Configuring DHCP Server in AP 1231

eleguaelegua Member Posts: 282
Hi Guys,

Attempting to setup a Cisco 1200 to give out private DHCP addresses to its clients. I have added the following statements, however the AP isn't giving out any addresses.

!
service dhcp
!
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.50.1 192.168.50.5
!
ip dhcp pool AP
   import all
   network 192.168.50.0 255.255.255.0
   default-router 192.168.50.1
   dns-server 206.53.48.23 206.53.60.10 4.2.2.2
   lease 8
   update arp
!
AP#

I'm following this:

http://www.cisco.com/en/US/docs/wireless/access_point/12.2_11_JA/configuration/guide/s11adm.html#wp1057097

Am i missing something here?, the AP has a static ip assigned from my internal DHCP (statically assingned).

Thanks in advance. icon_wink.gificon_wink.gif

Comments

  • xwesleyxwillisxxwesleyxwillisx Member Posts: 158
    Do you want to hand out dhcp addresses to your wireless clients from the same subnet that the AP is on or do you want to hand out a different scope to your wireless clients?

    I.E. your network that the AP is sitting on is 192.168.50.0/24 and you want clients to be on this subnet?

    or

    The AP is on a different subnet and the wireless clients are on 192.168.50.0/24 (with the default-router being the AP).

    I'm going to assume the 1st scenario where the clients and the AP are on 192.168.50.0/24.

    If that's the case, create a bridged-virtual interface (BVI):

    int BVI1
    ip address 192.168.50.1 netmask 255.255.255.0
    no shut

    Then, assign the radio interface and the fastethernet interface to the BVI:

    int dot11radio0/0
    bridge-group 1

    int fastethernet0/0
    bridge-group 1

    This bridges the 2 interfaces into 1 essentially. No ip address will be assigned to either interface. Only to the BVI.

    Assuming the rest of the config is ok, your clients should now receive dhcp.
  • xwesleyxwillisxxwesleyxwillisx Member Posts: 158
    Also, be sure to include the global command "bridge irb".

    I don't remember if it's on by defualt or not. Use the command anyway to be sure.

    Cheers!
  • eleguaelegua Member Posts: 282
    Do you want to hand out dhcp addresses to your wireless clients from the same subnet that the AP is on or do you want to hand out a different scope to your wireless clients?

    I.E. your network that the AP is sitting on is 192.168.50.0/24 and you want clients to be on this subnet?

    or

    The AP is on a different subnet and the wireless clients are on 192.168.50.0/24 (with the default-router being the AP).

    I'm going to assume the 1st scenario where the clients and the AP are on 192.168.50.0/24.

    If that's the case, create a bridged-virtual interface (BVI):

    int BVI1
    ip address 192.168.50.1 netmask 255.255.255.0
    no shut

    Then, assign the radio interface and the fastethernet interface to the BVI:

    int dot11radio0/0
    bridge-group 1

    int fastethernet0/0
    bridge-group 1

    This bridges the 2 interfaces into 1 essentially. No ip address will be assigned to either interface. Only to the BVI.

    Assuming the rest of the config is ok, your clients should now receive dhcp.

    Thank you for your reply, also i have the 2 scenario, i have the AP in sutnet 192.168.5.0 and i want to lease to clients 192.168.50.0, in this case what do i have to do?.

    Thanks. icon_wink.gificon_wink.gif
  • xwesleyxwillisxxwesleyxwillisx Member Posts: 158
    Forget the BVI stuff then. What configuration do you have on your dot11radio0 interface? have you assigned it the ip address 192.168.50.1 with subnet 255.255.255.0?
  • eleguaelegua Member Posts: 282
    Forget the BVI stuff then. What configuration do you have on your dot11radio0 interface? have you assigned it the ip address 192.168.50.1 with subnet 255.255.255.0?

    Ok, here is my configuration on the AP:
    !
    version 12.3
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug datetime msec localtime show-timezone
    service timestamps log datetime msec localtime show-timezone
    service password-encryption
    service sequence-numbers
    !
    hostname AP
    !
    logging buffered 51200 warnings
    no logging console
    no logging monitor
    enable secret XXXXXXXXXX
    !
    clock timezone EST -5
    clock summer-time EDT recurring
    ip subnet-zero
    no ip source-route
    no ip gratuitous-arps
    no ip domain lookup
    ip domain name Gateway.com
    ip name-server 206.53.48.23
    ip name-server 206.53.60.10
    ip name-server 4.2.2.2
    no ip dhcp conflict logging
    ip dhcp excluded-address 192.168.50.1 192.168.50.5
    !
    ip dhcp pool AP
       import all
       network 192.168.50.0 255.255.255.0
       default-router 192.168.50.1 
       dns-server 206.53.48.23 206.53.60.10 4.2.2.2 
       lease 8
       update arp
    !
    ip dhcp pool MyLaptop
       host 192.168.50.4 255.255.255.0
       client-identifier 0100.18de.9836.ed
       lease infinite
    !
    !
    ip ssh authentication-retries 2
    ip ssh port 2212 rotary 1
    ip ssh version 2
    no aaa new-model
    !
    dot11 ssid ITCS
       authentication open 
       authentication key-management wpa
       guest-mode
       wpa-psk ascii XXXXXXXXXX
    !
    !
    crypto pki trustpoint TP-self-signed-3901523961
     enrollment selfsigned
     subject-name cn=IOS-Self-Signed-Certificate-3901523961
     revocation-check none
     rsakeypair TP-self-signed-3901523961
    !
    !
    crypto ca certificate chain TP-self-signed-3901523961
     certificate self-signed 01
      3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
      31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
      69666963 6174652D 33393031 35323339 3631301E 170D3032 30333031 30303232 
      33395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
      4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39303135 
      32333936 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
      8100F850 C6716C31 F8C77108 1A869785 0726FA04 E14BE218 2CEE4C4E D76EC8A2 
      8368C16E 31648402 EDFC1C6F 03F78235 AA7FDB35 38DC53F8 655CD6EE 0CD70EF0 
      3D2B52D1 E98974CA ABFE52AB 0621537C 7150915A CCA7040B 8DB19EBF 20B94741 
      21C92290 2EFF0E6F 478948D0 72142357 8CC2A49F 27DD8015 01CC931D 14E95C17 
      A3FB0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 
      551D2304 18301680 1478501C 0BAF1979 10A0CB52 42E299FF 1B1EA613 AF301D06 
      03551D0E 04160414 78501C0B AF197910 A0CB5242 E299FF1B 1EA613AF 300D0609 
      2A864886 F70D0101 04050003 818100CC DA4E05A0 35E21A96 FBA89E8C 993CA52A 
      905720AE 9386E601 33BBF9D3 D6169D06 F52BB51B 6FFE44DA E633EE5C 8F900462 
      33A36FE1 E7BF8BFF B177C989 E81E179D 8156A24A D75D1520 67B72D59 2058241E 
      6B00E7F6 FF55E628 7FDAB68E 0418E5EC F3463137 91EAB6B6 472D5F16 2938C43C 
      E42DFD23 B398AF07 D09E8C54 BC58AC
      quit
    username admin privilege 15 secret XXXXXXXXXX
    archive
     log config
      hidekeys
     path tftp://192.168.2.4/cfg-$h
     write-memory
     time-period 1440
    !
    bridge irb
    !
    !
    interface Dot11Radio0
     ip address 192.168.50.1 255.255.255.0
     no ip route-cache
     !
     encryption mode ciphers tkip 
     !
     ssid ITCS
     !
     speed basic-6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
     channel 2412
     station-role root
     antenna gain 128
     world-mode dot11d country CA both
     no cdp enable
     bridge-group 1
     bridge-group 1 subscriber-loop-control
     bridge-group 1 block-unknown-source
     no bridge-group 1 source-learning
     no bridge-group 1 unicast-flooding
     bridge-group 1 spanning-disabled
    !
    interface FastEthernet0
     no ip address
     no ip route-cache
     duplex auto
     speed auto
     no cdp enable
     bridge-group 1
     no bridge-group 1 source-learning
     bridge-group 1 spanning-disabled
    !
    interface BVI1
     ip address 192.168.5.4 255.255.255.0
     no ip route-cache
    !
    no ip http server
    ip http secure-server
    ip http help-path [url]http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag[/url]
    !
    no cdp run
    bridge 1 route ip
    !
    !
    !
    line con 0
     exec-timeout 0 0
     password XXXXXXXXXX
     logging synchronous
     login
    line vty 0 4
     logging synchronous
     login local
     rotary 1
     transport input ssh
    !
    end
    

    Do you see anything wrong here?.

    Thanks. icon_wink.gif
  • xwesleyxwillisxxwesleyxwillisx Member Posts: 158
    Ok, for starters. Remove the dot11radio0 interface from bridge group 1. Remove all of these commands from dot11radio0:

    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled

    If you want my opinion, I would just put your wireless clients on the same subnet as the AP (192.168.5.0/24). If you change your mind and bridge them disregard the commands I just said to remove and follow my instructions from my 1st post.

    Otherwise, you are going to have to configure a trunk port on the switch the AP is plugged in to. Then, you are going to have to trunk the ethernet port on the AP and create subinterfaces (1 for the AP and 1 for the clients).
  • eleguaelegua Member Posts: 282
    Ok, for starters. Remove the dot11radio0 interface from bridge group 1. Remove all of these commands from dot11radio0:

    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled

    If you want my opinion, I would just put your wireless clients on the same subnet as the AP (192.168.5.0/24). If you change your mind and bridge them disregard the commands I just said to remove and follow my instructions from my 1st post.

    Otherwise, you are going to have to configure a trunk port on the switch the AP is plugged in to. Then, you are going to have to trunk the ethernet port on the AP and create subinterfaces (1 for the AP and 1 for the clients).

    Hi,

    Thank you for your help, i understand what you're saying but i go with the second opcion, i'll configure the AP to lease different subnet, i'll erase the configuration again and start over (best way to learn), do you know where can i find a web or something that explain this?, how to create this subinterfaces and all that stuff? , i don't want to bother you with all these questions but if you can help me will be very good.

    Thank you for your help. icon_wink.gificon_wink.gif
  • eleguaelegua Member Posts: 282
    Ok, for starters. Remove the dot11radio0 interface from bridge group 1. Remove all of these commands from dot11radio0:

    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled

    If you want my opinion, I would just put your wireless clients on the same subnet as the AP (192.168.5.0/24). If you change your mind and bridge them disregard the commands I just said to remove and follow my instructions from my 1st post.

    Otherwise, you are going to have to configure a trunk port on the switch the AP is plugged in to. Then, you are going to have to trunk the ethernet port on the AP and create subinterfaces (1 for the AP and 1 for the clients).

    Hi,

    When i try to remove these commands i got a messege saying that bridge-group 1 cannot be remove from the dot11radio0 interface, is any other to remove those cmds?.

    Thanks. icon_wink.gificon_wink.gif
Sign In or Register to comment.