Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 1941W AP Configuration

Hello Everyone,

I need Help !  I have been looking over all of the configurations and Discussions on the Cisco 1941w router and I am still stumped.

What I would like to do is, have the router wired lan on one subnet (VLAN) the Wireless "BGN" AP on a second subnet and the Wireless "A" on a third subnet. Enventually I would like a 4th subnet for "Guests" to access on the "BGN" wireless network that will only have access to the internet.

Here is the configuration that I have so far.

Thank you in Advance for any and all help!!!!

Router Config:

BPD_C1941W_RT#show run

Building configuration... Current configuration : 5745 bytes

! version 15.0 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname BPD_C1941W_RT

! boot-start-marker boot-end-marker

! no aaa new-model clock timezone PCTime -7

service-module wlan-ap 0 bootimage autonomous

!

no ipv6 cef ip source-route ip cef

!

! ip dhcp excluded-address 10.112.1.0 10.112.1.20

ip dhcp excluded-address 10.112.1.240 10.112.1.254

ip dhcp excluded-address 10.112.2.0 10.112.2.20

ip dhcp excluded-address 10.112.2.240 10.112.2.254

ip dhcp excluded-address 10.112.0.0 10.112.0.20

ip dhcp excluded-address 10.112.0.240 10.112.0.254

!

ip dhcp pool WLAN_BGN_USERS

   network 10.112.1.0 255.255.255.0

   default-router 10.112.1.254

   dns-server 24.116.2.50

   lease 3

!

ip dhcp pool WLAN_A_USERS

   network 10.112.2.0 255.255.255.0

   default-router 10.112.2.254

   dns-server 24.116.2.50

   lease 3

! ip dhcp pool LAN_WIRED_USERS

   network 10.112.0.0 255.255.255.0

   default-router 10.112.0.254

   dns-server 24.116.2.50

   lease 3

!

!

no ip domain lookup

ip domain name cityofbisbee.com

ip name-server 24.116.2.50

ip name-server 24.116.2.34

ip name-server 10.10.0.1

multilink bundle-name authenticated

!

!

!

bridge irb

!

!

!

! interface Wlan-GigabitEthernet0/0

description Internal switch interface connecting to the embedded AP

switchport mode trunk

!

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

ip address 10.112.252.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache cef

no ip route-cache

duplex auto

speed auto

no mop

enabled bridge-group 10

!

interface GigabitEthernet0/0.10

description WIRED VLAN

encapsulation dot1Q 10

ip address 10.112.0.254 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache

!

interface GigabitEthernet0/0.20

description Wireless VLAN BGN

encapsulation dot1Q 20

ip address 10.112.1.254 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache

!

interface GigabitEthernet0/0.30

description Wireless VLAN A

encapsulation dot1Q 30

ip address 10.112.2.254 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache

!

interface GigabitEthernet0/0.50

description VOICE VLAN

encapsulation dot1Q 50

ip address 10.112.5.254 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache

!

interface wlan-ap0

description Service module interface to manage the embedded AP

ip unnumbered GigabitEthernet0/0.10

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

arp timeout 0

no mop enabled

no mop sysid

!

interface GigabitEthernet0/1

description IP INTERFACE TO WAN

ip address dhcp

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

bridge-group 10

!

interface Cable-Modem0/0/0

description CABLEONE INTERNET CONNECTION

ip address dhcp

ip nat outside

ip virtual-reassembly

shutdown

bridge-group 10

!

interface Vlan1

no ip address

!

interface BVI10

no ip address

!

!

router eigrp 1

no default-information in

network 10.0.0.0

auto-summary

no eigrp log-neighbor-changes

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1

!

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 23 permit any

!

!

!

control-plane

!

bridge 10 protocol ieee

bridge 10 route ip

!

BPD_C1941W_RT#

Here is the AP Config

BPD_AP#sho run

Building configuration...

Current configuration : 2118 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname BPD_AP

!

!

no aaa new-model

no ip domain lookup

!

!

dot11 syslog

!

dot11 ssid BPD_WIFI

   vlan 1

   authentication open

   guest-mode

!

!

!

!

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers aes-ccm tkip

!

encryption vlan 20 mode ciphers tkip

!

broadcast-key vlan 20 change 30

!

!

ssid BPD_WIFI

!

antenna gain 0

station-role root

bridge-group 1

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Dot11Radio0.20

encapsulation dot1Q 20

no ip route-cache

!

interface Dot11Radio1

no ip address

no ip route-cache

!

encryption mode ciphers aes-ccm tkip

!

encryption vlan 30 mode ciphers tkip

!

broadcast-key vlan 30 change 30

!

!

ssid BPD_WIFI

!

antenna gain 0

dfs band 3 block

channel dfs

station-role root

bridge-group 1

bridge-group 1

block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Dot11Radio1.30

encapsulation dot1Q 30

no ip route-cache

!

interface GigabitEthernet0

description the embedded AP GigabitEthernet 0 is an internal interface connecting

AP with the host router

no ip address

no ip route-cache

!

interface GigabitEthernet0.20

encapsulation dot1Q 20

native no ip route-cache

bridge-group 20

no bridge-group 20 source-learning

bridge-group 20 spanning-disabled

!

interface GigabitEthernet0.30

encapsulation dot1Q 30

no ip route-cache

bridge-group 30

no bridge-group 30 source-learning

bridge-group 30 spanning-disabled

!

interface BVI1

ip address 10.112.0.252 255.255.255.0

no ip route-cache

!

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

bridge 1 protocol ieee

bridge 1 route ip

!

!

!

line con 0 no activation-character line vty 0 4 login local !

end

BPD_AP#

Currently BVI interface is down and so are the wireless radios DOT11Radio0 and DOT11Radio1 Thank you for any help!!!

Everyone's tags (4)
7 REPLIES

Re: Cisco 1941W AP Configuration

Hi,

you have a good start.

On the AP, you also need to mention bridge groups. For example Dot11radio0.20 must also have "bridge group 20" under it.

Then on the router, the wlan-ap port must also reflect the vlans with subinterfaces.

Finally, you need "bridge 20 route ip" and "bridge 20 protocol ieee" on the router and this for all your bridge groups (30 as well for example).

Should already start to work better.

Nicolas

===

Don't forget to rate answers that you find useful

New Member

Re: Cisco 1941W AP Configuration

Hello Nicolas,

Thank you for your assistance, I have created the Bridge groups you have suggested and have included them in the AP configuration.

However I cannot put the command "bridge 20 route ip" I get an error stating that you can only issue this command to bridge 1.

The "Bridge 20 protocol ieee" did take on the configuration.

Question on the DHCP.

Should the DHCP scope for the wireless be on the router configuration or the Access point configuration?

Thanks again for the help!

Pablo

Re: Cisco 1941W AP Configuration

Where did you type the "bridge 20 route ip" ? router or ap ? The router should take it if you gave "bridge irb" enabled and an interface "BVI20" containing an ip in that subnet too.

Those are the prerequisite if you put the dhcp pool on the router.

I don't think the AP supports multiple dhcp pools for every ssid.

Nicolas

===

Don't forget to rate answers that you find useful

New Member

Re: Cisco 1941W AP Configuration

Hello Nicolas,

I typed the "Bridge 20 route ip" on the router side and it accepted the command. I also created the interface BVI20, however when I try to put an ip address 10.112.1.x which is the ip subnet of vlan 2, I get an error that it overlaps with ip address of Interface GIG0/0.20 the gigabite sub interface for vlan 20.

I have DHCP configured on the AP and working, however I still can not route to the wired network. THE Bridgeing or routing is not working between the router and the access points.

I am having the same problem that another users is having with this same router set-up where the AP cannot access the wired on other routed connections.

https://supportforums.cisco.com/thread/2028286?tstart=30

I am beginging to wonder which GigabitEthernet interfaced should be the internal "LAN" and which should be the external "WAN" interface

GIG 0/0 is being configured as internal "LAN" and GIG0/1 is external "WAN"

Once again Thank you for the assistance you have offered!

Pablo

Re: Cisco 1941W AP Configuration

The ip that is on gig0.20, put it on the BVI20 (the same), so remove it from gig0.20.

If gig0.20 is on bridge group 20, it will have the same effect as they will be bridged.

Same for the other vlans.

Nicolas

New Member

Re: Cisco 1941W AP Configuration

Hi Nicholas,

I've got a similar issue to what's discussed on here but the solutions don't work or dont' "fit"..

What i want is the wireless clients on the AP to be on the same vlan/subnet as G0/0 (LAN). Lan subnet is 10.0.0.0/24. There's only 1 wireless SSID/VLAN in thise case, but if there's "simple" differences to have multiple VLAN's, that would be great as well as i have to put this solution in soon as well.

I'm essentially trying to replicate the config of what we've got at other sites, typically a router and a seperate access point, on the same vlan/subnet/network using a router (say 877, 1841 or 28xx) + access point (say 114x or 124x).

The issue i suspect is the "link" between the AP and the router (the "switch").

Router IP is 10.0.0.1, AP IP is 10.0.0.10. I can't even ping between the router & the AP.....

Here's the parts of the config's that matter.

ROUTER:

ip dhcp pool lan
   network 10.0.0.0 255.255.255.0
   dns-server 8.8.8.8
   default-router 10.0.0.1

interface Wlan-GigabitEthernet0/0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
!
!
interface GigabitEthernet0/0
description Physical connection to LAN
ip address 10.0.0.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
bridge-group 1
!
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered GigabitEthernet0/0

interface Vlan1
ip unnumbered GigabitEthernet0/0
no ip redirects
ip flow ingress
bridge-group 1

ACCESS POINT:

dot11 ssid MYSSID
   vlan 1
   authentication open
   authentication key-management wpa
   mbssid guest-mode
   wpa-psk ascii MYKEY

interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
ssid MYSSID
!
antenna gain 0
mbssid
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
ssid MYSSID
!
antenna gain 0
no dfs band block
mbssid
channel dfs
station-role root

interface Dot11Radio1.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
description  the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
no ip address
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.1
no ip route-cache
!
interface BVI1
ip address 10.0.0.10 255.255.255.0
no ip route-cache

Thanks in advance for any assistance.

Re: Cisco 1941W AP Configuration

Chris,

general internet forum guideliens dictates that people should open their own thread/discussion instead of resurrecting other people's because that just creates non-understandable forums. Moreover, your router is a completely different model that doesn't have a radio interface but a real AP inside so things are just not the same ...

As my only hint, the thing is that you should not put the ip address on the Gig interface of the router as this doesn't make it accessible for the wireless users. Put it on a BVI or Vlan interface.

Nicolas

4255
Views
0
Helpful
7
Replies