Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Cisco 877W comms problem

Hi I have been struggling with a configuration problem for some time, and I am sure that I missing something simple, but at the moment is it beyond me. The issue is this. I have been given a Cisco 877W ADSL wireless router to use at home. I have the ADSL stuff working and I have the wireless half working. The position of the router is that it is sitting between the internet and a linux firewall/webserver, a l2 managed switch (Intel 460) 24 port switch which has 2 vlans on it one the default and the other running dot1q back to F2 on the router. What I am attempting to do is have my sons friends connect via the wireless interface and have the data travel back through the vlan to the firewall where I am running smnp and traffic shapping. From the inside of the network I can ping everything this includes the wireless attached laptops. my problem is that using the laptop connected to the wireless interface I can ping it'self, the dhcp gateway and the IP of the dialer0 interface I am not able to ping anything else. dot1q is enabled and the vlan is linked back to the dotradio 0.2 sub interface. I am currently using trunking on the router although I have also tried to bridging the interface as well. I can ping directly from the router through to hte switch and I have also unplugged the cable upon which vlan2 travels. This action causes ping to fail so I beleive that the vlan is ok, howerver I have not had any success at all up to this point. Can anyone out there help me please ?

Thank you

Athol Reid

27 REPLIES
VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

can you make a drawing of your physical setup and post it ?

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

I have attached a jpg of my home network infrastrucure

Cheers

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

thanks for the drawing, that clarifies what you are running into.

You say that the wireless laptop can ping the dialer 0 interface of the 877, can you tell if the address actually gets translated when you ping something on the Internet from the wireless laptop ?

I think in order for traffic from the wireless laptop to travel through the 877 to the switch and then the firewall and then back, you would need to establish some sort of policy routing. Traffic from the wirless laptop needs to be matched and the next hop needs to be the inside IP address of the firewall (172.16.100.4, as far as I can tell from your drawing). So on your 877, the route map should look like this:

route-map WIRELESS permit 10

match ip address 1

set ip next-hop 172.16.100.4

!

access-list 1 permit 10.10.10.0 0.0.0.255

Apply the route map to the incoming (DOT1) interface of the 877, that is the interface where the wirless laptop is connected to, with the ´ip policy route-map WIRELESS´ command.

Assuming that your firewall has a route back to the 877, the traffic should now first go to the firewall, and then back to the 877...

Can you try and see if this works ?

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

Thank you for the pointer, I have tried it to-day and I can now get out onto the internet from the wireless (DOT1) interface. The Vlan is not yet working as I cannot ping from the router at the moment. This is just "finger trouble" on my part I am sure. Your conf has worked a treat!!!

Thank you very much

Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

good to hear that you are making progress...

Where are you trying to ping to from the router ?

Keep in mind that, when you use the ´ping´ command on the router, the default source for the ping is the interface closest to the destination. You might want to try an extended ping, just type ´ping´ and hit , that will give you configurable options...

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

I am trying from two different palaces. from a client through the wireless interface and from the router itself. If I do not Vlan the intel switch I can ping it from the router only, (bearing in mind that I was never able to ping from the wireless client). If on the other hand I vlan the switch with 802.1q encapsulation and also on the dotradio0.2 plus the vlan 2 interface on the router then I can not ping it. In writing this down it is begining to suggest a route issue ?

Kind Regards

Athol Reid

New Member

Re: Cisco 877W comms problem

Hi Georg

I have been experimenting with the policy maps and routing, the situation that I am currently in is the same as before in that from the Windows XP Pro client ip 10.10.10.51 I can ping the gateway on 10.10.10.1 and I can also resolve web IP addresses but I can not ping 172.16.100.x devices. I have posted my conf in an attempt to be helpful and I would appreciate it if you could have a look and comment please.

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

hostname ADSLW-ROUTER

boot-start-marker

boot-end-marker

logging buffered 52000 debugging

!

no aaa new-model

!

resource policy

!

clock timezone PCTime 12

ip subnet-zero

no ip source-route

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1 10.10.10.49

ip dhcp excluded-address 10.10.10.100 10.10.10.254

!

ip dhcp pool wireless-1

import all

network 10.10.10.0 255.255.255.0

domain-name reid.co.nz

dns-server 203.109.252.42 203.109.252.42

default-router 10.10.10.1

!

!

no ip bootp server

no ip domain lookup

ip domain name reid.co.nz

ip name-server 203.109.252.43

ip name-server 203.109.252.42

ip ssh time-out 60

ip ssh authentication-retries 2

ip ddns update method sdm_ddns1

DDNS both

no spanning-tree vlan 1

no spanning-tree vlan 2

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.2 point-to-point

pvc 0/100

encapsulation aal5mux ppp dialer

dialer pool-member 1

interface FastEthernet2

switchport mode trunk

!

interface Dot11Radio0

no ip address

ssid ADSLW-1

vlan 2

authentication open

guest-mode

!

interface Dot11Radio0.2

encapsulation dot1Q 2

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no snmp trap link-status

no cdp enable

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_OUTSIDE$

ip address 192.168.100.254 255.255.255.0

ip verify unicast reverse-path

ip nat inside

ip virtual-reassembly

!

interface Vlan2

description $FW_INSIDE$

ip address 172.16.11.14 255.255.255.0

ip nat inside

ip virtual-reassembly

fair-queue 2 256 0

!

interface Dialer0

ip ddns update sdm_ddns1

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname USERID

ppp chap password 7 PASSWORD

ppp pap sent-username USERID password

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 5 life 86400 requests 10000

ip nat inside source list 1 interface Dialer0 overload

!

access-list 1 permit 192.168.100.0 0.0.0.255

access-list 1 permit 10.10.10.0 0.0.0.255

dialer-list 1 protocol ip permit

snmp-server community public RO

no cdp run

route-map dotradio0.2 permit 10

match ip address 1

set ip next-hop 172.16.100.4

!

!

control-plane

!

end

Kind Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

from what I can tell from your configuration, you would need to apply the route map to your Dot11Radio0.2 and VLAN1 interfaces:

interface Dot11Radio0.2

encapsulation dot1Q 2

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no snmp trap link-status

no cdp enable

--> ip policy route-map dotradio0.2

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_OUTSIDE$

ip address 192.168.100.254 255.255.255.0

ip verify unicast reverse-path

ip nat inside

--> ip policy route-map dotradio0.2

ip virtual-reassembly

Can you try this and see if that makes a difference ?

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

I have put the commands in but they have not had the desired effect yet. I did a sh vlans dot1q and the results are below

ADSLW-ROUTER#sh vlans dot1q

Total statistics for 802.1Q VLAN 1:

0 packets, 0 bytes input

0 packets, 0 bytes output

Total statistics for 802.1Q VLAN 2:

7865 packets, 853292 bytes input

11718 packets, 14695364 bytes output

Kind Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

I hope that I am not just adding to the confusion, but your VLAN 1 interface has an IP address of 192.168.100.254, and the inside interface of your firewall, which is in VLAN 1 as well, has an IP address of 172.16.100.4. If you have an IP address available form the 172.16.100.0/24 range, can you try and put it on the VLAN 1 interface of your router as a secondary address ?

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_OUTSIDE$

ip address 192.168.100.254 255.255.255.0

--> ip address 172.16.100.1 255.255.255.0 secondary

ip verify unicast reverse-path

ip nat inside

ip virtual-reassembly

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

I have done as you suggested but it stopped all comms at the 192.168.100.254 interface. I added an access-list of 192.168.100.0 0.0.0.255 and tried again but to no avail. I removed the entries in the meantime so that I could respond.

Kind Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello,

all right...I think I made a mistake in the first place by adding the 192.168.100.0/24 subnet to the route map. Can you take this out of access list 1, and also take the route map off interface VLAN 1 ? So your config would look like this:

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

hostname ADSLW-ROUTER

boot-start-marker

boot-end-marker

logging buffered 52000 debugging

!

no aaa new-model

!

resource policy

!

clock timezone PCTime 12

ip subnet-zero

no ip source-route

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1 10.10.10.49

ip dhcp excluded-address 10.10.10.100 10.10.10.254

!

ip dhcp pool wireless-1

import all

network 10.10.10.0 255.255.255.0

domain-name reid.co.nz

dns-server 203.109.252.42 203.109.252.42

default-router 10.10.10.1

!

!

no ip bootp server

no ip domain lookup

ip domain name reid.co.nz

ip name-server 203.109.252.43

ip name-server 203.109.252.42

ip ssh time-out 60

ip ssh authentication-retries 2

ip ddns update method sdm_ddns1

DDNS both

no spanning-tree vlan 1

no spanning-tree vlan 2

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.2 point-to-point

pvc 0/100

encapsulation aal5mux ppp dialer

dialer pool-member 1

interface FastEthernet2

switchport mode trunk

!

interface Dot11Radio0

no ip address

ssid ADSLW-1

vlan 2

authentication open

guest-mode

!

interface Dot11Radio0.2

encapsulation dot1Q 2

ip address 10.10.10.1 255.255.255.0

ip nat inside

-->ip policy route-map dotradio0.2

ip virtual-reassembly

no snmp trap link-status

no cdp enable

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_OUTSIDE$

ip address 192.168.100.254 255.255.255.0

ip verify unicast reverse-path

ip nat inside

ip virtual-reassembly

!

interface Vlan2

description $FW_INSIDE$

ip address 172.16.11.14 255.255.255.0

ip nat inside

ip virtual-reassembly

fair-queue 2 256 0

!

interface Dialer0

ip ddns update sdm_ddns1

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname USERID

ppp chap password 7 PASSWORD

ppp pap sent-username USERID password

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 5 life 86400 requests 10000

ip nat inside source list 1 interface Dialer0 overload

!

access-list 1 permit 10.10.10.0 0.0.0.255

dialer-list 1 protocol ip permit

snmp-server community public RO

no cdp run

route-map dotradio0.2 permit 10

match ip address 1

set ip next-hop 172.16.100.4

!

!

control-plane

!

end

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

Thank you for that. I removed everything back to the last conf you uploaded. once this was done and I tried to ping the DNS server I was not able to get through from any network. I added another access-list to allow coms to the outside world and I have listed it below.

access-list 1 permit 10.10.10.0 0.0.0.255

access-list 2 remark SDM_ACL Category=2

access-list 2 remark From Vlan1 to outside

access-list 2 permit any

dialer-list 1 protocol ip permit

snmp-server community public RO

no cdp run

route-map dotradio0.2 permit 10

match ip address 1

set ip next-hop 172.16.100.4

I guess I am confused about the routing and also if Tagging is actually working, as I said before I pulled the cable that directly connects the router to the switch on port 6 and data flow stopped. Now I am just confused as to how that actually worked in the first place or was I mistaken and it never worked.???

Georg I appreciate your advice and any scraps you wish to throw my way are gratefully received and hopefully assimulated.

Kind Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

I will try to set this up in a lab and see if I can make it work. I'll let you know...

Due to the time difference (it is about 11PM over here, you might get this tomorrow).

Regards,

GP

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

have a look at this configuration (changed somewhat from the previous), basically what I did was bridge the wireless DOT interface to a BVI, and also add the command ´switchport mode trunk´ to the FastEthernet interface on the router where your switch is connected to.

You might want to make a backup first of the current configuration before putting this one in...)

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

hostname ADSLW-ROUTER

boot-start-marker

boot-end-marker

logging buffered 52000 debugging

!

no aaa new-model

!

--> bridge irb

!

resource policy

!

clock timezone PCTime 12

ip subnet-zero

no ip source-route

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1 10.10.10.49

ip dhcp excluded-address 10.10.10.100 10.10.10.254

!

ip dhcp pool wireless-1

import all

network 10.10.10.0 255.255.255.0

domain-name reid.co.nz

dns-server 203.109.252.42 203.109.252.42

default-router 10.10.10.1

!

!

no ip bootp server

no ip domain lookup

ip domain name reid.co.nz

ip name-server 203.109.252.43

ip name-server 203.109.252.42

ip ssh time-out 60

ip ssh authentication-retries 2

ip ddns update method sdm_ddns1

DDNS both

no spanning-tree vlan 1

no spanning-tree vlan 2

!

--> This is the interface where your switch is connected to

-->interface FastEthernet3

--> switchport mode trunk

-->no ip address

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.2 point-to-point

pvc 0/100

encapsulation aal5mux ppp dialer

dialer pool-member 1

interface FastEthernet2

switchport mode trunk

!

interface Dot11Radio0

no ip address

ssid ADSLW-1

vlan 2

authentication open

guest-mode

!

-->interface Dot11Radio0.2

-->encapsulation dot1Q 2

-->bridge-group 2

-->bridge-group 2 subscriber-loop-control

-->bridge-group 2 spanning-disabled

-->bridge-group 2 block-unknown-source

-->no bridge-group 2 source-learning

-->no bridge-group 2 unicast-flooding

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_OUTSIDE$

ip address 192.168.100.254 255.255.255.0

ip verify unicast reverse-path

ip nat inside

ip virtual-reassembly

!

interface Vlan2

description $FW_INSIDE$

ip address 172.16.11.14 255.255.255.0

ip nat inside

ip virtual-reassembly

fair-queue 2 256 0

!

interface Dialer0

ip ddns update sdm_ddns1

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname USERID

ppp chap password 7 PASSWORD

ppp pap sent-username USERID password

!

interface BVI2

-->ip address 10.10.10.1 255.255.255.0

-->ip policy route-map dotradio0.2

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 5 life 86400 requests 10000

ip nat inside source list 1 interface Dialer0 overload

!

access-list 1 permit 10.10.10.0 0.0.0.255

access-list 2 remark SDM_ACL Category=2

access-list 2 remark From Vlan1 to outside

access-list 2 permit any

dialer-list 1 protocol ip permit

snmp-server community public RO

no cdp run

route-map dotradio0.2 permit 10

match ip address 1

set ip next-hop 172.16.100.4

!

-->bridge 2 route ip

!

control-plane

!

end

Let me know if this somehow works better...

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

Thanks for the Conf I include the new one below:

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

hostname ADSLW-ROUTER

boot-start-marker

boot-end-marker

logging buffered 52000 debugging

no aaa new-model

resource policy

clock timezone PCTime 12

ip subnet-zero

no ip source-route

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1 10.10.10.49

ip dhcp excluded-address 10.10.10.100 10.10.10.254

!

ip dhcp pool wireless-1

import all

network 10.10.10.0 255.255.255.0

domain-name reid.co.nz

dns-server 203.109.252.42 203.109.252.42

default-router 10.10.10.1

!

no ip bootp server

no ip domain lookup

ip domain name reid.co.nz

ip name-server 203.109.252.43

ip name-server 203.109.252.42

ip ssh time-out 60

ip ssh authentication-retries 2

ip ddns update method sdm_ddns1

DDNS both

!

no spanning-tree vlan 1

no spanning-tree vlan 2

!

bridge irb

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.2 point-to-point

pvc 0/100

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

switchport mode trunk

!

interface FastEthernet3

!

interface Dot11Radio0

no ip address

ssid ADSLW-1

vlan 2

authentication open

guest-mode

!

world-mode dot11d country NZ both

speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0

channel 2462

station-role root

!

interface Dot11Radio0.2

encapsulation dot1Q 2

no snmp trap link-status

no cdp enable

bridge-group 2

bridge-group 2 subscriber-loop-control

bridge-group 2 spanning-disabled

bridge-group 2 block-unknown-source

no bridge-group 2 source-learning

no bridge-group 2 unicast-flooding

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_OUTSIDE$

ip address 192.168.100.254 255.255.255.0

ip verify unicast reverse-path

ip nat inside

ip virtual-reassembly

!

interface Vlan2

description $FW_INSIDE$

ip address 172.16.11.14 255.255.255.0

ip nat inside

ip virtual-reassembly

fair-queue 2 256 0

!

interface Dialer0

ip ddns update sdm_ddns1

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

!

interface BVI2

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip policy route-map dotradio0.2

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 5 life 86400 requests 10000

ip nat inside source list 1 interface Dialer0 overload

ip nat inside source list 101 interface Dialer0 overload

ip nat inside source static tcp 192.168.100.252 222 interface Dialer0 222

ip nat inside source static tcp 192.168.100.252 4899 interface Dialer0 4899

ip nat inside source static tcp 192.168.100.252 443 interface Dialer0 443

!

access-list 1 remark From Wireless to dialer 0

access-list 1 remark SDM_ACL Category=18

access-list 1 permit 10.10.10.0 0.0.0.255

access-list 101 remark From vlan 1 to outside

access-list 101 remark SDM_ACL Category=2

access-list 101 permit ip 192.168.100.0 0.0.0.255 any

dialer-list 1 protocol ip permit

snmp-server community public RO

no cdp run

route-map dotradio0.2 permit 10

match ip address 1

set ip next-hop 172.16.100.4

!

control-plane

!

bridge 2 route ip

OK what happened was that once the conf was in there was no comms between 10.10.10.1 and anything and no translation on the dialer 0. Once this was done I am back to where I was prior to any changes. can't think of anything else at this point

Kind Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

not good...

I´ll check again, and let you know.

Regards,

GP

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

did you actually have the ´switchport mode trunk´ command configured on your FastEthernet 2 interface already, that is, before I sent you the last configuration ? I am thinking that you might need to add ´switchport trunk encapsulation dot1q´, since you are connecting to a non-Cisco switch, and since the default trunking mode on Cisco is ISL (which is Cisco-proprietary)...

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

Yes you are right, I shall reloasd and advise.

Kind Regards

Athol reid

New Member

Re: Cisco 877W comms problem

Hi Georg

Ok I removed all trunking commands and started again. Still no joy.

Kind Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

sorry for the misunderstanding, what I meant to say was: make sure that the trunking is configured:

interface FastEthernet2

switchport trunk encapsulation dot1

switchport mode trunk

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

Sorry it was the way I worded my reply to you. Your instructions were fine. I removed then reinserted the commands to make sure I started at the beginning again. I note that the command is "switchport trunk encapsulation dot1" rather than "dot1q" can you confirm this is correct please? In the mean time I shall input the commands given. I have now done this and when I run "sh run int fast 2" command all I get back is :

interface FastEthernet2

switchport mode trunk

There is not indication that encapsulation has been accepted do you know if this is correct ?

At the moment I can ping the 10.10.10.0 network, Translation is working on the dialer 0 interface and I can ping the 192.168.100.254 interface.

I am wondering is there any way to tell if encapsulation is actually working ?

for info only: I have been given a cisco catalyst 500 express switch to use for fault finding. but I do not want to introduce any new problems at this point so I shall not be using this unless you indicate that it will be ok.

Kind Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

ok...

Can you put the configuration back to what it was when you had connectivity except for the VLAN 2 clients, then add one of the VLAN 2 clients directly to one of the FastEthernet ports on your router (and put that port in VLAN 2 with the ´switchport access vlan 2´ command) ? Does that client then have connectivity ?

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

I changed the config back and after testing connectivity I then got my wifes pc (I'm in trouble) changed the IP address to 172.16.11.25 and put it directly off FastEthernet 3 put in the command under interface FastEthernet 3 "switchport access vlan 2"

I am sorry to report that it has not worked. I have included the relevant parts of the conf below

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

switchport mode trunk

!

interface FastEthernet3

switchport access vlan 2

!

interface Dot11Radio0

no ip address

!

ssid ADSLW-1

vlan 2

authentication open

guest-mode

!

world-mode dot11d country NZ both

speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0

channel 2462

station-role root

!

interface Dot11Radio0.2

encapsulation dot1Q 2

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip policy route-map dotradio0.2

no snmp trap link-status

no cdp enable

bridge-group 2

bridge-group 2 subscriber-loop-control

bridge-group 2 spanning-disabled

bridge-group 2 block-unknown-source

no bridge-group 2 source-learning

no bridge-group 2 unicast-flooding

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_OUTSIDE$

ip address 192.168.100.254 255.255.255.0

ip verify unicast reverse-path

ip nat inside

ip virtual-reassembly

!

interface Vlan2

description $FW_INSIDE$

ip address 172.16.11.14 255.255.255.0

ip nat inside

ip virtual-reassembly

fair-queue 2 256 0

bridge-group 2

bridge-group 2 spanning-disabled

Kind Regards

Athol Reid

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

can you try and take the bridge-group commands off interface Vlan 2 ?

interface Vlan2

description $FW_INSIDE$

ip address 172.16.11.14 255.255.255.0

ip nat inside

ip virtual-reassembly

fair-queue 2 256 0

-->no bridge-group 2

-->no bridge-group 2 spanning-disabled

Basically, what I am trying to do is isolate the problem to one piece of equipment, which in your case I think might be the switch. If we can prove that a PC connected directly to the router on Vlan 2 works, the only piece of equipment that is left is the switch...

Regards,

GP

New Member

Re: Cisco 877W comms problem

Hi Georg

I removed all reference to bridging and I put FastEthernet 3 into vlan 2 and connected a workstation direct to FastEthernet 3 port and was able to ping from the 10.10.10.0 network that computer

Kind Regards

Athol

VIP Purple

Re: Cisco 877W comms problem

Hello Athol,

I have a feeling we are getting stuck...

Can you contact me offline ? If you have Skype, my ID is 'solutionfindershelpdesk', if you have MSN, my ID is helpdesk@solutionfinders.nl'. Otherwise, my email address is helpdesk@soltuionfinders.nl...

Regards,

GP

177
Views
9
Helpful
27
Replies
CreatePlease to create content