From: Dane Newman (dane.newman@gmail.com)
Date: Sun May 25 2008 - 22:52:21 ART
Ok so figured it out sorta below is the working config with wireless all the
config needs to be done under a single physical radio shrug go figure. I
needed to create sub interfaces and I could not use the other physical radio
(no clue why still) but it works so shrug
Cisco1811W#show run
Building configuration...
Current configuration : 6313 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Cisco1811W
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 $1$CgTB$6617EQ7ot3k.i2yBibDGW.
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
errdisable recovery cause bpduguard
errdisable recovery interval 400
!
crypto pki trustpoint TP-self-signed-1771713933
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1771713933
revocation-check none
rsakeypair TP-self-signed-1771713933
!
!
crypto pki certificate chain TP-self-signed-1771713933
certificate self-signed 01
30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373731 37313339 3333301E 170D3038 30353236 30313339
33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37373137
31333933 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C2F9 BD7032FD A89AFCB5 EE3F8408 BF851C99 90BC7E4F 2E150363 00E81900
CDA0124E 8B96BDCC 9E9D203F 39CCFD69 5F014BDC FEFAC15D 9B3C0C9E EA5E0948
88F56661 3E587B2A F613BCCB 38141B9C 1F4CFFF3 AD31CE89 601B2861 62279B57
01CF45EF 03A00269 4D406334 A1F2EB61 14214088 3FBF0B5C 97702BB7 3DE5D6C0
60F10203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603
551D1104 0E300C82 0A436973 636F3138 31315730 1F060355 1D230418 30168014
A0E7D670 0AF799D5 97AC2B3B A40AFB15 D21CB57A 301D0603 551D0E04 160414A0
E7D6700A F799D597 AC2B3BA4 0AFB15D2 1CB57A30 0D06092A 864886F7 0D010104
05000381 810047AD 38C08647 383F21D7 2622297D A75CC883 A9C4C592 E407E110
3D2487C6 3FA94189 1EF39C63 5C87B109 B5C5FC27 84B2509D 4F2D34F2 2DF4A93E
F0DEA0C6 D7FE368E B5F535EF 4793AA66 CBA914C2 A63DD192 D4FF451E 9BE8A064
17031005 621061AD 1EFCA441 454679DC 2536B311 625B3E56 21A81335 FCEE9F12
A3963DB0 AE1D
quit
!
!
!
dot11 ssid datascguest
vlan 20
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 011D0F03531F11063244
!
dot11 ssid newmannet
vlan 10
authentication open
authentication key-management wpa
wpa-psk ascii 7 14251708030D267274
!
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 172.16.1.0 172.16.1.50
ip dhcp excluded-address 192.168.1.0 192.168.1.50
!
ip dhcp pool vlan10
network 172.16.1.0 255.255.255.0
default-router 172.1.16.1
dns-server 4.2.2.2
!
ip dhcp pool vlan20
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 4.2.2.2
!
!
no ip domain lookup
ip inspect name CBAC tcp
ip inspect name CBAC udp
!
multilink bundle-name authenticated
!
!
!
spanning-tree portfast bpduguard
username dnewman privilege 15 password 7 0121030754020A5671
archive
log config
hidekeys
!
!
ip ssh version 2
bridge irb
!
!
!
interface FastEthernet0
ip address dhcp
ip access-group internet in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect CBAC out
ip virtual-reassembly
duplex auto
speed auto
no cdp enable
!
interface FastEthernet1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet3
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet4
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet5
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet6
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet7
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet8
switchport access vlan 10
spanning-tree portfast
!
interface FastEthernet9
switchport access vlan 20
spanning-tree portfast
!
interface Dot11Radio0
no ip address
no dot11 extension aironet
!
encryption vlan 10 mode ciphers tkip
!
encryption vlan 20 mode ciphers tkip
!
ssid datascguest
!
ssid newmannet
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
48.0 54.0
station-role root
no cdp enable
!
interface Dot11Radio0.10
encapsulation dot1Q 10
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 spanning-disabled
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
!
interface Dot11Radio0.20
encapsulation dot1Q 20
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 spanning-disabled
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
!
interface Dot11Radio1
no ip address
no dot11 extension aironet
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
station-role root
!
interface Vlan1
no ip address
!
interface Vlan10
description internal network
no ip address
ip nat inside
ip virtual-reassembly
bridge-group 10
bridge-group 10 spanning-disabled
!
interface Vlan20
description guest wireless vlan
no ip address
ip nat inside
ip virtual-reassembly
bridge-group 20
bridge-group 20 spanning-disabled
!
interface Async1
no ip address
encapsulation slip
!
interface BVI10
ip address 172.16.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface BVI20
description bridge to guest wireless network
ip address 192.168.1.1 255.255.255.0
ip access-group guest-acl in
ip nat inside
ip virtual-reassembly
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0
!
!
no ip http server
ip http secure-server
ip nat inside source list NATNETWORKS interface FastEthernet0 overload
!
ip access-list standard NATNETWORKS
permit 192.168.1.0 0.0.0.255
permit 172.16.1.0 0.0.0.255
!
ip access-list extended guest-acl
deny ip any 172.1.16.0 0.0.0.255
permit ip any any
ip access-list extended internet
permit udp any eq bootps any eq bootpc
permit icmp any any echo
permit icmp any any echo-reply
permit icmp any any traceroute
permit gre any any
permit esp any any
!
!
!
!
!
!
!
control-plane
!
bridge 10 route ip
bridge 20 route ip
!
line con 0
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 5 15
!
!
webvpn cef
end
On Sun, May 25, 2008 at 12:36 PM, Dane Newman <dnewman@datasc.com> wrote:
> So this is my first time trying to configure wireless. I configured 2
> wireless ssid's that I want to broadcast. The problem is I get
>
>
> *May 24 02:09:34.251: %DOT11-4-NO_SSID: No SSID configured. Dot11Radio0 not
> started.
>
>
> Interface IP-Address OK? Method Status
> Protocol
> FastEthernet0 unassigned YES DHCP up
> down
> FastEthernet1 unassigned YES NVRAM administratively down
> down
> FastEthernet2 unassigned YES unset up
> down
> FastEthernet3 unassigned YES unset up
> down
> FastEthernet4 unassigned YES unset up
> down
> FastEthernet5 unassigned YES unset up
> down
> FastEthernet6 unassigned YES unset up
> down
> FastEthernet7 unassigned YES unset up
> down
> FastEthernet8 unassigned YES unset up
> down
> FastEthernet9 unassigned YES unset up
> down
> Dot11Radio0 unassigned YES NVRAM reset
> down
> Dot11Radio1 unassigned YES NVRAM reset
> down
>
> Cisco1811W#show run
> Building configuration...
> Current configuration : 6260 bytes
> !
> version 12.4
> service timestamps debug datetime msec
> service timestamps log datetime msec
> service password-encryption
> !
> hostname Cisco1811W
> !
> boot-start-marker
> boot-end-marker
> !
> enable secret 5 $1$CgTB$6617EQ7ot3k.i2yBibDGW.
> !
> aaa new-model
> !
> !
> aaa authentication login default local
> aaa authorization exec default local
> !
> !
> aaa session-id common
> errdisable recovery cause bpduguard
> errdisable recovery interval 400
> !
> crypto pki trustpoint TP-self-signed-1771713933
> enrollment selfsigned
> subject-name cn=IOS-Self-Signed-Certificate-1771713933
> revocation-check none
> rsakeypair TP-self-signed-1771713933
> !
> !
> crypto pki certificate chain TP-self-signed-1771713933
> certificate self-signed 01
> 30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
> 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
> 69666963 6174652D 31373731 37313339 3333301E 170D3038 30353234 30323233
> 35335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
> 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37373137
> 31333933 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
> 8100C2F9 BD7032FD A89AFCB5 EE3F8408 BF851C99 90BC7E4F 2E150363 00E81900
> CDA0124E 8B96BDCC 9E9D203F 39CCFD69 5F014BDC FEFAC15D 9B3C0C9E EA5E0948
> 88F56661 3E587B2A F613BCCB 38141B9C 1F4CFFF3 AD31CE89 601B2861 62279B57
> 01CF45EF 03A00269 4D406334 A1F2EB61 14214088 3FBF0B5C 97702BB7 3DE5D6C0
> 60F10203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603
> 551D1104 0E300C82 0A436973 636F3138 31315730 1F060355 1D230418 30168014
> A0E7D670 0AF799D5 97AC2B3B A40AFB15 D21CB57A 301D0603 551D0E04 160414A0
> E7D6700A F799D597 AC2B3BA4 0AFB15D2 1CB57A30 0D06092A 864886F7 0D010104
> 05000381 81006697 D99E9C96 9C6A9964 0CA9B9A6 1DF5DD5F B45B94B8 F414E5CD
> DCCD530E 3ACFBBE0 F2341570 E9ED1B9C C2E131DD 6F4C157F 25A8BC58 927B53B1
> 3606E215 B05B1A73 B7D8B2FB 52C281DE 91AB5B88 E7727FDC 905A6554 06A87E8A
> 1D2B991F ACDAD8A5 9D46F7AC ADD1A266 079B571F 08DAF327 3A4494D4 DA01FAA5
> 27084298 CF9F
> quit
> !
> !
> !
> dot11 ssid datascexternal
> vlan 20
> authentication open
> authentication key-management wpa
> guest-mode
> wpa-psk ascii 7 removed
> !
> dot11 ssid datascinternal
> vlan 10
> authentication open
> authentication key-management wpa
> guest-mode
> wpa-psk ascii 7 removed
> !
> !
> ip cef
> no ip dhcp use vrf connected
> ip dhcp excluded-address 172.16.1.0 172.16.1.50
> ip dhcp excluded-address 192.168.1.0 192.168.1.50
> !
> ip dhcp pool vlan10
> network 172.16.1.0 255.255.255.0
> default-router 172.1.16.1
> domain-name datasc.local
> dns-server 172.16.1.2 4.2.2.2
> netbios-name-server 172.16.1.2
> !
> ip dhcp pool vlan20
> network 192.168.1.0 255.255.255.0
> default-router 192.168.1.1
> dns-server 4.2.2.2
> !
> !
> no ip domain lookup
> ip inspect name CBAC tcp
> ip inspect name CBAC udp
> !
> multilink bundle-name authenticated
> !
> !
> !
> spanning-tree portfast bpduguard
> username dnewman privilege 15 password 7 0121030754020A5671
> archive
> log config
> hidekeys
> !
> !
> ip ssh version 2
> bridge irb
> !
> !
> !
> interface FastEthernet0
> ip address dhcp
> ip access-group internet in
> ip nat outside
> ip inspect CBAC out
> ip virtual-reassembly
> duplex auto
> speed auto
> no cdp enable
> !
> interface FastEthernet1
> no ip address
> shutdown
> duplex auto
> speed auto
> !
> interface FastEthernet2
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet3
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet4
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet5
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet6
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet7
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet8
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet9
> switchport access vlan 10
> spanning-tree portfast
> !
> interface Dot11Radio0
> no ip address
> no dot11 extension aironet
> !
> encryption vlan 10 mode ciphers tkip
> !
> ssid datascinternal
> !
> speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
> 48.0 54.0
> station-role root
> no cdp enable
> bridge-group 10
> bridge-group 10 subscriber-loop-control
> bridge-group 10 spanning-disabled
> bridge-group 10 block-unknown-source
> no bridge-group 10 source-learning
> no bridge-group 10 unicast-flooding
> !
> interface Dot11Radio1
> no ip address
> no dot11 extension aironet
> !
> encryption vlan 20 mode ciphers tkip
> !
> ssid datascexternal
> !
> speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
> station-role root
> no cdp enable
> bridge-group 20
> bridge-group 20 subscriber-loop-control
> bridge-group 20 spanning-disabled
> bridge-group 20 block-unknown-source
> no bridge-group 20 source-learning
> no bridge-group 20 unicast-flooding
> !
> interface Vlan1
> no ip address
> !
> interface Vlan10
> description internal network
> no ip address
> ip nat inside
> ip virtual-reassembly
> bridge-group 10
> bridge-group 10 spanning-disabled
> !
> interface Vlan20
> description guest wireless vlan
> no ip address
> ip nat inside
> ip virtual-reassembly
> bridge-group 20
> bridge-group 20 spanning-disabled
> !
> interface Async1
> no ip address
> encapsulation slip
> !
> interface BVI10
> ip address 172.16.1.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
> !
> interface BVI20
> description bridge to guest wireless network
> ip address 192.168.1.1 255.255.255.0
> ip access-group guest-acl in
> ip nat inside
> ip virtual-reassembly
> !
> ip route 0.0.0.0 0.0.0.0 FastEthernet0
> !
> !
> no ip http server
> ip http secure-server
> ip nat inside source list NATNETWORKS interface FastEthernet0 overload
> !
> ip access-list standard NATNETWORKS
> permit 192.168.1.0 0.0.0.255
> permit 172.16.1.0 0.0.0.255
> !
> ip access-list extended guest-acl
> deny ip any 172.1.16.0 0.0.0.255
> permit ip any any
> ip access-list extended internet
> permit udp any eq bootps any eq bootpc
> permit icmp any any echo
> permit icmp any any echo-reply
> permit icmp any any traceroute
> permit gre any any
> permit esp any any
> !
> !
> !
> !
> !
> !
> !
> control-plane
> !
> bridge 10 route ip
> bridge 20 route ip
> !
> line con 0
> line 1
> modem InOut
> stopbits 1
> speed 115200
> flowcontrol hardware
> line aux 0
> line vty 5 15
> !
> !
> webvpn cef
> end
>
>
>
> On Fri, May 23, 2008 at 10:47 PM, Dane Newman <dane.newman@gmail.com>
wrote:
> So this is my first time trying to configure wireless. I configured 2
> wireless ssid's that I want to broadcast. The problem is I get
>
>
> *May 24 02:09:34.251: %DOT11-4-NO_SSID: No SSID configured. Dot11Radio0 not
> started.
>
>
> Interface IP-Address OK? Method Status
> Protocol
> FastEthernet0 unassigned YES DHCP up
> down
> FastEthernet1 unassigned YES NVRAM administratively down
> down
> FastEthernet2 unassigned YES unset up
> down
> FastEthernet3 unassigned YES unset up
> down
> FastEthernet4 unassigned YES unset up
> down
> FastEthernet5 unassigned YES unset up
> down
> FastEthernet6 unassigned YES unset up
> down
> FastEthernet7 unassigned YES unset up
> down
> FastEthernet8 unassigned YES unset up
> down
> FastEthernet9 unassigned YES unset up
> down
> Dot11Radio0 unassigned YES NVRAM reset
> down
> Dot11Radio1 unassigned YES NVRAM reset
> down
>
> Cisco1811W#show run
> Building configuration...
>
> Current configuration : 6260 bytes
> !
> version 12.4
> service timestamps debug datetime msec
> service timestamps log datetime msec
> service password-encryption
> !
> hostname Cisco1811W
> !
> boot-start-marker
> boot-end-marker
> !
> enable secret 5 $1$CgTB$6617EQ7ot3k.i2yBibDGW.
> !
> aaa new-model
> !
> !
> aaa authentication login default local
> aaa authorization exec default local
> !
> !
> aaa session-id common
> errdisable recovery cause bpduguard
> errdisable recovery interval 400
> !
> crypto pki trustpoint TP-self-signed-1771713933
> enrollment selfsigned
> subject-name cn=IOS-Self-Signed-Certificate-1771713933
> revocation-check none
> rsakeypair TP-self-signed-1771713933
> !
> !
> crypto pki certificate chain TP-self-signed-1771713933
> certificate self-signed 01
> 30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
> 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
> 69666963 6174652D 31373731 37313339 3333301E 170D3038 30353234 30323233
> 35335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
> 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37373137
> 31333933 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
> 8100C2F9 BD7032FD A89AFCB5 EE3F8408 BF851C99 90BC7E4F 2E150363 00E81900
> CDA0124E 8B96BDCC 9E9D203F 39CCFD69 5F014BDC FEFAC15D 9B3C0C9E EA5E0948
> 88F56661 3E587B2A F613BCCB 38141B9C 1F4CFFF3 AD31CE89 601B2861 62279B57
> 01CF45EF 03A00269 4D406334 A1F2EB61 14214088 3FBF0B5C 97702BB7 3DE5D6C0
> 60F10203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603
> 551D1104 0E300C82 0A436973 636F3138 31315730 1F060355 1D230418 30168014
> A0E7D670 0AF799D5 97AC2B3B A40AFB15 D21CB57A 301D0603 551D0E04 160414A0
> E7D6700A F799D597 AC2B3BA4 0AFB15D2 1CB57A30 0D06092A 864886F7 0D010104
> 05000381 81006697 D99E9C96 9C6A9964 0CA9B9A6 1DF5DD5F B45B94B8 F414E5CD
> DCCD530E 3ACFBBE0 F2341570 E9ED1B9C C2E131DD 6F4C157F 25A8BC58 927B53B1
> 3606E215 B05B1A73 B7D8B2FB 52C281DE 91AB5B88 E7727FDC 905A6554 06A87E8A
> 1D2B991F ACDAD8A5 9D46F7AC ADD1A266 079B571F 08DAF327 3A4494D4 DA01FAA5
> 27084298 CF9F
> quit
> !
> !
> !
> dot11 ssid datascexternal
> vlan 20
> authentication open
> authentication key-management wpa
> guest-mode
> wpa-psk ascii 7 removed
> !
> dot11 ssid datascinternal
> vlan 10
> authentication open
> authentication key-management wpa
> guest-mode
> wpa-psk ascii 7 removed
> !
> !
> ip cef
> no ip dhcp use vrf connected
> ip dhcp excluded-address 172.16.1.0 172.16.1.50
> ip dhcp excluded-address 192.168.1.0 192.168.1.50
> !
> ip dhcp pool vlan10
> network 172.16.1.0 255.255.255.0
> default-router 172.1.16.1
> domain-name datasc.local
> dns-server 172.16.1.2 4.2.2.2
> netbios-name-server 172.16.1.2
> !
> ip dhcp pool vlan20
> network 192.168.1.0 255.255.255.0
> default-router 192.168.1.1
> dns-server 4.2.2.2
> !
> !
> no ip domain lookup
> ip inspect name CBAC tcp
> ip inspect name CBAC udp
> !
> multilink bundle-name authenticated
> !
> !
> !
> spanning-tree portfast bpduguard
> username dnewman privilege 15 password 7 0121030754020A5671
> archive
> log config
> hidekeys
> !
> !
> ip ssh version 2
> bridge irb
> !
> !
> !
> interface FastEthernet0
> ip address dhcp
> ip access-group internet in
> ip nat outside
> ip inspect CBAC out
> ip virtual-reassembly
> duplex auto
> speed auto
> no cdp enable
> !
> interface FastEthernet1
> no ip address
> shutdown
> duplex auto
> speed auto
> !
> interface FastEthernet2
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet3
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet4
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet5
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet6
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet7
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet8
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet9
> switchport access vlan 10
> spanning-tree portfast
> !
> interface Dot11Radio0
> no ip address
> no dot11 extension aironet
> !
> encryption vlan 10 mode ciphers tkip
> !
> ssid datascinternal
> !
> speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
> 48.0 54.0
> station-role root
> no cdp enable
> bridge-group 10
> bridge-group 10 subscriber-loop-control
> bridge-group 10 spanning-disabled
> bridge-group 10 block-unknown-source
> no bridge-group 10 source-learning
> no bridge-group 10 unicast-flooding
> !
> interface Dot11Radio1
> no ip address
> no dot11 extension aironet
> !
> encryption vlan 20 mode ciphers tkip
> !
> ssid datascexternal
> !
> speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
> station-role root
> no cdp enable
> bridge-group 20
> bridge-group 20 subscriber-loop-control
> bridge-group 20 spanning-disabled
> bridge-group 20 block-unknown-source
> no bridge-group 20 source-learning
> no bridge-group 20 unicast-flooding
> !
> interface Vlan1
> no ip address
> !
> interface Vlan10
> description internal network
> no ip address
> ip nat inside
> ip virtual-reassembly
> bridge-group 10
> bridge-group 10 spanning-disabled
> !
> interface Vlan20
> description guest wireless vlan
> no ip address
> ip nat inside
> ip virtual-reassembly
> bridge-group 20
> bridge-group 20 spanning-disabled
> !
> interface Async1
> no ip address
> encapsulation slip
> !
> interface BVI10
> ip address 172.16.1.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
> !
> interface BVI20
> description bridge to guest wireless network
> ip address 192.168.1.1 255.255.255.0
> ip access-group guest-acl in
> ip nat inside
> ip virtual-reassembly
> !
> ip route 0.0.0.0 0.0.0.0 FastEthernet0
> !
> !
> no ip http server
> ip http secure-server
> ip nat inside source list NATNETWORKS interface FastEthernet0 overload
> !
> ip access-list standard NATNETWORKS
> permit 192.168.1.0 0.0.0.255
> permit 172.16.1.0 0.0.0.255
> !
> ip access-list extended guest-acl
> deny ip any 172.1.16.0 0.0.0.255
> permit ip any any
> ip access-list extended internet
> permit udp any eq bootps any eq bootpc
> permit icmp any any echo
> permit icmp any any echo-reply
> permit icmp any any traceroute
> permit gre any any
> permit esp any any
> !
> !
> !
> !
> !
> !
> !
> control-plane
> !
> bridge 10 route ip
> bridge 20 route ip
> !
> line con 0
> line 1
> modem InOut
> stopbits 1
> speed 115200
> flowcontrol hardware
> line aux 0
> line vty 5 15
> !
>
> !
> webvpn cef
> end
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:18 ART