Data VLAN 192.168.3.0
Voice VLAN 10.50.50.0
DHCP Server with both ranges is 192.168.3.201
Gateway Linksys: 192.168.3.254
Switch configuration: -
ip routing
no ip domain-lookup
!
vlan 2-3
!
interface FastEthernet0/1
description *****Link to 2801*****
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport mode trunk
duplex full
speed 100
spanning-tree portfast
!
interface FastEthernet0/2
description *****DHCP Server*****
switchport access vlan 2
switchport trunk native vlan 2
switchport voice vlan 3
spanning-tree portfast
!
interface FastEthernet0/33
description *****Martyn's IP Phone*****
switchport access vlan 2
switchport mode access
switchport voice vlan 3
shutdown
spanning-tree portfast
!
interface FastEthernet0/44
description *****AP*****
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport trunk allowed vlan 1-3
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/48
description *****LINKSYS*****
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan2
description *****Data*****
ip address 192.168.3.250 255.255.255.0
!
interface Vlan3
description *****Voice*****
ip address 10.50.50.250 255.255.255.0
ip helper-address 192.168.3.201
no ip domain-lookup
!
vlan 2-3
!
interface FastEthernet0/1
description *****Link to 2801*****
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport mode trunk
duplex full
speed 100
spanning-tree portfast
!
interface FastEthernet0/2
description *****DHCP Server*****
switchport access vlan 2
switchport trunk native vlan 2
switchport voice vlan 3
spanning-tree portfast
!
interface FastEthernet0/33
description *****Martyn's IP Phone*****
switchport access vlan 2
switchport mode access
switchport voice vlan 3
shutdown
spanning-tree portfast
!
interface FastEthernet0/44
description *****AP*****
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport trunk allowed vlan 1-3
switchport mode trunk
spanning-tree portfast
!
interface FastEthernet0/48
description *****LINKSYS*****
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan2
description *****Data*****
ip address 192.168.3.250 255.255.255.0
!
interface Vlan3
description *****Voice*****
ip address 10.50.50.250 255.255.255.0
ip helper-address 192.168.3.201
AP Configuration
dot11 vlan-name Data vlan 2
dot11 vlan-name Voice vlan 3
!
dot11 ssid Data
vlan 2
authentication open
guest-mode
!
dot11 ssid Voice
vlan 3
authentication open
!
power inline negotiation prestandard source
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 3 key 1 size 128bit 7 E3BEDBF2515AF471C34CFBB0 transmit-key
encryption vlan 3 mode wep mandatory
!
encryption vlan 2 key 1 size 128bit 7 2E17A6E62FA4D039AD5B57BB transmit-key
encryption vlan 2 mode wep mandatory
!
ssid Data
!
ssid Voice
!
station-role root
!
interface Dot11Radio0.2
encapsulation dot1Q 2 native
ip helper-address 192.168.3.250
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.3
encapsulation dot1Q 3
ip helper-address 192.168.3.250
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
!
encryption vlan 3 key 1 size 128bit 7 E3BEDBF25198471C34CFBB0 transmit-key
encryption vlan 3 mode wep mandatory
!
encryption vlan 2 key 1 size 128bit 7 2E17A6E65A4D039AD5B57BB transmit-key
encryption vlan 2 mode wep mandatory
!
ssid Data
!
ssid Voice
!
no dfs band block
channel dfs
station-role root
!
interface Dot11Radio1.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.3
encapsulation dot1Q 3
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.3
encapsulation dot1Q 3
ip helper-address 192.168.3.250
no ip route-cache
bridge-group 3
no bridge-group 3 source-learning
bridge-group 3 spanning-disabled
!
interface BVI1
ip address 192.168.3.244 255.255.255.0
ip helper-address 192.168.3.250
no ip route-cache
dot11 vlan-name Voice vlan 3
!
dot11 ssid Data
vlan 2
authentication open
guest-mode
!
dot11 ssid Voice
vlan 3
authentication open
!
power inline negotiation prestandard source
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 3 key 1 size 128bit 7 E3BEDBF2515AF471C34CFBB0 transmit-key
encryption vlan 3 mode wep mandatory
!
encryption vlan 2 key 1 size 128bit 7 2E17A6E62FA4D039AD5B57BB transmit-key
encryption vlan 2 mode wep mandatory
!
ssid Data
!
ssid Voice
!
station-role root
!
interface Dot11Radio0.2
encapsulation dot1Q 2 native
ip helper-address 192.168.3.250
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.3
encapsulation dot1Q 3
ip helper-address 192.168.3.250
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
!
encryption vlan 3 key 1 size 128bit 7 E3BEDBF25198471C34CFBB0 transmit-key
encryption vlan 3 mode wep mandatory
!
encryption vlan 2 key 1 size 128bit 7 2E17A6E65A4D039AD5B57BB transmit-key
encryption vlan 2 mode wep mandatory
!
ssid Data
!
ssid Voice
!
no dfs band block
channel dfs
station-role root
!
interface Dot11Radio1.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.3
encapsulation dot1Q 3
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.3
encapsulation dot1Q 3
ip helper-address 192.168.3.250
no ip route-cache
bridge-group 3
no bridge-group 3 source-learning
bridge-group 3 spanning-disabled
!
interface BVI1
ip address 192.168.3.244 255.255.255.0
ip helper-address 192.168.3.250
no ip route-cache
The above is working well but I want to introduce an ASA and remove the Linksys, my ASA only has 3 VLAN's with the key I have, so VLAN 1, 2 and 3
So my question to the experts here is "how do I introduce it with my current config?"
Thanks for your time
Martyn
