From: Ed Lui (edwlui@gmail.com)
Date: Mon May 26 2008 - 03:29:41 ART
I believe the interface Dot11Radio1 is for "802.11a"
On Sun, May 25, 2008 at 6:52 PM, Dane Newman <dane.newman@gmail.com> wrote:
> Ok so figured it out sorta below is the working config with wireless all the
> config needs to be done under a single physical radio shrug go figure. I
> needed to create sub interfaces and I could not use the other physical radio
> (no clue why still) but it works so shrug
>
>
> Cisco1811W#show run
> Building configuration...
> Current configuration : 6313 bytes
> !
> version 12.4
> service timestamps debug datetime msec
> service timestamps log datetime msec
> service password-encryption
> !
> hostname Cisco1811W
> !
> boot-start-marker
> boot-end-marker
> !
> no logging console
> enable secret 5 $1$CgTB$6617EQ7ot3k.i2yBibDGW.
> !
> aaa new-model
> !
> !
> aaa authentication login default local
> aaa authorization exec default local
> !
> !
> aaa session-id common
> errdisable recovery cause bpduguard
> errdisable recovery interval 400
> !
> crypto pki trustpoint TP-self-signed-1771713933
> enrollment selfsigned
> subject-name cn=IOS-Self-Signed-Certificate-1771713933
> revocation-check none
> rsakeypair TP-self-signed-1771713933
> !
> !
> crypto pki certificate chain TP-self-signed-1771713933
> certificate self-signed 01
> 30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
> 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
> 69666963 6174652D 31373731 37313339 3333301E 170D3038 30353236 30313339
> 33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
> 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37373137
> 31333933 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
> 8100C2F9 BD7032FD A89AFCB5 EE3F8408 BF851C99 90BC7E4F 2E150363 00E81900
> CDA0124E 8B96BDCC 9E9D203F 39CCFD69 5F014BDC FEFAC15D 9B3C0C9E EA5E0948
> 88F56661 3E587B2A F613BCCB 38141B9C 1F4CFFF3 AD31CE89 601B2861 62279B57
> 01CF45EF 03A00269 4D406334 A1F2EB61 14214088 3FBF0B5C 97702BB7 3DE5D6C0
> 60F10203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603
> 551D1104 0E300C82 0A436973 636F3138 31315730 1F060355 1D230418 30168014
> A0E7D670 0AF799D5 97AC2B3B A40AFB15 D21CB57A 301D0603 551D0E04 160414A0
> E7D6700A F799D597 AC2B3BA4 0AFB15D2 1CB57A30 0D06092A 864886F7 0D010104
> 05000381 810047AD 38C08647 383F21D7 2622297D A75CC883 A9C4C592 E407E110
> 3D2487C6 3FA94189 1EF39C63 5C87B109 B5C5FC27 84B2509D 4F2D34F2 2DF4A93E
> F0DEA0C6 D7FE368E B5F535EF 4793AA66 CBA914C2 A63DD192 D4FF451E 9BE8A064
> 17031005 621061AD 1EFCA441 454679DC 2536B311 625B3E56 21A81335 FCEE9F12
> A3963DB0 AE1D
> quit
> !
> !
> !
> dot11 ssid datascguest
> vlan 20
> authentication open
> authentication key-management wpa
> guest-mode
> wpa-psk ascii 7 011D0F03531F11063244
> !
> dot11 ssid newmannet
> vlan 10
> authentication open
> authentication key-management wpa
> wpa-psk ascii 7 14251708030D267274
> !
> !
> !
> ip cef
> no ip dhcp use vrf connected
> ip dhcp excluded-address 172.16.1.0 172.16.1.50
> ip dhcp excluded-address 192.168.1.0 192.168.1.50
> !
> ip dhcp pool vlan10
> network 172.16.1.0 255.255.255.0
> default-router 172.1.16.1
> dns-server 4.2.2.2
> !
> ip dhcp pool vlan20
> network 192.168.1.0 255.255.255.0
> default-router 192.168.1.1
> dns-server 4.2.2.2
> !
> !
> no ip domain lookup
> ip inspect name CBAC tcp
> ip inspect name CBAC udp
> !
> multilink bundle-name authenticated
> !
> !
> !
> spanning-tree portfast bpduguard
> username dnewman privilege 15 password 7 0121030754020A5671
> archive
> log config
> hidekeys
> !
> !
> ip ssh version 2
> bridge irb
> !
> !
> !
> interface FastEthernet0
> ip address dhcp
> ip access-group internet in
> no ip redirects
> no ip unreachables
> no ip proxy-arp
> ip nat outside
> ip inspect CBAC out
> ip virtual-reassembly
> duplex auto
> speed auto
> no cdp enable
> !
> interface FastEthernet1
> no ip address
> shutdown
> duplex auto
> speed auto
> !
> interface FastEthernet2
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet3
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet4
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet5
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet6
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet7
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet8
> switchport access vlan 10
> spanning-tree portfast
> !
> interface FastEthernet9
> switchport access vlan 20
> spanning-tree portfast
> !
> interface Dot11Radio0
> no ip address
> no dot11 extension aironet
> !
> encryption vlan 10 mode ciphers tkip
> !
> encryption vlan 20 mode ciphers tkip
> !
> ssid datascguest
> !
> ssid newmannet
> !
> speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
> 48.0 54.0
> station-role root
> no cdp enable
> !
> interface Dot11Radio0.10
> encapsulation dot1Q 10
> bridge-group 10
> bridge-group 10 subscriber-loop-control
> bridge-group 10 spanning-disabled
> bridge-group 10 block-unknown-source
> no bridge-group 10 source-learning
> no bridge-group 10 unicast-flooding
> !
> interface Dot11Radio0.20
> encapsulation dot1Q 20
> bridge-group 20
> bridge-group 20 subscriber-loop-control
> bridge-group 20 spanning-disabled
> bridge-group 20 block-unknown-source
> no bridge-group 20 source-learning
> no bridge-group 20 unicast-flooding
> !
> interface Dot11Radio1
> no ip address
> no dot11 extension aironet
> speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
> station-role root
> !
> interface Vlan1
> no ip address
> !
> interface Vlan10
> description internal network
> no ip address
> ip nat inside
> ip virtual-reassembly
> bridge-group 10
> bridge-group 10 spanning-disabled
> !
> interface Vlan20
> description guest wireless vlan
> no ip address
> ip nat inside
> ip virtual-reassembly
> bridge-group 20
> bridge-group 20 spanning-disabled
> !
> interface Async1
> no ip address
> encapsulation slip
> !
> interface BVI10
> ip address 172.16.1.1 255.255.255.0
> ip nat inside
> ip virtual-reassembly
> !
> interface BVI20
> description bridge to guest wireless network
> ip address 192.168.1.1 255.255.255.0
> ip access-group guest-acl in
> ip nat inside
> ip virtual-reassembly
> !
> ip route 0.0.0.0 0.0.0.0 FastEthernet0
> !
> !
> no ip http server
> ip http secure-server
> ip nat inside source list NATNETWORKS interface FastEthernet0 overload
> !
> ip access-list standard NATNETWORKS
> permit 192.168.1.0 0.0.0.255
> permit 172.16.1.0 0.0.0.255
> !
> ip access-list extended guest-acl
> deny ip any 172.1.16.0 0.0.0.255
> permit ip any any
> ip access-list extended internet
> permit udp any eq bootps any eq bootpc
> permit icmp any any echo
> permit icmp any any echo-reply
> permit icmp any any traceroute
> permit gre any any
> permit esp any any
> !
> !
> !
> !
> !
> !
> !
> control-plane
> !
> bridge 10 route ip
> bridge 20 route ip
> !
> line con 0
> line 1
> modem InOut
> stopbits 1
> speed 115200
> flowcontrol hardware
> line aux 0
> line vty 5 15
> !
> !
> webvpn cef
> end
>
> On Sun, May 25, 2008 at 12:36 PM, Dane Newman <dnewman@datasc.com> wrote:
>
>> So this is my first time trying to configure wireless. I configured 2
>> wireless ssid's that I want to broadcast. The problem is I get
>>
>>
>> *May 24 02:09:34.251: %DOT11-4-NO_SSID: No SSID configured. Dot11Radio0 not
>> started.
>>
>>
>> Interface IP-Address OK? Method Status
>> Protocol
>> FastEthernet0 unassigned YES DHCP up
>> down
>> FastEthernet1 unassigned YES NVRAM administratively down
>> down
>> FastEthernet2 unassigned YES unset up
>> down
>> FastEthernet3 unassigned YES unset up
>> down
>> FastEthernet4 unassigned YES unset up
>> down
>> FastEthernet5 unassigned YES unset up
>> down
>> FastEthernet6 unassigned YES unset up
>> down
>> FastEthernet7 unassigned YES unset up
>> down
>> FastEthernet8 unassigned YES unset up
>> down
>> FastEthernet9 unassigned YES unset up
>> down
>> Dot11Radio0 unassigned YES NVRAM reset
>> down
>> Dot11Radio1 unassigned YES NVRAM reset
>> down
>>
>> Cisco1811W#show run
>> Building configuration...
>> Current configuration : 6260 bytes
>> !
>> version 12.4
>> service timestamps debug datetime msec
>> service timestamps log datetime msec
>> service password-encryption
>> !
>> hostname Cisco1811W
>> !
>> boot-start-marker
>> boot-end-marker
>> !
>> enable secret 5 $1$CgTB$6617EQ7ot3k.i2yBibDGW.
>> !
>> aaa new-model
>> !
>> !
>> aaa authentication login default local
>> aaa authorization exec default local
>> !
>> !
>> aaa session-id common
>> errdisable recovery cause bpduguard
>> errdisable recovery interval 400
>> !
>> crypto pki trustpoint TP-self-signed-1771713933
>> enrollment selfsigned
>> subject-name cn=IOS-Self-Signed-Certificate-1771713933
>> revocation-check none
>> rsakeypair TP-self-signed-1771713933
>> !
>> !
>> crypto pki certificate chain TP-self-signed-1771713933
>> certificate self-signed 01
>> 30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
>> 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
>> 69666963 6174652D 31373731 37313339 3333301E 170D3038 30353234 30323233
>> 35335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
>> 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37373137
>> 31333933 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
>> 8100C2F9 BD7032FD A89AFCB5 EE3F8408 BF851C99 90BC7E4F 2E150363 00E81900
>> CDA0124E 8B96BDCC 9E9D203F 39CCFD69 5F014BDC FEFAC15D 9B3C0C9E EA5E0948
>> 88F56661 3E587B2A F613BCCB 38141B9C 1F4CFFF3 AD31CE89 601B2861 62279B57
>> 01CF45EF 03A00269 4D406334 A1F2EB61 14214088 3FBF0B5C 97702BB7 3DE5D6C0
>> 60F10203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603
>> 551D1104 0E300C82 0A436973 636F3138 31315730 1F060355 1D230418 30168014
>> A0E7D670 0AF799D5 97AC2B3B A40AFB15 D21CB57A 301D0603 551D0E04 160414A0
>> E7D6700A F799D597 AC2B3BA4 0AFB15D2 1CB57A30 0D06092A 864886F7 0D010104
>> 05000381 81006697 D99E9C96 9C6A9964 0CA9B9A6 1DF5DD5F B45B94B8 F414E5CD
>> DCCD530E 3ACFBBE0 F2341570 E9ED1B9C C2E131DD 6F4C157F 25A8BC58 927B53B1
>> 3606E215 B05B1A73 B7D8B2FB 52C281DE 91AB5B88 E7727FDC 905A6554 06A87E8A
>> 1D2B991F ACDAD8A5 9D46F7AC ADD1A266 079B571F 08DAF327 3A4494D4 DA01FAA5
>> 27084298 CF9F
>> quit
>> !
>> !
>> !
>> dot11 ssid datascexternal
>> vlan 20
>> authentication open
>> authentication key-management wpa
>> guest-mode
>> wpa-psk ascii 7 removed
>> !
>> dot11 ssid datascinternal
>> vlan 10
>> authentication open
>> authentication key-management wpa
>> guest-mode
>> wpa-psk ascii 7 removed
>> !
>> !
>> ip cef
>> no ip dhcp use vrf connected
>> ip dhcp excluded-address 172.16.1.0 172.16.1.50
>> ip dhcp excluded-address 192.168.1.0 192.168.1.50
>> !
>> ip dhcp pool vlan10
>> network 172.16.1.0 255.255.255.0
>> default-router 172.1.16.1
>> domain-name datasc.local
>> dns-server 172.16.1.2 4.2.2.2
>> netbios-name-server 172.16.1.2
>> !
>> ip dhcp pool vlan20
>> network 192.168.1.0 255.255.255.0
>> default-router 192.168.1.1
>> dns-server 4.2.2.2
>> !
>> !
>> no ip domain lookup
>> ip inspect name CBAC tcp
>> ip inspect name CBAC udp
>> !
>> multilink bundle-name authenticated
>> !
>> !
>> !
>> spanning-tree portfast bpduguard
>> username dnewman privilege 15 password 7 0121030754020A5671
>> archive
>> log config
>> hidekeys
>> !
>> !
>> ip ssh version 2
>> bridge irb
>> !
>> !
>> !
>> interface FastEthernet0
>> ip address dhcp
>> ip access-group internet in
>> ip nat outside
>> ip inspect CBAC out
>> ip virtual-reassembly
>> duplex auto
>> speed auto
>> no cdp enable
>> !
>> interface FastEthernet1
>> no ip address
>> shutdown
>> duplex auto
>> speed auto
>> !
>> interface FastEthernet2
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet3
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet4
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet5
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet6
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet7
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet8
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet9
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface Dot11Radio0
>> no ip address
>> no dot11 extension aironet
>> !
>> encryption vlan 10 mode ciphers tkip
>> !
>> ssid datascinternal
>> !
>> speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
>> 48.0 54.0
>> station-role root
>> no cdp enable
>> bridge-group 10
>> bridge-group 10 subscriber-loop-control
>> bridge-group 10 spanning-disabled
>> bridge-group 10 block-unknown-source
>> no bridge-group 10 source-learning
>> no bridge-group 10 unicast-flooding
>> !
>> interface Dot11Radio1
>> no ip address
>> no dot11 extension aironet
>> !
>> encryption vlan 20 mode ciphers tkip
>> !
>> ssid datascexternal
>> !
>> speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
>> station-role root
>> no cdp enable
>> bridge-group 20
>> bridge-group 20 subscriber-loop-control
>> bridge-group 20 spanning-disabled
>> bridge-group 20 block-unknown-source
>> no bridge-group 20 source-learning
>> no bridge-group 20 unicast-flooding
>> !
>> interface Vlan1
>> no ip address
>> !
>> interface Vlan10
>> description internal network
>> no ip address
>> ip nat inside
>> ip virtual-reassembly
>> bridge-group 10
>> bridge-group 10 spanning-disabled
>> !
>> interface Vlan20
>> description guest wireless vlan
>> no ip address
>> ip nat inside
>> ip virtual-reassembly
>> bridge-group 20
>> bridge-group 20 spanning-disabled
>> !
>> interface Async1
>> no ip address
>> encapsulation slip
>> !
>> interface BVI10
>> ip address 172.16.1.1 255.255.255.0
>> ip nat inside
>> ip virtual-reassembly
>> !
>> interface BVI20
>> description bridge to guest wireless network
>> ip address 192.168.1.1 255.255.255.0
>> ip access-group guest-acl in
>> ip nat inside
>> ip virtual-reassembly
>> !
>> ip route 0.0.0.0 0.0.0.0 FastEthernet0
>> !
>> !
>> no ip http server
>> ip http secure-server
>> ip nat inside source list NATNETWORKS interface FastEthernet0 overload
>> !
>> ip access-list standard NATNETWORKS
>> permit 192.168.1.0 0.0.0.255
>> permit 172.16.1.0 0.0.0.255
>> !
>> ip access-list extended guest-acl
>> deny ip any 172.1.16.0 0.0.0.255
>> permit ip any any
>> ip access-list extended internet
>> permit udp any eq bootps any eq bootpc
>> permit icmp any any echo
>> permit icmp any any echo-reply
>> permit icmp any any traceroute
>> permit gre any any
>> permit esp any any
>> !
>> !
>> !
>> !
>> !
>> !
>> !
>> control-plane
>> !
>> bridge 10 route ip
>> bridge 20 route ip
>> !
>> line con 0
>> line 1
>> modem InOut
>> stopbits 1
>> speed 115200
>> flowcontrol hardware
>> line aux 0
>> line vty 5 15
>> !
>> !
>> webvpn cef
>> end
>>
>>
>>
>> On Fri, May 23, 2008 at 10:47 PM, Dane Newman <dane.newman@gmail.com>
> wrote:
>
>> So this is my first time trying to configure wireless. I configured 2
>> wireless ssid's that I want to broadcast. The problem is I get
>>
>>
>> *May 24 02:09:34.251: %DOT11-4-NO_SSID: No SSID configured. Dot11Radio0 not
>> started.
>>
>>
>> Interface IP-Address OK? Method Status
>> Protocol
>> FastEthernet0 unassigned YES DHCP up
>> down
>> FastEthernet1 unassigned YES NVRAM administratively down
>> down
>> FastEthernet2 unassigned YES unset up
>> down
>> FastEthernet3 unassigned YES unset up
>> down
>> FastEthernet4 unassigned YES unset up
>> down
>> FastEthernet5 unassigned YES unset up
>> down
>> FastEthernet6 unassigned YES unset up
>> down
>> FastEthernet7 unassigned YES unset up
>> down
>> FastEthernet8 unassigned YES unset up
>> down
>> FastEthernet9 unassigned YES unset up
>> down
>> Dot11Radio0 unassigned YES NVRAM reset
>> down
>> Dot11Radio1 unassigned YES NVRAM reset
>> down
>>
>> Cisco1811W#show run
>> Building configuration...
>>
>> Current configuration : 6260 bytes
>> !
>> version 12.4
>> service timestamps debug datetime msec
>> service timestamps log datetime msec
>> service password-encryption
>> !
>> hostname Cisco1811W
>> !
>> boot-start-marker
>> boot-end-marker
>> !
>> enable secret 5 $1$CgTB$6617EQ7ot3k.i2yBibDGW.
>> !
>> aaa new-model
>> !
>> !
>> aaa authentication login default local
>> aaa authorization exec default local
>> !
>> !
>> aaa session-id common
>> errdisable recovery cause bpduguard
>> errdisable recovery interval 400
>> !
>> crypto pki trustpoint TP-self-signed-1771713933
>> enrollment selfsigned
>> subject-name cn=IOS-Self-Signed-Certificate-1771713933
>> revocation-check none
>> rsakeypair TP-self-signed-1771713933
>> !
>> !
>> crypto pki certificate chain TP-self-signed-1771713933
>> certificate self-signed 01
>> 30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
>> 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
>> 69666963 6174652D 31373731 37313339 3333301E 170D3038 30353234 30323233
>> 35335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
>> 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37373137
>> 31333933 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
>> 8100C2F9 BD7032FD A89AFCB5 EE3F8408 BF851C99 90BC7E4F 2E150363 00E81900
>> CDA0124E 8B96BDCC 9E9D203F 39CCFD69 5F014BDC FEFAC15D 9B3C0C9E EA5E0948
>> 88F56661 3E587B2A F613BCCB 38141B9C 1F4CFFF3 AD31CE89 601B2861 62279B57
>> 01CF45EF 03A00269 4D406334 A1F2EB61 14214088 3FBF0B5C 97702BB7 3DE5D6C0
>> 60F10203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603
>> 551D1104 0E300C82 0A436973 636F3138 31315730 1F060355 1D230418 30168014
>> A0E7D670 0AF799D5 97AC2B3B A40AFB15 D21CB57A 301D0603 551D0E04 160414A0
>> E7D6700A F799D597 AC2B3BA4 0AFB15D2 1CB57A30 0D06092A 864886F7 0D010104
>> 05000381 81006697 D99E9C96 9C6A9964 0CA9B9A6 1DF5DD5F B45B94B8 F414E5CD
>> DCCD530E 3ACFBBE0 F2341570 E9ED1B9C C2E131DD 6F4C157F 25A8BC58 927B53B1
>> 3606E215 B05B1A73 B7D8B2FB 52C281DE 91AB5B88 E7727FDC 905A6554 06A87E8A
>> 1D2B991F ACDAD8A5 9D46F7AC ADD1A266 079B571F 08DAF327 3A4494D4 DA01FAA5
>> 27084298 CF9F
>> quit
>> !
>> !
>> !
>> dot11 ssid datascexternal
>> vlan 20
>> authentication open
>> authentication key-management wpa
>> guest-mode
>> wpa-psk ascii 7 removed
>> !
>> dot11 ssid datascinternal
>> vlan 10
>> authentication open
>> authentication key-management wpa
>> guest-mode
>> wpa-psk ascii 7 removed
>> !
>> !
>> ip cef
>> no ip dhcp use vrf connected
>> ip dhcp excluded-address 172.16.1.0 172.16.1.50
>> ip dhcp excluded-address 192.168.1.0 192.168.1.50
>> !
>> ip dhcp pool vlan10
>> network 172.16.1.0 255.255.255.0
>> default-router 172.1.16.1
>> domain-name datasc.local
>> dns-server 172.16.1.2 4.2.2.2
>> netbios-name-server 172.16.1.2
>> !
>> ip dhcp pool vlan20
>> network 192.168.1.0 255.255.255.0
>> default-router 192.168.1.1
>> dns-server 4.2.2.2
>> !
>> !
>> no ip domain lookup
>> ip inspect name CBAC tcp
>> ip inspect name CBAC udp
>> !
>> multilink bundle-name authenticated
>> !
>> !
>> !
>> spanning-tree portfast bpduguard
>> username dnewman privilege 15 password 7 0121030754020A5671
>> archive
>> log config
>> hidekeys
>> !
>> !
>> ip ssh version 2
>> bridge irb
>> !
>> !
>> !
>> interface FastEthernet0
>> ip address dhcp
>> ip access-group internet in
>> ip nat outside
>> ip inspect CBAC out
>> ip virtual-reassembly
>> duplex auto
>> speed auto
>> no cdp enable
>> !
>> interface FastEthernet1
>> no ip address
>> shutdown
>> duplex auto
>> speed auto
>> !
>> interface FastEthernet2
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet3
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet4
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet5
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet6
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet7
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet8
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface FastEthernet9
>> switchport access vlan 10
>> spanning-tree portfast
>> !
>> interface Dot11Radio0
>> no ip address
>> no dot11 extension aironet
>> !
>> encryption vlan 10 mode ciphers tkip
>> !
>> ssid datascinternal
>> !
>> speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
>> 48.0 54.0
>> station-role root
>> no cdp enable
>> bridge-group 10
>> bridge-group 10 subscriber-loop-control
>> bridge-group 10 spanning-disabled
>> bridge-group 10 block-unknown-source
>> no bridge-group 10 source-learning
>> no bridge-group 10 unicast-flooding
>> !
>> interface Dot11Radio1
>> no ip address
>> no dot11 extension aironet
>> !
>> encryption vlan 20 mode ciphers tkip
>> !
>> ssid datascexternal
>> !
>> speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
>> station-role root
>> no cdp enable
>> bridge-group 20
>> bridge-group 20 subscriber-loop-control
>> bridge-group 20 spanning-disabled
>> bridge-group 20 block-unknown-source
>> no bridge-group 20 source-learning
>> no bridge-group 20 unicast-flooding
>> !
>> interface Vlan1
>> no ip address
>> !
>> interface Vlan10
>> description internal network
>> no ip address
>> ip nat inside
>> ip virtual-reassembly
>> bridge-group 10
>> bridge-group 10 spanning-disabled
>> !
>> interface Vlan20
>> description guest wireless vlan
>> no ip address
>> ip nat inside
>> ip virtual-reassembly
>> bridge-group 20
>> bridge-group 20 spanning-disabled
>> !
>> interface Async1
>> no ip address
>> encapsulation slip
>> !
>> interface BVI10
>> ip address 172.16.1.1 255.255.255.0
>> ip nat inside
>> ip virtual-reassembly
>> !
>> interface BVI20
>> description bridge to guest wireless network
>> ip address 192.168.1.1 255.255.255.0
>> ip access-group guest-acl in
>> ip nat inside
>> ip virtual-reassembly
>> !
>> ip route 0.0.0.0 0.0.0.0 FastEthernet0
>> !
>> !
>> no ip http server
>> ip http secure-server
>> ip nat inside source list NATNETWORKS interface FastEthernet0 overload
>> !
>> ip access-list standard NATNETWORKS
>> permit 192.168.1.0 0.0.0.255
>> permit 172.16.1.0 0.0.0.255
>> !
>> ip access-list extended guest-acl
>> deny ip any 172.1.16.0 0.0.0.255
>> permit ip any any
>> ip access-list extended internet
>> permit udp any eq bootps any eq bootpc
>> permit icmp any any echo
>> permit icmp any any echo-reply
>> permit icmp any any traceroute
>> permit gre any any
>> permit esp any any
>> !
>> !
>> !
>> !
>> !
>> !
>> !
>> control-plane
>> !
>> bridge 10 route ip
>> bridge 20 route ip
>> !
>> line con 0
>> line 1
>> modem InOut
>> stopbits 1
>> speed 115200
>> flowcontrol hardware
>> line aux 0
>> line vty 5 15
>> !
>>
>> !
>> webvpn cef
>> end
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:18 ART