Announcement

Collapse
No announcement yet.

857w configuring wireless lan

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • 857w configuring wireless lan

    Hi,

    I have setup my new Cisco 857w router and all is working fine (i think) except the wireless AP. I am a newbie with Cisco, but have reasonable networking experience. Hence I have got this far, but am finding the wireless config rather difficult

    So, my current running config is listed below. What I am looking for is to get my Wireless interface running as a secure wireless AP for my network.

    I hope someone can help, heres my config: -
    Code:
    Current configuration : 6653 bytes                                  
    ! 
    version 12.4            
    no service pad              
    service tcp-keepalives-in                         
    service tcp-keepalives-out                          
    service timestamps debug datetime msec localtime show-timezone                                                              
    service timestamps log datetime msec localtime show-timezone                                                            
    service password-encryption                           
    service sequence-numbers                        
    ! 
    hostname rgrouter                 
    ! 
    boot-start-marker                 
    boot-end-marker               
    ! 
    logging buffered 51200                      
    logging console critical                        
    enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxx.                                              
    ! 
    no aaa new-model                
    ! 
    crypto pki trustpoint TP-sel                           
     enrollment selfsigned                      
     subject-name cn=IOS-Self-Signed-Certificate-1929119398                                                       
     revocation-check none                      
     rsakeypair TP-self-signed-1929119398                                     
    ! 
    ! 
    crypto pki certificate chain TP-self-signed-1929119398                                                      
     certificate self-signed 01                           
    xxxxxxxxxxxxxxxxxxxxxxxxx
                                                
            quit            
    dot11 vlan-name rgvlan vlan 4094                                
    ! 
    dot11 ssid rghome                 
       vlan 4094            
       authentication open                      
    ! 
    no ip source-route                  
    no ip dhcp use vrf connected                            
    ip dhcp excluded-address 10.10.10.1 10.10.10.9                                              
    ! 
    ip dhcp pool sdm-pool1                      
       import all             
       network 10.10.10.0 255.255.255.0                                   
       dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx                                       
       default-router 10.10.10.1                            
    ! 
    ! 
    ip cef      
    ip auth-proxy max-nodata-conns 3                                
    ip admission max-nodata-conns 3                               
    no ip bootp server                  
    ip domain name rghome.local                           
    ip name-server xxx.xxx.xxx.xxx                           
    ip name-server xxx.xxx.xxx.xxx                           
    ! 
    ! 
    ! 
    username richard privilege 15 secret 5 xxxxxxxxxxxxxxxxxxxx                                                                     
    ! 
    ! 
    archive       
     log config           
      hidekeys          
    ! 
    ! 
    ip tcp synwait-time 10                      
    ip ssh time-out 60                  
    ip ssh authentication-retries 2                               
    ! 
    ! 
    ! 
    interface ATM0              
     no ip address              
     no ip redirects                
     no ip unreachables                   
     no ip proxy-arp                
     ip route-cache flow                    
     no atm ilmi-keepalive                      
     dsl operating-mode auto                        
    ! 
    interface ATM0.1 point-to-point                               
     description $ES_WAN$$FW_OUTSIDE$                                 
     pvc 0/38         
      encapsulation aal5mux ppp dialer                                  
      dialer pool-member 1                      
     !  
    ! 
    interface FastEthernet0                       
    ! 
    interface FastEthernet1                       
    ! 
    interface FastEthernet2                       
    ! 
    interface FastEthernet3                       
    ! 
    interface Dot11Radio0                     
     no ip address              
     no ip redirects                
     no ip unreachables                   
     no ip proxy-arp                
     ip route-cache flow                    
     !  
     encryption key 1 size 40bit 7 C3D14E186CB9 transmit-key                                                        
     encryption mode wep mandatory                              
     !  
     ssid rghome            
     !  
     speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 b                                                                                
    asic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0                                                     
     station-role root                  
     bridge-group 255                
     bridge-group 255 subscriber-loop-control                                         
     bridge-group 255 spanning-disabled                                   
     bridge-group 255 block-unknown-source                                      
     no bridge-group 255 source-learning                                    
     no bridge-group 255 unicast-flooding                                     
    ! 
    interface Dot11Radio0.4094                          
     encapsulation dot1Q 4094 native                                
     no cdp enable              
     bridge-group 255                 
     bridge-group 255 subscriber-loop-control                                         
     bridge-group 255 spanning-disabled                                   
     bridge-group 255 port-protected                                
     bridge-group 255 block-unknown-source                                      
     no bridge-group 255 source-learning                                    
     no bridge-group 255 unicast-flooding                                     
    ! 
    interface Vlan1               
     description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$                                                                    
     ip address 10.10.10.1 255.255.255.0                                    
     no ip redirects                
     no ip unreachables                   
     no ip proxy-arp                
     ip nat inside              
     ip virtual-reassembly                      
     ip route-cache flow                    
     ip tcp adjust-mss 1452                       
    ! 
    interface Dialer0                 
     description $FW_OUTSIDE$                         
     ip address xxx.xxx.xxx.xxx 255.255.255.0                                      
     no ip redirects                
     no ip unreachables                   
     no ip proxy-arp                
     ip nat outside               
     ip virtual-reassembly                      
     encapsulation ppp                  
     ip route-cache flow                    
     dialer pool 1              
     dialer-group 1               
     no cdp enable              
     ppp authentication chap callin                               
     ppp chap hostname xxxxxxxxxxxxxxxxxx                                
     ppp chap password 7 xxxxxxxxxxxxxxxxxx                                       
    ! 
    ip forward-protocol nd                      
    ip route 0.0.0.0 0.0.0.0 Dialer0                                
    ! 
    ip http server              
    ip http access-class 23                       
    ip http authentication local                            
    ip http secure-server                     
    ip http timeout-policy idle 60 life 86400 requests 10000                                                        
    ip nat inside source list 1 interface Dialer0 overload                                                      
    ! 
    logging trap debugging                      
    access-list 1 remark INSIDE_IF=Vlan1                                    
    access-list 1 remark SDM_ACL Category=2                                       
    access-list 1 permit 10.10.10.0 0.0.0.255                                         
    access-list 100 remark SDM_ACL Category=128                                           
    access-list 100 permit ip host 255.255.255.255 any                                                  
    access-list 100 permit ip 127.0.0.0 0.255.255.255 any                                                     
    access-list 100 permit ip xxx.xxx.xxx.xxx 0.0.0.255 any                                                  
    dialer-list 1 protocol ip permit                                
    no cdp run          
    ! 
    control-plane             
    ! 
    banner exec ^C              
    % Password expiration warning.                              
    -----------------------------------------------------------------------
    -----------------------------------------------------------------------
    ^C
    banner login ^CAuthorized access only!
     Disconnect IMMEDIATELY if you are not an authorized user!^C
    !
    line con 0
     login local
     no modem enable
     transport output telnet
    line aux 0
     login local
     transport output telnet
    line vty 0 4
     privilege level 15
     login local
     transport input telnet ssh
    !
    scheduler max-task-time 5000
    scheduler allocate 4000 1000
    scheduler interval 500
    end
    
    rgrouter#
    I have obviously removed some of the private information from the config. Also, is it possible to re-instate a dumped config. e.g. I use #show running-config to get a dump of the config, but how do I re-instate that dumped config? Or should I be using a different method to backup and restore the router?

    Hope someone can help.
    Chris

  • #2
    Re: 857w configuring wireless lan

    It looks like your bridge groups are not bound to any interface. Shouldn't they be bound to an Ethernet or ATM inteface to provide connectivity between the wireless and your LAN/WAN?

    Comment


    • #3
      Re: 857w configuring wireless lan

      Originally posted by hewfish View Post
      It looks like your bridge groups are not bound to any interface. Shouldn't they be bound to an Ethernet or ATM inteface to provide connectivity between the wireless and your LAN/WAN?
      Hi hewfish,

      Thanks for your reply. From what you say that sounds right, but how would I implement this? As I mentioned I am a newbie to the Cisco CLI and certainly not a networking expert. Also I notice that my config is running wireless in WEP mode. Shouldn't I be running in WPA mode? If so, How would I change this also?

      Thanks,
      Chris

      Comment


      • #4
        Re: 857w configuring wireless lan

        The bridge group should be bound to Vlan1, for example:

        conf t
        interface Vlan1
        bridge-group 255
        no ip address

        Then you must create a virtual bridge interface, which will have the same IP address that Vlan1 had:

        interface BVI1
        ip address 10.10.10.1 255.255.255.0
        ip nat inside
        ip virtual-reassembly
        ip tcp adjust-mss 1460


        Hope this helps!

        Comment

        Working...
        X