
    ~
    ~
    ~
    ~
    ~
    ~
    ~
     
    Aaron Leonard, Apr 14, 2005
    #2
    1. Advertising

  3. Guest

    Here what i got with the command :
    toto.free.fr#show ip dhcp binding
    Bindings from all pools not associated with VRF:
    IP address Client-ID/ Lease expiration
    Type
    Hardware address/
    User name
    192.168.0.202 0100.e04c.bcb3.fb Apr 15 2005 01:12 PM
    Automatic
    192.168.0.203 0100.4005.d042.b8 Apr 15 2005 01:13 PM
    Automatic
    192.168.0.250 0100.4005.d042.b8 Infinite
    Manual


    but with your modification proposal (ie : client-identifier
    0100.4005.d042.b8) and after a needed reboot of the c2611 , it seems
    to work fine.
    toto.free.fr#show ip dhcp binding
    Bindings from all pools not associated with VRF:
    IP address Client-ID/ Lease expiration
    Type
    Hardware address/
    User name
    192.168.0.250 0100.4005.d042.b8 Infinite
    Manual

    Thanks for your help !
    Sam




    On Thu, 14 Apr 2005 13:52:44 -0700, Aaron Leonard <>
    wrote:

    >I recommend that, on your DHCP server, you do a
    >"show ip dhcp binding" to see what client ID / hw
    >address your AP is actually using for its DHCP request.
    >Then configure your DHCP accordingly.
    >
    >Assuming that your AP is a Cisco IOS AP and that its
    >BVI1 is configured with "ip address dhcp client-id FastEthernet0"
    >(as it will be by default), then it will issue its request
    >using a client ID of 01HH.HHHH.HHHH.HH where "HH.HHHH.HHHH.HH"
    >corresponds to its FastEthernet0's burned-in MAC address
    >HHHH.HHHH.HHHH.
    >
    >My hunch is that your config is almost there; you just need
    >to change
    >
    > hardware-address 0100.4005.d042.b8
    >
    >to
    >
    > client-identifier 0100.4005.d042.b8
    >
    >Cheers,
    >
    >Aaron
    >
    >---
    >
    >~ Hello
    >~
    >~ I want to give a fix address by dhcp to a wirelless access point by is
    >~ Mac Adress .... but the pb is that this wireless access-point don't
    >~ keep the fixe address and finally take a dynamic address....
    >~ What i have done wrong ?
    >~
    >~ Thanks for your help
    >~
    >~ Here is the config
    >~
    >~
    >~
    >~ toto.free.fr#show run
    >~ Building configuration...
    >~
    >~ Current configuration : 3367 bytes
    >~ !
    >~ ! No configuration change since last restart
    >~ !
    >~ version 12.3
    >~ no service pad
    >~ service timestamps debug uptime
    >~ service timestamps log uptime
    >~ service password-encryption
    >~ !
    >~ hostname toto.free.fr
    >~ !
    >~ boot-start-marker
    >~ boot-end-marker
    >~ !
    >~ enable password 7 xxxx
    >~ !
    >~ clock timezone PCTime 1
    >~ clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
    >~ no aaa new-model
    >~ ip subnet-zero
    >~ no ip source-route
    >~ ip cef
    >~ !
    >~ !
    >~ no ip domain lookup
    >~ ip dhcp excluded-address 192.168.0.1 192.168.0.200
    >~ ip dhcp excluded-address 192.168.0.210 192.168.0.254
    >~ !
    >~ ip dhcp pool wifi
    >~ host 192.168.0.250 255.255.255.0
    >~ hardware-address 0100.4005.d042.b8
    >~ !
    >~ ip dhcp pool 1
    >~ network 192.168.0.0 255.255.255.0
    >~ default-router 192.168.0.244
    >~ dns-server 212.27.32.177 194.149.160.9
    >~ !
    >~ no ip bootp server
    >~ ip audit notify log
    >~ ip audit po max-events 100
    >~ no ftp-server write-enable
    >~ !
    >~ !
    >~ !
    >~ !
    >~ interface Null0
    >~ no ip unreachables
    >~ !
    >~ interface Ethernet0/0
    >~ description connected to EthernetLAN
    >~ ip address 192.168.0.244 255.255.255.0
    >~ ip access-group 100 in
    >~ no ip redirects
    >~ no ip unreachables
    >~ no ip proxy-arp
    >~ ip nat inside
    >~ half-duplex
    >~ !
    >~ interface Ethernet0/1
    >~ description connected to Internet
    >~ ip address dhcp
    >~ ip access-group 103 in
    >~ no ip proxy-arp
    >~ ip nat outside
    >~ half-duplex
    >~ no cdp enable
    >~ !
    >~ router rip
    >~ version 1
    >~ passive-interface Ethernet0/1
    >~ network 192.168.0.0
    >~ no auto-summary
    >~ !
    >~ ip nat inside source list 1 interface Ethernet0/1 overload
    >~ ip nat inside source static udp 192.168.0.10 5555 interface
    >~ Ethernet0/1 5555
    >~ ip nat inside source static tcp 192.168.0.10 5555 interface
    >~ Ethernet0/1 5555
    >~ ip nat inside source static udp 192.168.0.10 6666 interface
    >~ Ethernet0/1 6666
    >~ ip nat inside source static tcp 192.168.0.10 6666 interface
    >~ Ethernet0/1 6666
    >~ no ip http server
    >~ ip classless
    >~ !
    >~ !
    >~ access-list 1 remark Regle NAT genereale
    >~ access-list 1 permit 192.168.0.0 0.0.0.255
    >~ access-list 100 remark LAN In
    >~ access-list 100 deny ip host 255.255.255.255 any
    >~ access-list 100 deny ip 127.0.0.0 0.255.255.255 any
    >~ access-list 100 permit ip any any
    >~ access-list 102 remark ENTRANT Interface Wan
    >~ access-list 102 permit udp host 195.83.66.36 eq ntp any eq ntp
    >~ access-list 102 permit udp any any eq domain
    >~ access-list 102 permit udp any any eq bootpc
    >~ access-list 102 permit tcp any any eq 5555
    >~ access-list 102 permit udp any any eq 6666
    >~ access-list 102 permit tcp any any eq www
    >~ access-list 102 permit tcp any any eq 5190
    >~ access-list 102 permit icmp any any echo-reply
    >~ access-list 102 permit icmp any any time-exceeded
    >~ access-list 102 permit icmp any any unreachable
    >~ access-list 102 deny ip any any
    >~ access-list 103 remark ENTRANT Interface Wan
    >~ access-list 103 permit udp any eq bootpc host 192.168.0.244 eq bootpc
    >~ access-list 103 deny udp any any eq bootps
    >~ access-list 103 deny udp any any eq snmp
    >~ access-list 103 deny udp any any eq snmptrap
    >~ access-list 103 permit ip any any
    >~ snmp-server community public RO 1
    >~ snmp-server enable traps tty
    >~ banner login ^CAuthorized access only!
    >~ Disconnect IMMEDIATELY if you are not an authorized user!
    >~ ****** Acces reserve - Deconnectez vous immediatement ****!^C
    >~ !
    >~ line con 0
    >~ exec-timeout 0 0
    >~ password 7 xxxxxxx
    >~ login
    >~ line aux 0
    >~ line vty 0 4
    >~ access-class 1 in
    >~ password 7 xxxxx
    >~ login
    >~ !
    >~ ntp clock-period 17208599
    >~ ntp server 195.83.132.135
    >~ ntp server 138.195.130.71
    >~ ntp server 195.83.66.36
    >~ ntp server 207.46.130.100
    >~ !
    >~ !
    >~ end
    >~
    >~
    >~
    >~
    >~
    >~
    >~
    >~
     
    , Apr 15, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    3
    Views:
    1,164
  2. mb1896
    Replies:
    1
    Views:
    616
    www.BradReese.Com
    Jan 25, 2006
  3. Puzzled

    little red X in little white box

    Puzzled, Dec 12, 2004, in forum: Computer Support
    Replies:
    8
    Views:
    8,668
    Blinky the Shark
    Dec 13, 2004
  4. Replies:
    1
    Views:
    420
    Doug McIntyre
    Jul 30, 2006
  5. Giuen
    Replies:
    0
    Views:
    1,160
    Giuen
    Sep 12, 2008
Loading...

Share This Page