Jump to content
Sign in to follow this  
ecbe1988

Cisco 876W VLAN und WLAN konfigurieren

Recommended Posts

Hallo

Kann mir jemand weiterhelfen.

Hab hier einen 876W Cisco WLAN Router.

Ich möcht eigentlich nur mit LAN und WLAN ins WAN.

 

Ich hab da mal eine Skizze meine Netzwerk-Struktur.

Oben das bestehende

Darunter die zukünftige

 

Hab schon versucht VLANs einzurichten bekomm es aber nicht hin.

post-51077-1356738961471_thumb.jpg

Share this post


Link to post

Hallo,

 

vlans klappen hier nicht, da das do0 nur in einer bridge-goup sein kann. Das VLAN Interface des integrierten Switches muss dann auch in einer bridge-group (1) sein...

!

vlan 200

name DATA

!

interface Dot11Radio0

no ip address

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan200

description --> ETH NET

no ip address

bridge-group 1

end

!

interface BVI1

description --> Gateway

ip address x.x.x.x x.x.x.x

end

!

bridge 1 protocol ieee

bridge 1 route ip

 

==> nun kannst du vom WLAN auf ETH zugreifen ==> und auch aufs INET

hope this helps

 

ciao

Share this post


Link to post

hallo

ich hab jetzt mal kabelnetztwerk eingerichtet.

 

port0 hab ich als vlan100 für wan (internet) konfiguriert.

und port1 port2 port3 für das interne lan mit dhcp (vlan1).

 

jetzt möcht ich wlan zu vlan1 hinzufügen.

 

ich hab mal ein ios update von v6 auf v15 gemacht (wpa2).

bekomm das wlan aber nicht hin.

über netstumbler erkennt er zwar das netz (ohne ssid)

das win xp wlan prog findet aber keins.

 

kann mir da jemand weiterhelfen.

Share this post


Link to post

hallo

ich hab schon einiges probiert.

hab auch einen zwiten 876w mit ios v.15

das ist die aktuelle conf mit ios v.22

 

e-cisco#sh run

Building configuration...

 

Current configuration : 5342 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname e-cisco

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

logging buffered 51200 warnings

enable secret 5 $1$2SPu$F38ngcjYsQ8jTRr5cb7jN1

!

no aaa new-model

!

crypto pki trustpoint TP-self-signed-3954642026

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3954642026

revocation-check none

rsakeypair TP-self-signed-3954642026

!

!

crypto pki certificate chain TP-self-signed-3954642026

certificate self-signed 01

 

quit

dot11 syslog

!

dot11 ssid E-WLAN

authentication open

!

ip source-route

ip dhcp excluded-address 10.10.10.1

ip dhcp excluded-address 172.24.1.1 172.24.1.99

ip dhcp excluded-address 172.24.1.201 172.24.1.255

!

ip dhcp pool sdm-pool

import all

network 10.10.10.0 255.255.255.248

default-router 10.10.10.1

lease 0 2

!

ip dhcp pool eckl-dhcp

network 172.24.1.0 255.255.255.0

default-router 172.24.1.10

dns-server 195.202.128.2 195.202.128.3

!

!

ip cef

no ip domain lookup

ip domain name yourdomain.com

!

!

!

!

vtp mode transparent

username cisco privilege 15 secret 5 $1$SMCa$DMND9FaphqTvoB5RWgltv.

!

!

!

archive

log config

hidekeys

!

!

vlan 100

!

!

bridge irb

!

!

interface BRI0

no ip address

encapsulation hdlc

shutdown

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

!

interface FastEthernet0

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet1

spanning-tree portfast

!

interface FastEthernet2

spanning-tree portfast

!

interface FastEthernet3

spanning-tree portfast

!

interface Dot11Radio0

no ip address

!

encryption vlan 1 mode ciphers aes-ccm

!

ssid E-WLAN

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

54.0

station-role root access-point

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

description internal network

no ip address

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

bridge-group 1

bridge-group 1 spanning-disabled

!

interface Vlan100

ip address 192.168.0.6 255.255.255.0

ip nat outside

ip virtual-reassembly

!

interface BVI1

description bridge to internal network

ip address 172.24.1.10 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.0.1

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat inside source list 101 interface Vlan100 overload

!

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 23 permit 172.24.1.0 0.0.0.255

access-list 101 permit ip any any

no cdp run

 

!

!

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

banner login ^C

-----------------------------------------------------------------------

end

e-cisco#

Share this post


Link to post

ja wie gesagt.

ich hab schon einiges versucht.

auch mit hilfe anderer, aber hab das noch nicht zusammengebracht.

 

einmal hat es kurz funktioniert, aber am nächsten tag, war es weg.

 

wie würden Sie es versuchen?

 

danke

anbei die konfig, die kurz funktioniert hat, jedoch ohne passwort abfrage.

das wlan hat er gefunden inkl ssid.

und bei doppelklick über dhcp

ohne pw abfrage eine ip bekommen.

 

 

e-cisco#sh run

Building configuration...

 

Current configuration : 5342 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname e-cisco

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

logging buffered 51200 warnings

enable secret 5 $1$2SPu$F38ngcjYsQ8jTRr5cb7jN1

!

no aaa new-model

!

crypto pki trustpoint TP-self-signed-3954642026

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3954642026

revocation-check none

rsakeypair TP-self-signed-3954642026

!

!

crypto pki certificate chain TP-self-signed-3954642026

certificate self-signed 01

 

quit

dot11 syslog

!

dot11 ssid E-WLAN

authentication open

!

ip source-route

ip dhcp excluded-address 10.10.10.1

ip dhcp excluded-address 172.24.1.1 172.24.1.99

ip dhcp excluded-address 172.24.1.201 172.24.1.255

!

ip dhcp pool sdm-pool

import all

network 10.10.10.0 255.255.255.248

default-router 10.10.10.1

lease 0 2

!

ip dhcp pool eckl-dhcp

network 172.24.1.0 255.255.255.0

default-router 172.24.1.10

dns-server 195.202.128.2 195.202.128.3

!

!

ip cef

no ip domain lookup

ip domain name yourdomain.com

!

!

!

!

vtp mode transparent

username cisco privilege 15 secret 5 $1$SMCa$DMND9FaphqTvoB5RWgltv.

!

!

!

archive

log config

hidekeys

!

!

vlan 100

!

!

bridge irb

!

!

interface BRI0

no ip address

encapsulation hdlc

shutdown

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

!

interface FastEthernet0

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet1

spanning-tree portfast

!

interface FastEthernet2

spanning-tree portfast

!

interface FastEthernet3

spanning-tree portfast

!

interface Dot11Radio0

no ip address

!

encryption vlan 1 mode ciphers aes-ccm

!

ssid E-WLAN

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

54.0

station-role root access-point

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

description internal network

no ip address

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

bridge-group 1

bridge-group 1 spanning-disabled

!

interface Vlan100

ip address 192.168.0.6 255.255.255.0

ip nat outside

ip virtual-reassembly

!

interface BVI1

description bridge to internal network

ip address 172.24.1.10 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.0.1

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip nat inside source list 101 interface Vlan100 overload

!

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 23 permit 172.24.1.0 0.0.0.255

access-list 101 permit ip any any

no cdp run

 

!

!

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

banner login ^C

 

end

 

e-cisco#

Share this post


Link to post

mein Wlan steht so:

 

interface Dot11Radio0

encryption vlan 100 mode ciphers tkip

ssid >>>NAME<<<

vlan 100

authentication open

authentication key-management wpa

guest-mode

wpa-psk ascii xxxxxxxxxxxxxxxxxx

speed 6.0 9.0 12.0 18.0 24.0 36.0 48.0 basic-54.0

channel 5

no cdp enable

no dot11 extension aironet

 

no shutdown

 

interface Dot11Radio0.1

encapsulation dot1Q 1

no snmp trap link-status

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

 

vieleicht hilft es,....

Share this post


Link to post
Der letzte Beitrag zu diesem Thema ist mehr als 180 Tage alt. Bitte überlege Dir, ob es nicht sinnvoller ist ein neues Thema zu erstellen.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

Werbepartner:



×
×
  • Create New...