bret
join:2007-03-30
UK
| [Config] Cisco 1841 - dot11 wifi access point setup - help
Hello All,
I'm not having much luck getting my Cisco 1841 dot11 wic card working as an AP access point.
What I would like to do is have the Cisco act as a wireless access point. The dot11 wifi interface being on the same network - bridging with eth0/0, which is my internal network.
Problem is I don't see it broadcasting a SSID also the interface is stuck in reset mode - can't work out how to get it out.
router0#sh ip inter Dot11Radio0/0/0
Dot11Radio0/0/0 is reset, line protocol is down
Internet protocol processing disabled
router0#show interface Dot11Radio0/0/0
Dot11Radio0/0/0 is reset, line protocol is down
Hardware is 802.11G Radio, address is 0014.a429.f520 (bia 0014.a429.f520)
Cisco docs for dot11 are not great so if a Cisco expert could help a novice home user out, I'd be most thankful.
Also does anyone know if this card has two radio's? Could I for example run two SSIDs on two differnt channels doubling my wifi bandwidth?
Please find below my running config;
router0#wr term
Building configuration...
Current configuration : 6114 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname router0
!
boot-start-marker
boot system flash c1841-advsecurityk9-mz.124-11.XW7.bin
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $xxxxxxxxxxxxxxx1
enable password 7 0xxxxxxxxxxxx36
!
no aaa new-model
clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00
dot11 mbssid
!
dot11 ssid bret0
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 1xxxxxxxxxxxxxxxx14
!
no ip source-route
ip cef
!
!
!
!
no ip bootp server
ip domain list xxx.net.nz
ip domain name xxx.net.nz
ip name-server 192.168.2.21
ip name-server 192.168.2.71
!
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint xxxxxxxxxxx-xxxxxxxxxx
enrollment selfsigned
subject-name cn=Ixxxxxxxxxxxxxxxx-3079971560
revocation-check none
rsakeypair xxxxxxxxxxxxxxxx-3079971560
!
!
crypto pki certificate chain xxxxxxxxxxxx-3079971560
certificate self-signed 01
3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 xxxxxxxxxx 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33303739 39373135 3630301E 170D3038 30383235 31313136
32365A17 0D323030 xxxxxxxxxxxxxx 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30373939
37313536 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C12D 086D0216 DFB3C4BC E8BC3195 11388B06 7398D7EB 1970D967 6830E967
C8EB6BBA 10CD63C6 xxxxxxxxx BA49D69E D3340558 093F8BD4 3802C9EA 9EB13422
711145C0 934A77EA 4D8CF15D F3D83736 A6FE6A10 3230C075 FE9A1A24 26948C4A
FE6B3294 72B09CF0 5AC66034 E5DC4027 80C3CA9C DEE3911C B60FA7AD 989192C3
472B0203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF 301E0603
551D1104 17301582 13726F75 74657230 2E627265 742E6E65 742E6E7A 301F0603
551D2304 18301680 14CB6732 771206B6 0A654E24 C939548F B9504EE0 6C301D06
03551D0E 04160414 CB673277 1206B60A 654E24C9 39548FB9 504EE06C 300D0609
2A864886 F70D0101 04050003 8181002D 4F25C5F7 A86E855D 791529A6 4F8FFE4E
37AEC7AB E27DEEFC B0396FFA E5C8C955 BD46B197 D9EF667F 641AE344 4AF80950
30F74645 78CAC834 A0E9AA51 6359E738 2B0E7D7C F681631C 22E04F9F 51864965
9CF7E5C8 8091C9B7 43275800 CDC5B7C4 A8C418D2 84C136F6 66A68AFD E2373F57
70DC09E4 198B3C09 BC43D24A 4E1403
quit
!
!
username bret privilege 15 secret 5 $xxxxxxxxxxxxxvy1
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh maxstartups 3
ip ssh logging events
ip ssh version 2
bridge crb
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
ip address 192.168.2.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
speed auto
full-duplex
no mop enabled
bridge-group 69
!
interface FastEthernet0/1
description $ES_LAN$
ip address 88.96.xxx.xxx 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface Dot11Radio0/0/0
no ip address
logging event subif-link-status
!
encryption mode ciphers tkip
!
ssid bret0
!
countermeasure tkip hold-time 3
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 69
bridge-group 69 subscriber-loop-control
bridge-group 69 spanning-disabled
bridge-group 69 block-unknown-source
no bridge-group 69 source-learning
no bridge-group 69 unicast-flooding
!
interface Dot11Radio0/0/1
no ip address
shutdown
no mbssid
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
station-role root
!
interface ATM0/1/0
description ZEN_ADSL
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface Dialer0
description VIRTUAL DIAL FOR ATM ADSL
ip unnumbered FastEthernet0/1
no ip redirects
no ip unreachables
no ip proxy-arp
ip pim sparse-dense-mode
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1460
ip igmp unidirectional-link
dialer pool 1
dialer idle-timeout 0
dialer persistent
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname zxxxxxxxxx
ppp chap password 7 0xxxxxxxxxxxxxxxx
!
router rip
redistribute connected
network 192.168.2.0
!
ip local pool ipool 192.168.2.242 192.168.2.245
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http access-class 99
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat log translations syslog
ip nat inside source list 1 interface FastEthernet0/1 overload
!
logging trap debugging
logging server-arp
logging 192.168.2.50
access-list 1 permit 192.168.2.0 0.0.0.255
access-list 90 permit any log
access-list 99 permit 192.168.2.0 0.0.0.255
access-list 99 deny any log
dialer-list 1 protocol ip permit
snmp-server community public RO 99
snmp-server community ro RO 99
snmp-server community BRET RW 99
snmp-server location rack0
snmp-server contact bret
no cdp run
!
!
!
!
control-plane
!
bridge 69 protocol ieee
bridge 69 route ip
banner login ^CC
Welcome to router0
Authorised Access Only!
^C
banner motd ^CC
Welcome to router0
Authorised Access Only!
^C
!
line con 0
password 7 13xxxxxxxxxxxxx3D
login local
line aux 0
no exec
line vty 0 4
access-class 99 in
privilege level 15
password 7 02xxxxxxxxxxxx36
login local
transport input ssh
line vty 5 15
privilege level 15
password 7 020Exxxxxxxx036
login local
transport input telnet ssh
!
scheduler allocate 4000 1000
ntp clock-period 17180286
ntp server 192.168.2.130
!
webvpn cef
end
-------------
Thanks,
Bret |
|
StuO
@co.uk
| Hi there,
I was having afun time with my Cisco 887w too. But here is how I got round it and just maybe it will work for you 
go into the radio interface and assign an IP address (not the same as the Fast Ethernet. Then do a no shutdown.
Now create a DHCP pool for your WLAN interface and clients.
here is my config for the wireless:
dot11 ssid MooNetwork
authentication open
authentication key-management wpa
infrastructure-ssid
wpa-psk ascii 7 141A1D040F0B3D262B27
!
ip dhcp pool MOO_WLAN
import all
network 192.168.2.0 255.255.255.0
domain-name Moo_WLAN
dns-server 4.2.2.2 192.168.2.254
default-router 192.168.2.254
!
interface Dot11Radio0
description $FW_INSIDE$
ip address 192.168.2.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
zone-member security in-zone
!
encryption mode ciphers tkip
!
ssid MooNetwork
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
!
Hope that helps!
Stu |
|
bret
join:2007-03-30
UK
| Hello Stu,
Thanks. Tried to configure an IP address (The same subnet as eth0/0 which is my internal network I wish to bridge the wifi with) on the dot11 interface and get the below error;
router0(config)#interface dot110/0/0
router0(config-if)#ip address 192.168.2.44 255.255.255.0
% 192.168.2.0 overlaps with FastEthernet0/0
dot11 interface still in reset - what does this mean?
Can anyone tell me if adding eth0/0 and dot0/0/0 into the same bridge group (bridge 69 in my config) is the correct way to have both interfaces on the same subnet?
Thanks,
Bret |
|
StuO
@co.uk | reply to bret
basically it is telling you that you can not have the radio interface on the IP address of the Fast Ethernet interface |
|
StuO
@co.uk | reply to bret
can you tell me how you have your network setup (Network diagram).
Thanks |
|
tubbynet
more voices, more choices
Premium
join:2008-01-16
Mesa, AZ
 ·Sprint Mobile Broa..
 ·Cox HSI
 ·FrontierNet Intern..
| setup a bvi and place the dot11radio and the appropriate fastether interface/vlan into that bridge group....
from here in your config you will need to remove the ip address from your fastether interface and create a bvi interface. assign that interface you lan ip address (iirc, your bridge group numbers and bvi numbers have to correlate). assign the dot11radio to be a member of the bvi. configure your radio as normal. you should be in business.
q. |
|
bret
join:2007-03-30
UK
| reply to StuO
Hello Stu,
Please find a description of my network.
Internal eth0/0 network 192.168.2.0 netmask 255.255.255.0
External eth0/1 network 88.96.3x.208 netmask 255.255.255.248 (8 ip's from my ISP)
My Cisco 1841 as a ADSL WIC that connects to my ADSL provider via a Dialer. I have one internet IP 88.96.3x.209 on eth0/1 this connects to a vlan'ed switch and provides external host access.
Eth0/0 is on my internal network I have ip address 192.168.2.2 as my default router on the internal network. The Cisco 1841 router provides a NAT function to the eth0/1 external ip 88.96.3x.208. Eth0/0 is plugged into a switch all internal hosts connect to this switch.
I don't do any dhcp on the Cisco 1841 that happens on a Unix host.
What I would really like to do is have the dot11 interfaces provide wireless network connectivity to the 192.168.2.0 network. dot11 interfaces provide seamless connectivity to the 192.168.2.0 network.
My current wifi setup is a linksys 54g running openwrt it's doing just what I want in that it's plugged into the internal 192.168.2.0 switch and provides seamless wireless on that network. Not nearly as much fun as doing this in Cisco IOS. 
Thanks again,
Bret |
|
StuO
@co.uk | reply to bret
As tubby said!
If you want to have them in the same network, then you will need to make BVI.
Once it has an IP Address and the no shutdown. Your wireless will come online. |
|
tubbynet
more voices, more choices
Premium
join:2008-01-16
Mesa, AZ | finally! i get some respect 
q. |
|
StuO
@co.uk | LOL |
|
