WLAN templates for an 877W

Unanswered Question
Aug 21st, 2007
User Badges:

Evening all, I'm trying to set up the above router with three seperate SSIDs, three different VLANs and three different rulebases. Can someone point me toward a template I can use or offer some advice?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
steve.busby Thu, 08/23/2007 - 10:16
User Badges:
  • Silver, 250 points or more

Hate to point you outside of Cisco.com, but this template for two SSIDs on the 851W/871W looks like it could be a good way to start. I've not used it, nor tried it, but it may help.


http://blogs.zdnet.com/Ou/?p=313


HTH

Steve

jadehan Thu, 08/23/2007 - 12:10
User Badges:

Hello,


I have a config that have been tested for the C871 router, which should be similar to the C877. I hope this helps. This is only for 2 SSIDs, but you can just keep adding to the set up for up to 10 SSIDs:


This is test sample for 2 vlans, vlan1 and vlan 10

both are BVI interfaces. 2 bridge-groups are being configured.

No cdp run globally, but enable cdp on FE ports for IP phones.

tester1#sh run

Building configuration...

service timestamps debug datetime msec

service timestamps log datetime msec

!

hostname tester1

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

!

no aaa new-model

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

ip dhcp excluded-address 172.30.220.1 172.30.220.10

ip dhcp excluded-address 172.30.220.129 172.30.220.138

!

ip dhcp pool wireless

import all

network 172.30.220.0 255.255.255.128

default-router 172.30.220.1

dns-server 4.2.2.1 4.2.2.2

domain-name vnus.com

!

ip dhcp pool wired-clients

import all

network 172.30.220.128 255.255.255.128

default-router 172.30.220.129

dns-server 4.2.2.1

!

bridge irb

!

interface FastEthernet0

switchport access vlan 10

spanning-tree portfast

cdp enable

!

interface FastEthernet1

switchport mode trunk

switchport voice vlan 10

spanning-tree portfast

cdp enable

!

interface FastEthernet2

switchport mode trunk

switchport voice vlan 10

spanning-tree portfast

cdp enable

!

interface FastEthernet3

switchport mode trunk

switchport voice vlan 10

spanning-tree portfast

cdp enable

!

interface FastEthernet4

description Internet

ip address dhcp

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface Dot11Radio0

no ip address

!

!

encryption vlan 1 key 1 size 128bit xxx transmit-key

encryption vlan 1 mode wep mandatory

!

encryption vlan 10 key 1 size 128bit xxx transmit-key

encryption vlan 10 mode wep mandatory

!

ssid vnus-group

vlan 1

authentication open

guest-mode

!

ssid vnus-group2

vlan 10

authentication open

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

54.0

station-role root

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Dot11Radio0.10

encapsulation dot1Q 10

no cdp enable

bridge-group 10

bridge-group 10 subscriber-loop-control

bridge-group 10 spanning-disabled

bridge-group 10 block-unknown-source

no bridge-group 10 source-learning

no bridge-group 10 unicast-flooding

!

interface Vlan1

description user data network

no ip address

no ip redirects

ip tcp adjust-mss 1452

bridge-group 1

bridge-group 1 spanning-disabled

!

interface Vlan10

no ip address

no ip redirects

bridge-group 10

bridge-group 10 spanning-disabled

!

interface BVI1

ip address 172.30.220.1 255.255.255.128

ip nat inside

ip virtual-reassembly

!

interface BVI10

ip address 172.30.220.129 255.255.255.128

no ip redirects

ip nat inside

ip virtual-reassembly

!

ip route 0.0.0.0 0.0.0.0 dhcp

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source route-map soho-vpn interface FastEthernet4 overload

!

access-list 23 permit 172.30.0.0 0.0.255.255

access-list 102 permit ip 172.30.0.0 0.0.255.255 any

!

!

!

route-map soho-vpn permit 10

match ip address 102

!

!

control-plane

!

bridge 1 route ip

bridge 10 route ip

!

line con 0

login local

no modem enable

line aux 0

line vty 0 4

access-class 23 in

privilege level 15

login local

transport input telnet ssh

!


Actions

This Discussion