Aironet 1200 networking setup issue

Discussion in 'Cisco' started by Claudiu, Apr 19, 2005.

  1. Claudiu

    Claudiu Guest


    I deployed a wireless network between our University's buildings. As
    access point, I used a Cisco Aironet 1200 with 802.11b/g radio module.

    The setup is somehow like this:

    Internet -> Router <- LAN -> Router2 <-(- ... AP ... -) Client 1, 2, 3,
    ...., N

    The client wireless equipment is Cisco's Linksys WET 11 v2 (802.11b).
    The AP is configured as AP root, has the ethernet interface not used. I
    choose this deployment because I have no technical solution to go with
    a LAN link in AP's place. Router2 is a Linux 2.6.x box. Router2 has no
    filters, ip forwarding enabled, all policies set to ACCEPT (no

    On the ethernet ports of Client 1,2,3... are routers (linux boxes)
    also, that provides NAT and do traffic separation, firewall filtering

    Client X's and Router2 interface from the AP side have IP addresses s
    in the same IP subclass (a /28 block). This setup has the following
    - if from Client X's linux box ping Router2, it respond.
    - (1) if from Client X's linux box ping an IP from LAN, doesn't
    responds. (LAN have different IP subclass - a /26 block)
    - (2) if from a LAN computer ping the Client X's box, it responds and
    from now on the Client X's ping in that LAN IP works.
    - (1) and (2) is the same with any IP from the Internet, also - I
    tested with some other servers where I have access to.

    Ok. Now, I gone deeper into the problem. A tcpdump session on the
    Clinet X's linux box shows the IP packets with correct source IP,
    correct destination IP, and the MAC addresses of the frame: src: the
    linux box source MAC, destination Router2 "to AP" interface MAC:

    turbo:~# tcpdump -i eth1 -qtennl icmp
    tcpdump: verbose output suppressed, use -v or -vv for full protocol
    listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
    00:48:54:6d:49:51 > 00:02:b3:b2:12:ed, IPv4, length 98: IP X.X.X.244 > icmp 64: echo request seq 1708

    On the "to AP" ethernet interface of the Router2, comes:
    00:48:54:6d:49:51 > ff:ff:ff:ff:ff:ff, IPv4, length 98: IP X.X.X.244 > icmp 64: echo request seq 1708

    So, the frame comes with the destination MAC changed into
    FFFF.FFFF.FFFF (broadcast MAC).

    The Cisco Aironet 1200 is configured in IRB Bridging mode - built in,
    can't be changed. Uses IOS software version 12.2 (13) JA4 (I see from
    the image: c1200-k9w7-mx.122-13.JA4) The dot11 interface and fast
    ethernet interface are in the bridge-group 1

    What I assume is:
    The cisco checks the packets/frames in routing mode, sees the
    destination to not known IP address (not associated) and changes the
    MAC to broadcast. If one packet comes from outside, learns the source
    IP and the communication goes well. Anyway, sometime it starts to work
    well to all the internet destinations.

    What is wrong with it? Also, I assigned one IP from Router2 and
    client's IP block to the AP on bvi1 interface and uses ip
    default-gateway to set the gateway to Router2. No result. I just want
    that packets to flow trough the AP and no routing decision to be made.
    If not possible, how to configure it to work in my desired deployment?
    Claudiu, Apr 19, 2005
