Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Can't get wireless client working across network?

Bit new to this autonomous networking stuff but I have an issue with getting a wireless client working across onto the wired network.

When I set the network switchport up as an Acees port VLAN 6 I am able to get my laptop collecting a DHCP sourced ip address and working out onto the web - which is what I want for the wireless guest users. However when I set the same switchport up as a trunk port and put the AP onto it I find I can telnet to the AP no problem over wired network but can't get the wireless guest client working across the network. It associates no problem at all - I can see it on the AP dot11 associations.

Looking at the mac-address table for the switchport I can see the AP & my client mac-addresses (AP in VLAN3 and Client in VLAN6) / CDP also showing correct from both AP and switch but layer 3 not appearing to work. I have tried setting client up as static ip address within VLAN6 subnet range and still not able to get out across wired infrastructure.

Reading other posts on similar subject I have set up same native vlan on both AP and switches, advertised wireless vlans across wired network and played with trunk nonegotiate command on switchport - all to no avail.

This is the Cisco 1142 config;

version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname XXXXX
!
enable secret 5 XXXXXXX
!
no aaa new-model
!
!
dot11 syslog
!
dot11 ssid WirelessCorp
   vlan 7
   authentication open
!
dot11 ssid WirelessGuest
   vlan 6
   authentication open
   guest-mode
!
!
!
username Cisco password 0 XXXXXXX
username Ciscoasas password 7 XXXXX!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 6 key 4 size 128bit 7 054FB071F3B5D56B73A1C6D96834 transmit-key
encryption vlan 6 mode wep mandatory
!
encryption vlan 7 key 2 size 128bit 7 BE125E3F5F591D5CF5863A53AD6D transmit-key
encryption vlan 7 mode wep mandatory
!
ssid WirelessGuest
!
antenna gain 0
station-role root
!
interface Dot11Radio0.3
encapsulation dot1Q 3 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.6
encapsulation dot1Q 6
no ip route-cache
bridge-group 6
bridge-group 6 subscriber-loop-control
bridge-group 6 block-unknown-source
no bridge-group 6 source-learning
no bridge-group 6 unicast-flooding
bridge-group 6 spanning-disabled
!
interface Dot11Radio0.7
encapsulation dot1Q 7
no ip route-cache
bridge-group 7
bridge-group 7 subscriber-loop-control
bridge-group 7 block-unknown-source
no bridge-group 7 source-learning
no bridge-group 7 unicast-flooding
bridge-group 7 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
!
encryption vlan 6 key 4 size 128bit 7 B532B65BFC80CE4336DCD6191EA2 transmit-key
encryption vlan 6 mode wep mandatory
!
encryption vlan 7 key 2 size 128bit 7 EB32F435C1308444AF941E5E4C79 transmit-key
encryption vlan 7 mode wep mandatory
!
ssid WirelessCorp
!
antenna gain 0
no dfs band block
channel dfs
station-role root
!
interface Dot11Radio1.3
encapsulation dot1Q 3 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.6
encapsulation dot1Q 6
no ip route-cache
bridge-group 6
bridge-group 6 subscriber-loop-control
bridge-group 6 block-unknown-source
no bridge-group 6 source-learning
no bridge-group 6 unicast-flooding
bridge-group 6 spanning-disabled
!
interface Dot11Radio1.7
encapsulation dot1Q 7
no ip route-cache
bridge-group 7
bridge-group 7 subscriber-loop-control
bridge-group 7 block-unknown-source
no bridge-group 7 source-learning
no bridge-group 7 unicast-flooding
bridge-group 7 spanning-disabled
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
!
interface GigabitEthernet0.3
encapsulation dot1Q 3 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.6
encapsulation dot1Q 6
no ip route-cache
bridge-group 6
no bridge-group 6 source-learning
bridge-group 6 spanning-disabled
!
interface GigabitEthernet0.7
encapsulation dot1Q 7
no ip route-cache
bridge-group 7
no bridge-group 7 source-learning
bridge-group 7 spanning-disabled
!
interface BVI1
ip address 192.168.5.45 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.5.249
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
password XXXXXXX
login
!
end

This is the switchport config;

nterface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport trunk native vlan 3
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape  10  0  0  0
mls qos trust cos
auto qos voip trust
spanning-tree portfast

4 REPLIES
New Member

Re: Can't get wireless client working across network?

Hi Matt,

nterface FastEthernet0/24

switchport trunk encapsulation dot1q

switchport trunk native vlan 3

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

srr-queue bandwidth shape  10  0  0  0

mls qos trust cos

auto qos voip trust

spanning-tree portfast

shouldn't this be spanning-tree portfast trunk ?

cheers,

janesh

Cisco Employee

Re: Can't get wireless client working across network?

Hi,

Janesh's tips is good indeed but shouldn't be the heart of the problem.

Are you sure that your vlan 6 and 7 are up ?

If you do "show vlan" on the switch do you see 6 and 7 on the list ?

If you do "show ip int brief" on the switch which has the gateway ip for those vlan, are the 2 Vlan interfaces up/up ?

Nicolas

===

Don't forget to rate answers that you find useful

New Member

Re: Can't get wireless client working across network?

Hi Guys,

              Thanks for help. Yes if I do sho vlan I see both 6 & 7 on there. Likewise when I do sho int trunk I can see the relevant vlans allowed on both the trunk port going to the AP and the uplink trunk. Doing sho ip int br the vlans show as up / up. I also checked the PVST as wasn't sure if someting was blocked rather than forwarding but all relevant ports seem to be forwarding.

As described when I change the edge switchport to access vlan 6 and put the laptop direct onto that port I can pickup my IP address through DHCP and work out onto internet as we would expect - so figure the switch configs must be good?? The issue is when I put the AP onto the switchport and reconfig as trunk then use the same client laptop connected to WirelessGuest - it can't seem to ping / connect across wired infrastructure.

M

Cisco Employee

Re: Can't get wireless client working across network?

Strange,

well first of all, I would clean out the unnecessary config. You have only one ssid on each radio interface so why configuring "encryption vlan x mode wep ..." for the ssid that is not sent on that particular radio ?

Same thing with radio subinterfaces. You only need one subinterface on each radio.

Then it could just be a wep key issue as well. Did you try removing any encryption config ?

Nicolas

===

Don't forget to rate answers that you find useful

419
Views
0
Helpful
4
Replies
CreatePlease to create content