cancel
Showing results for 
Search instead for 
Did you mean: 

Configuring Cisco 877w Multi SSID & Vlans

jamieSW
Dabbler
Posts: 10
Registered: 20-03-2009

Configuring Cisco 877w Multi SSID & Vlans

Below is a copy of my current running config. I cannot seem to get internet access from my guestap(vlan2/10.10.10.xxx). and also cannot see my main ap(PRIVATEAP/172.16.xxx.xxx) to connect on to it.
any ideas,
thanks
Jamie
Building configuration...
Current configuration : 9963 bytes
!
! Last configuration change at 13:59:32 PCTime Thu Aug 13 2009 by jamie
! NVRAM config last updated at 13:46:53 PCTime Thu Aug 13 2009 by jamie
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname router
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $17897897893
!
no aaa new-model
!
resource policy
!
clock timezone PCTime 0
clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
ip subnet-zero
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
  import all
  network 10.10.10.0 255.255.255.0
  default-router 10.10.10.1
  dns-server 172.16.1.10 212.159.6.9
  lease 0 2
!
!
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
no ip domain lookup
ip domain name plus.com
!
!
crypto pki trustpoint TP-self-signed-3484863271
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3484863271
revocation-check none
rsakeypair TP-self-signed-3484863271
!
!
crypto pki certificate chain TP-self-signed-3484863271
certificate self-signed 01
 
username root privilege 15 secret 5 $1$XC00$4558957DF/
!
!
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
no ip route-cache cef
no ip route-cache
!
encryption vlan 1 mode wep mandatory
!
encryption vlan 2 key 1 size 40bit 0 1A2B3C4D5E transmit-key
encryption vlan 2 mode wep mandatory
!
ssid GUESTAP
    vlan 2
    authentication open
    guest-mode
!
ssid PRIVATEAP
    vlan 1
    authentication open
    infrastructure-ssid optional
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
rts threshold 2312
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
no snmp trap link-status
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
no snmp trap link-status
no cdp enable
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 spanning-disabled
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface Vlan2
no ip address
ip tcp adjust-mss 1452
bridge-group 2
!
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
ip access-group 103 in
ip inspect SDM_LOW out
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname username@plusdsl.net
ppp chap password 0 password
ppp pap sent-username username@plusdsl.net password 0 password
!
interface BVI1
description $ES_LAN$$FW_INSIDE$
ip address 172.16.0.1 255.255.0.0
ip access-group 100 in
ip nat inside
ip virtual-reassembly
!
interface BVI2
description $ES_LAN2$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
ip access-group 101 in
ip nat inside
ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 172.16.1.10 25 84.92.xxx.xxx 25 extendable
ip nat inside source static tcp 172.16.1.10 80 84.92.xxx.xxx 80 extendable
ip nat inside source static tcp 172.16.1.10 443 84.92.xxx.xxx 443 extendable
!
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 172.16.0.0 0.0.255.255
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny  ip 10.10.10.0 0.0.0.255 any
access-list 100 deny  ip host 255.255.255.255 any
access-list 100 deny  ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 101 remark auto generated by SDM firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 deny  ip 172.16.0.0 0.0.255.255 any
access-list 101 deny  ip host 255.255.255.255 any
access-list 101 deny  ip 127.0.0.0 0.255.255.255 any
access-list 101 permit ip any any
access-list 102 remark auto generated by SDM firewall configuration
access-list 102 remark SDM_ACL Category=1
access-list 102 permit tcp any host 84.92.xxx.xxx eq 443
access-list 102 permit tcp any host 84.92.xxx.xxx eq www
access-list 102 permit tcp any host 84.92.xxx.xxx eq smtp
access-list 102 deny  ip 10.10.10.0 0.0.0.255 any
access-list 102 deny  ip 172.16.0.0 0.0.255.255 any
access-list 102 permit icmp any any echo-reply
access-list 102 permit icmp any any time-exceeded
access-list 102 permit icmp any any unreachable
access-list 102 deny  ip 10.0.0.0 0.255.255.255 any
access-list 102 deny  ip 172.16.0.0 0.15.255.255 any
access-list 102 deny  ip 192.168.0.0 0.0.255.255 any
access-list 102 deny  ip 127.0.0.0 0.255.255.255 any
access-list 102 deny  ip host 255.255.255.255 any
access-list 102 deny  ip host 0.0.0.0 any
access-list 102 deny  ip any any log
access-list 102 remark auto generated by SDM firewall configuration
access-list 102 remark SDM_ACL Category=1
access-list 103 remark auto generated by SDM firewall configuration
access-list 103 remark SDM_ACL Category=1
access-list 103 permit tcp any host 84.92.xxx.xxx eq 443
access-list 103 permit tcp any host 84.92.xxx.xxx eq www
access-list 103 permit tcp any host 84.92.xxx.xxx eq smtp
access-list 103 deny  ip 10.10.10.0 0.0.0.255 any
access-list 103 deny  ip 172.16.0.0 0.0.255.255 any
access-list 103 permit icmp any any echo-reply
access-list 103 permit icmp any any time-exceeded
access-list 103 permit icmp any any unreachable
access-list 103 deny  ip 10.0.0.0 0.255.255.255 any
access-list 103 deny  ip 172.16.0.0 0.15.255.255 any
access-list 103 deny  ip 192.168.0.0 0.0.255.255 any
access-list 103 deny  ip 127.0.0.0 0.255.255.255 any
access-list 103 deny  ip host 255.255.255.255 any
access-list 103 deny  ip host 0.0.0.0 any
access-list 103 deny  ip any any log
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
bridge 3 protocol ieee
bridge 3 route ip