Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Guest Wifi not broadcasting..

We recently changed out routers at a location - our secure SSID is working as it should however our Guest SSID is not broadcasting. The DHCP server is at 10.27.129.31 which serves up the IP's. Nothing has changed on the AP's(they were not upgraded or changed out).

Is a statement or rule I'm missing fro the below config?

Thanks in advance.

 

Building configuration...

Current configuration : 6183 bytes
!
! Last configuration change at 20:20:52 UTC Thu Oct 16 2014 by admin
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PB
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
ip cef
!
!
!
ip dhcp excluded-address 10.26.129.1
ip dhcp excluded-address 10.26.129.253
ip dhcp excluded-address 10.26.129.254
ip dhcp excluded-address 10.26.129.2
!
!
!
ip domain name xxx.com
no ipv6 cef
!
multilink bundle-name authenticated
!
!
crypto pki trustpoint TP-self-signed-1027700013
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1027700013
 revocation-check none
 rsakeypair TP-self-signed-1027700013
!
!
crypto pki certificate chain TP-self-signed-1027700013
 certificate self-signed 01
 
        quit
license udi pid CISCO1921/K9 sn FTX174784AZ
!
!
redundancy
!
!
!
!
!
ip ftp username ftpuser
ip ftp password pass
!
!
!
!
!
!
!
!
!
interface Tunnel5
 ip address 172.17.5.4 255.255.255.0
 ip mtu 1400
 ip tcp adjust-mss 1360
 tunnel source 12.118.xxx.xx
 tunnel destination 199.47.xxx.xxx
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 description Data Networks
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.1
 description Main Data VLAN
 encapsulation dot1Q 1 native
 ip address 10.27.129.2 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/0.3
 description DMZ VLAN
 encapsulation dot1Q 3
 ip address 10.28.129.2 255.255.255.0
!
interface GigabitEthernet0/0.20
 description Guest VLAN
 encapsulation dot1Q 20
 ip address 10.26.129.2 255.255.255.0
 ip access-group 101 in
 ip helper-address 10.27.129.31
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/1
 description PhoneLAN
 ip address 12.33.xxx.xxx 255.255.255.240
 duplex auto
 speed auto
!
interface Serial0/0/0
 description PB T1
 ip address 12.118.xxx.xxx 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 service-module t1 cablelength short 440ft
 service-module t1 timeslots 1-24
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 2 interface Serial0/0/0 overload

ip route 0.0.0.0 0.0.0.0 12.118.xxx.xxx
ip route 10.10.0.0 255.255.255.0 172.17.5.5
ip route 10.10.200.0 255.255.255.0 172.17.5.5
ip route 10.27.130.0 255.255.255.0 172.17.5.5
ip route 10.27.131.0 255.255.255.0 172.17.5.5
ip route 10.28.129.0 255.255.255.0 172.17.5.5
!
access-list 2 permit 12.218.xxx.xxx
access-list 2 permit 10.27.129.0 0.0.0.255
access-list 2 permit 192.168.2.0 0.0.0.255
access-list 2 permit 10.27.131.0 0.0.0.255
access-list 2 permit 10.27.130.0 0.0.0.255
access-list 2 permit 10.10.0.0 0.0.0.255
access-list 2 permit 10.10.200.0 0.0.0.255
access-list 2 permit 172.17.5.0 0.0.0.255
access-list 101 permit tcp any host 10.27.129.31 eq 67
access-list 101 permit ip 10.27.129.0 0.0.0.255 any
access-list 101 permit udp any host 255.255.255.255 eq bootps
access-list 101 permit udp any host 10.27.129.31 eq bootps
access-list 101 deny   ip 10.26.129.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 deny   ip 10.26.129.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 101 deny   ip 10.26.129.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 101 permit ip 10.26.129.0 0.0.0.255 any
!
!
!
control-plane
!
!
!
line con 0
 login local

 

3 REPLIES
Hall of Fame Super Gold

access-list 2 permit 12.218

access-list 2 permit 12.218.xxx.xxx

Your ACL is incorrect.  

New Member

If I remove the :access-list

If I remove the :

access-list 2 permit 12.218.xxx.xx

will the command (same public IP):

access-list 2 permit 12.218.xxx.xx 0.0.0.7 also need to be deleted?

 

 

Hall of Fame Super Gold

interface Serial0/0/0

interface Serial0/0/0
 ip address 12.118.xxx.xxx 255.255.255.252

Your ACL is wrong.  Look at the subnet of your point-to-point serial link.  It's wrong.  

73
Views
5
Helpful
3
Replies