Help needed - missing something simple(?) with 857W config
I have an 857W (c850-advsecurityk9-mz.124-15.T12) and want to use it to allow clients connected via wireless to browse the web.
ATM0.1 comes up and gets an IP address from my ISP Clients connect over wireless to the router and get an IP from the DHCP pool after inputting the WEP key
However at no point (in my 4 evenings of trying!) have I got the client PC to ping an external address!
The whole config is below, after getting the wireless going my checklist was basically: - Set default route = ATM0.1 - Allow NAT such that internal 192.168.1.0 can share the ATM0.1 address - Add an ACL so 192.168.1.0 hosts can get out to 'any'
If I add 'no ip routing' to the config below I can resolve names and ping external hosts - so the router is connected to the internet at that point.
I've never used wireless with Cisco before so suspect my understanding of the bridging could be part of the problem... any hints will be gratefully recieved.
#################################################### ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname C857W ! boot-start-marker boot system flash c850-advsecurityk9-mz.124-15.T12.bin boot-end-marker ! enable secret 5 $1$xQCU$xxxxxxxxxx enable password 7 072E344xxxxxxxxxxx ! aaa new-model ! ! ! ! aaa session-id common clock timezone London 0 ! ! dot11 syslog ! dot11 ssid runlevel5 authentication open guest-mode ! no ip dhcp use vrf connected ip dhcp excluded-address 192.168.1.1 ip dhcp excluded-address 192.168.1.2 ip dhcp excluded-address 192.168.1.3 ip dhcp excluded-address 192.168.1.5 ip dhcp excluded-address 192.168.1.6 ip dhcp excluded-address 192.168.1.7 ip dhcp excluded-address 192.168.1.8 ip dhcp excluded-address 192.168.1.9 ip dhcp excluded-address 192.168.1.10 ip dhcp excluded-address 192.168.1.20 ! ip dhcp pool lan-pool import all network 192.168.1.0 255.255.255.0 dns-server 126.96.36.199 188.8.131.52 default-router 192.168.1.1 lease 0 12 ! ip dhcp pool zulu host 192.168.1.4 255.255.255.0 client-identifier 0100.1150.3e30.0e dns-server 184.108.40.206 220.127.116.11 default-router 192.168.1.1 ! ! ip cef ip name-server 18.104.22.168 ip name-server 22.214.171.124 ip ddns update method dyndns HTTP add http://xxxxxxxxx:xxxxxxxxx%40members.dyndns.org/nic/update%3Fsystem=dyndns&hostname=<h>&myip=<a> interval maximum 1 0 0 0 ! ! ! ! username jason privilege 15 password 7 13081247xxxxxxxxxE username admin privilege 15 password 7 1214004xxxxxxxx57F ! ! archive log config hidekeys ! ! ! bridge irb ! ! interface ATM0 no ip address no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point description ADSL2+ isp ip ddns update hostname xxxx.gotdns.com ip access-group 102 out ip ddns update dyndns ip address dhcp ip nat outside ip virtual-reassembly atm route-bridged ip pvc 0/101 oam-pvc manage encapsulation aal5snap ! ! interface FastEthernet0 shutdown ! interface FastEthernet1 shutdown ! interface FastEthernet2 shutdown ! interface FastEthernet3 shutdown ! interface Dot11Radio0 no ip address ! encryption key 1 size 128bit 7 E83EE2xxxxxxxxxxxxxBBEBDC1 transmit-key encryption mode wep mandatory ! ssid hillcrest ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 channel 2462 station-role root rts threshold 2312 world-mode dot11d country GB indoor bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Vlan1 no ip address ip nat inside ip virtual-reassembly bridge-group 1 bridge-group 1 spanning-disabled ! interface BVI1 ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 ATM0.1 ! ip http server no ip http secure-server ip dns server ! Allow ssh to zulu from outside ip nat inside source static tcp 192.168.1.4 22 interface ATM0.1 22 ! Allow outbound hosts to share external ip ip nat inside source list 1 interface ATM0.1 overload ! access-list 1 permit 192.168.1.0 access-list 102 permit ip 192.168.1.0 0.0.0.255 any
snmp-server community Hillcrest RO no cdp run ! control-plane ! bridge 1 protocol ieee ! Do I need this? bridge 1 route ip ! line con 0 no modem enable transport preferred none line aux 0 line vty 0 4 password 7 04560E53xxxxxxxxx transport preferred none transport input telnet ssh ! scheduler max-task-time 5000 end
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...