Announcement

Collapse
No announcement yet.

1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple SSIDs

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • 1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple SSIDs

    Hello,

    I am attempting to set up three Cisco 1242AG Wireless Access Points with multiple SSID's. I used the web interface and directions online to set up the two networks I want and at least one of the networks work wirelessly.

    However, I have two problems:
    1. The first, which is the most important, is that the "management" interface, BVI1, doesn't get an ip address from our DHCP server. I set the VLAN 60 (which you'll see in the configuration below) to be the native VLAN on the device as well as on the switch that the device is connected to as well as other settings in the configuration file below. Because of this, I can only manage the device via the console port which would be a huge pain once all of the devices are mounted.
    2. The second problem is that I am not sure how to get both wireless networks broadcasting their SSID's. I have to manually type in the SSID for the second wireless network I have which I would prefer I don't have to. Anyway I can enable broadcasting on all of the SSID's?

    Thank you for your time.

    Regards,
    Christopher Koeber

    Code:
    Using 7916 out of 32768 bytes
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname AP-18.wesleysem.edu
    !
    enable secret {Number Here} {Encrypted Password Here}
    enable password {Number Here} {Encrypted Password Here}
    !
    aaa new-model
    !
    !
    !
    aaa session-id common
    !
    !
    dot11 syslog
    dot11 vlan-name Kresge vlan 20
    dot11 vlan-name Library vlan 30
    dot11 vlan-name Public vlan 60
    dot11 vlan-name Secure_Public vlan 70
    dot11 vlan-name Secure_Seminary vlan 80
    dot11 vlan-name Server_Room vlan 1
    dot11 vlan-name Straughn vlan 40
    dot11 vlan-name Trott vlan 10
    dot11 vlan-name Web_Room vlan 50
    !
    dot11 ssid (Secure) Wesley Campus
    vlan 80
    authentication open
    authentication key-management wpa version 2
    wpa-psk ascii {Number Here} {WPA Key Here}
    dot11 ssid Public
    vlan 60
    authentication open
    mobility network-id 60
    !
    !
    !
    username Cisco password {Number Here} {Encrypted Password Here}
    username admin privilege 15 secret {Number Here} {Encrypted Password Here}!
    !
    bridge irb
    !
    !
    interface Dot11Radio0
    no ip address
    no ip route-cache
    !
    encryption vlan 80 mode ciphers aes-ccm
    !
    ssid (Secure) Campus
    !
    ssid Public
    !
    mbssid
    station-role root
    !
    interface Dot11Radio0.1
    encapsulation dot1Q 1
    no ip route-cache
    bridge-group 254
    bridge-group 254 block-unknown-source
    no bridge-group 254 source-learning
    no bridge-group 254 unicast-flooding
    bridge-group 254 spanning-disabled
    !
    interface Dot11Radio0.10
    encapsulation dot1Q 10
    no ip route-cache
    bridge-group 10
    bridge-group 10 subscriber-loop-control
    bridge-group 10 block-unknown-source
    no bridge-group 10 source-learning
    no bridge-group 10 unicast-flooding
    bridge-group 10 spanning-disabled
    !
    interface Dot11Radio0.20
    encapsulation dot1Q 20
    no ip route-cache
    bridge-group 20
    bridge-group 20 subscriber-loop-control
    bridge-group 20 block-unknown-source
    no bridge-group 20 source-learning
    no bridge-group 20 unicast-flooding
    bridge-group 20 spanning-disabled
    !
    interface Dot11Radio0.30
    encapsulation dot1Q 30
    no ip route-cache
    bridge-group 30
    bridge-group 30 subscriber-loop-control
    bridge-group 30 block-unknown-source
    no bridge-group 30 source-learning
    no bridge-group 30 unicast-flooding
    bridge-group 30 spanning-disabled
    !
    interface Dot11Radio0.40
    encapsulation dot1Q 40
    no ip route-cache
    bridge-group 40
    bridge-group 40 subscriber-loop-control
    bridge-group 40 block-unknown-source
    no bridge-group 40 source-learning
    no bridge-group 40 unicast-flooding
    bridge-group 40 spanning-disabled
    !
    interface Dot11Radio0.50
    encapsulation dot1Q 50
    no ip route-cache
    bridge-group 50
    bridge-group 50 subscriber-loop-control
    bridge-group 50 block-unknown-source
    no bridge-group 50 source-learning
    no bridge-group 50 unicast-flooding
    bridge-group 50 spanning-disabled
    !
    interface Dot11Radio0.60
    encapsulation dot1Q 60 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    !
    interface Dot11Radio0.70
    encapsulation dot1Q 70
    no ip route-cache
    bridge-group 70
    bridge-group 70 subscriber-loop-control
    bridge-group 70 block-unknown-source
    no bridge-group 70 source-learning
    no bridge-group 70 unicast-flooding
    bridge-group 70 spanning-disabled
    !
    interface Dot11Radio0.80
    encapsulation dot1Q 80
    no ip route-cache
    bridge-group 80
    bridge-group 80 subscriber-loop-control
    bridge-group 80 block-unknown-source
    no bridge-group 80 source-learning
    no bridge-group 80 unicast-flooding
    bridge-group 80 spanning-disabled
    !
    interface Dot11Radio1
    no ip address
    no ip route-cache
    shutdown
    !
    encryption vlan 80 mode ciphers aes-ccm
    dfs band 3 block
    channel dfs
    station-role root
    !
    interface Dot11Radio1.1
    encapsulation dot1Q 1
    no ip route-cache
    bridge-group 254
    bridge-group 254 block-unknown-source
    no bridge-group 254 source-learning
    no bridge-group 254 unicast-flooding
    bridge-group 254 spanning-disabled
    !
    interface Dot11Radio1.10
    encapsulation dot1Q 10
    no ip route-cache
    bridge-group 10
    bridge-group 10 subscriber-loop-control
    bridge-group 10 block-unknown-source
    no bridge-group 10 source-learning
    no bridge-group 10 unicast-flooding
    bridge-group 10 spanning-disabled
    !
    interface Dot11Radio1.20
    encapsulation dot1Q 20
    no ip route-cache
    bridge-group 20
    bridge-group 20 subscriber-loop-control
    bridge-group 20 block-unknown-source
    no bridge-group 20 source-learning
    no bridge-group 20 unicast-flooding
    bridge-group 20 spanning-disabled
    !
    interface Dot11Radio1.30
    encapsulation dot1Q 30
    no ip route-cache
    bridge-group 30
    bridge-group 30 subscriber-loop-control
    bridge-group 30 block-unknown-source
    no bridge-group 30 source-learning
    no bridge-group 30 unicast-flooding
    bridge-group 30 spanning-disabled
    !
    interface Dot11Radio1.40
    encapsulation dot1Q 40
    no ip route-cache
    bridge-group 40
    bridge-group 40 subscriber-loop-control
    bridge-group 40 block-unknown-source
    no bridge-group 40 source-learning
    no bridge-group 40 unicast-flooding
    bridge-group 40 spanning-disabled
    !
    interface Dot11Radio1.50
    encapsulation dot1Q 50
    no ip route-cache
    bridge-group 50
    bridge-group 50 subscriber-loop-control
    bridge-group 50 block-unknown-source
    no bridge-group 50 source-learning
    no bridge-group 50 unicast-flooding
    bridge-group 50 spanning-disabled
    !
    interface Dot11Radio1.60
    encapsulation dot1Q 60 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    !
    interface Dot11Radio1.70
    encapsulation dot1Q 70
    no ip route-cache
    bridge-group 70
    bridge-group 70 subscriber-loop-control
    bridge-group 70 block-unknown-source
    no bridge-group 70 source-learning
    no bridge-group 70 unicast-flooding
    bridge-group 70 spanning-disabled
    !
    interface Dot11Radio1.80
    encapsulation dot1Q 80
    no ip route-cache
    bridge-group 80
    bridge-group 80 subscriber-loop-control
    bridge-group 80 block-unknown-source
    no bridge-group 80 source-learning
    no bridge-group 80 unicast-flooding
    bridge-group 80 spanning-disabled
    !
    interface FastEthernet0
    ip dhcp client update dns
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    !
    interface FastEthernet0.1
    encapsulation dot1Q 1
    no ip route-cache
    bridge-group 254
    no bridge-group 254 source-learning
    bridge-group 254 spanning-disabled
    !
    interface FastEthernet0.10
    encapsulation dot1Q 10
    no ip route-cache
    bridge-group 10
    no bridge-group 10 source-learning
    bridge-group 10 spanning-disabled
    !
    interface FastEthernet0.20
    encapsulation dot1Q 20
    no ip route-cache
    bridge-group 20
    no bridge-group 20 source-learning
    bridge-group 20 spanning-disabled
    !
    interface FastEthernet0.30
    encapsulation dot1Q 30
    no ip route-cache
    bridge-group 30
    no bridge-group 30 source-learning
    bridge-group 30 spanning-disabled
    !
    interface FastEthernet0.40
    encapsulation dot1Q 40
    no ip route-cache
    bridge-group 40
    no bridge-group 40 source-learning
    bridge-group 40 spanning-disabled
    !
    interface FastEthernet0.50
    encapsulation dot1Q 50
    no ip route-cache
    bridge-group 50
    no bridge-group 50 source-learning
    bridge-group 50 spanning-disabled
    !
    interface FastEthernet0.60
    encapsulation dot1Q 60 native
    no ip route-cache
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    !
    interface FastEthernet0.70
    encapsulation dot1Q 70
    no ip route-cache
    bridge-group 70
    no bridge-group 70 source-learning
    bridge-group 70 spanning-disabled
    !
    interface FastEthernet0.80
    encapsulation dot1Q 80
    no ip route-cache
    bridge-group 80
    no bridge-group 80 source-learning
    bridge-group 80 spanning-disabled
    !
    interface BVI1
    ip address dhcp client-id FastEthernet0
    no ip route-cache
    !
    ip http server
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    bridge 1 route ip
    !
    !
    !
    line con 0
    line vty 0 4
    !
    end

  • #2
    Re: 1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple S

    Is the DHCP server on vlan 60? If not then you need to have those DHCP requests forwarded on the layer 3 interface for vlan 60 with the ip helper-address command. Also make sure you have a dhcp pool for that subnet. Why are you not statically assigning the ip on the BVI?


    On Layer 3 interface (assuming its an SVI on the switch)

    int vlan 60
    ip helper-address x.x.x.x (your dhcp server address)


    To broadcast multiple ssid's on the AP add the following commands:

    dot11 ssid (Secure) Wesley Campus
    vlan 80
    Mbssid Guest-mode


    dot11 ssid Public
    vlan 60
    Mbssid Guest-mode
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: 1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple S

      Thanks, I will give that a shot. The reason we wanted to use DHCP is because we already have around 18 existing Access Points so rather define IPs for each we figured it would be better for them to get it from the DHCP service.

      If there is a better way I am all hears.

      Comment


      • #4
        Re: 1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple S

        If there is a better way I am all hears.

        The better way would be to assign static ip's and document them. 18 AP's isnt that many to document.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: 1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple S

          Originally posted by auglan View Post
          The better way would be to assign static ip's and document them. 18 AP's isnt that many to document.
          Your advice worked out! I re-did the configuration for all of the devices by using an upper range on our wireless network and setting static IP's on the devices and now I can connect.

          Thanks again.

          Comment


          • #6
            Re: 1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple S

            Glad it worked out. For management of devices its always a good idea to set them statically and just document in a spreadsheet and also in a network map.
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment


            • #7
              Re: 1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple S

              Hi,
              I have read the above thread and could get some knwoledge out of that. thanks for that.

              My question is why we assign IP on bvi interface in wireless access points why not on gig interface or why not we create a VLAN and have an ip address assign as we do in the case of switches.

              I am new to networking and would be thankful for clarity

              Comment

              Working...
              X