04-08-2007 01:46 PM - edited 03-05-2019 03:21 PM
Hello,
I have the following goals of implementing my 877w:
1) Two vlans, one for wired, one for wireless.
2) DHCP giving IP leases for both vlans, using a pool for each vlan.
3) Allowing the clients of both vlans to access the internet through my adsl modem.
I worked for over 8 hours during the past two days, repeating all gui setup on cli. I reached a point where I can't verify what I did correctly and what I didn't.
Someone please, recalibrate me. This is all self effort, I'm a college student trying to learn (experiance), never got into cisco wireless or ccnp. Just basic ccna. I'm kind of, loosing out.
Here is my config:
Current configuration : 1957 bytes
!
! Last configuration change at 12:35:40 UTC Sun Apr 8 2007
! NVRAM config last updated at 11:21:19 UTC Sun Apr 8 2007
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 877w
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret xxx
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
no ip dhcp use vrf connected
!
ip dhcp pool wireless.AlKhaldi.net
network 10.99.99.64 255.255.255.192
domain-name wireless.AlKhaldi.net
dns-server 212.77.192.59
lease infinite
!
ip dhcp pool Wired
network 10.99.99.192 255.255.255.192
dns-server 212.77.192.59
domain-name wired.AlKhaldi.net
lease infinite
!
!
!
!
!
!
shutdown vlan 2
shutdown vlan 12
!
!
!
bridge irb
!
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
!
broadcast-key vlan 1 change 45
!
!
encryption vlan 1 mode ciphers tkip
!
encryption vlan 2 mode ciphers tkip
!
ssid Alkhaldi.net
vlan 1
authentication open
authentication shared
guest-mode
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
rts threshold 2312
station-role root
!
interface Vlan1
no ip address
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
!
interface Vlan2
no ip address
!
interface BVI1
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly
shutdown
!
ip classless
!
no ip http server
no ip http secure-server
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
exec-timeout 0 0
timeout login response 300
logging synchronous
no modem enable
line aux 0
line vty 0 4
!
scheduler max-task-time 5000
end
Thanks in advance
04-09-2007 12:34 PM
Ok... config looks good so far. I'll go out on a limb and see if I can help. It appears as though you have the right idea... but you never fully configured NAT. The only NAT statement I see is on your BVI interface. You need to set you NAT perimeters... your outside should be your DSL interface. Then you have to build a PAT pool for which clients can be translated. Why? You have configured your internal clients on private address schemes (10.x.x.x). In order for these clients to be Internet routable, you must translate these addresses to the public address of the DSL interface. This happens on most home-based routers without any configuration, but is required for Cisco's to work in an Internet environment. Lots of examples available for this... check out here: http://www.cisco.com/en/US/tech/tk175/tk15/technologies_configuration_example09186a0080093e51.shtml
Anymore questions let use know. Hope this helped!
-Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide