Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
439
Views
0
Helpful
2
Replies

i can't connect to internet with VLAN WIRELESS cisco851w

nkila_lna
Level 1
Level 1

‎09-10-2007 03:10 AM - edited ‎07-03-2021 02:35 PM

hello friends,

i have a wireless router 851w configure with 3 vlans and i connect my router with another router ADSL sagem, but i can't connect to internet with 3 vlans.

vlan 1 : 10.0.0.0 255.255.255.0

vlan 2 : 10.0.2.0 255.255.255.0

vlan 3 : 10.0.3.0 255.255.255.0

if i change address of ADSL router to 10.0.0.222 i can connect with vlan 1 but not with vlan 2 and 3.

if i change address of ADSL router to 10.0.2.222 i can connect with vlan 2 but not with vlan 1 and 3.

if i change address of ADSL router to 10.0.3.222 i can connect with vlan 3 but not with vlan 1 and 2.

my config in 851w router:

ip subnet-zero

no ip source-route

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

ip dhcp excluded-address 10.0.0.1

ip dhcp excluded-address 10.0.2.1

ip dhcp excluded-address 10.0.3.1

!

ip dhcp pool sdm-pool

import all

network 10.10.10.0 255.255.255.248

default-router 10.10.10.1

lease 0 2

!

ip dhcp pool sdm-pool1

network 10.0.0.0 255.255.255.0

default-router 10.0.0.1

!

ip dhcp pool sdm-pool2

network 10.0.2.0 255.255.255.0

default-router 10.0.2.1

!

ip dhcp pool sdm-pool3

network 10.0.3.0 255.255.255.0

default-router 10.0.3.1

!

!

ip cef

ip tcp synwait-time 10

no ip bootp server

ip domain name boomerangpharma.com

!

!

!

bridge irb

!

!

interface FastEthernet0

no cdp enable

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

no ip address

shutdown

duplex auto

speed auto

!

interface Dot11Radio0

description Cisco Open

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

no ip route-cache cef

no ip route-cache

!

broadcast-key vlan 3 change 10

!

broadcast-key vlan 2 change 10

!

!

encryption vlan 3 key 1 size 40bit 0 1234567890 transmit-key

encryption vlan 3 mode wep mandatory

!

!

ssid atmdata

vlan 1

authentication open

!

ssid atmvlan2

vlan 2

authentication open

!

ssid atmvlan3

vlan 3

authentication open

authentication network-eap eap_methods

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

channel 2462

station-role root

no cdp enable

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

no snmp trap link-status

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Dot11Radio0.2

encapsulation dot1Q 2

no ip route-cache

no snmp trap link-status

no cdp enable

bridge-group 2

bridge-group 2 subscriber-loop-control

bridge-group 2 spanning-disabled

bridge-group 2 block-unknown-source

no bridge-group 2 source-learning

no bridge-group 2 unicast-flooding

!

interface Dot11Radio0.3

encapsulation dot1Q 3

no ip route-cache

no snmp trap link-status

no cdp enable

bridge-group 3

bridge-group 3 subscriber-loop-control

bridge-group 3 spanning-disabled

bridge-group 3 block-unknown-source

no bridge-group 3 source-learning

no bridge-group 3 unicast-flooding

!

interface Vlan1

description intvlan1

ip address dhcp

no ip redirects

no ip unreachables

no ip proxy-arp

no ip route-cache cef

no ip route-cache

ip tcp adjust-mss 1452

bridge-group 1

!

interface BVI1

description intbvI1

ip address 10.0.0.1 255.255.255.0

ip virtual-reassembly

!

interface BVI2

ip address 10.0.2.1 255.255.255.0

!

interface BVI3

ip address 10.0.3.1 255.255.255.0

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.222

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

logging trap debugging

no cdp run

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

bridge 2 protocol ieee

bridge 2 route ip

bridge 3 protocol ieee

bridge 3 route ip

Labels:
0 Helpful
2 Replies 2

irisrios
Level 6
Level 6

‎09-14-2007 06:06 AM

Have only one BVI and assign it the address 10.10.10.1 as we are tagging the traffic and sending it out to the switch via a dot1q

trunked interface.

0 Helpful

dancampb
Level 7
Level 7

‎09-14-2007 08:01 PM

You config is fine. Unlike an IOS AP you will need multiple BVI interfaces because you are basically setting up transparent bridging within the router.

The issue is that you are going to need to setup NAT. The DSL router won't have routes back to all of the subnets. That's why when you change the address on it you can get to the Internet for the SSID associated to that subnet.

What I would suggest is connect the DSL router to fa4 and put an IP address on it that matches the DSL router. This subnet should be different than the BVI interface addresses. Then setup NAT so all of the BVI interfaces are NATed to the address you assigned to the fa4 interface.

This way the DSL router sees all of the traffic coming from the router as being from the same source address and would have a route back to it.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card