A couple of problems with my 881W...

LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
in CCNA Wireless
Hello masters of wireless,

I have a couple of interesting problems. Can anyone help?

1. I recently setup a Cisco 881W to use dual SSID's. My radio signal broadcasts fine for both, but I am having an issue with the BVI interface not staying up:
881W-AP#show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
[COLOR=#ff0000][B]BVI1                       10.10.10.3      YES manual down                  down[/B][/COLOR]
Dot11Radio0                unassigned      YES NVRAM  up                    up
Dot11Radio0.11             unassigned      YES unset  up                    up
Dot11Radio0.12             unassigned      YES unset  up                    up
GigabitEthernet0           unassigned      YES NVRAM  up                    up
GigabitEthernet0.11        unassigned      YES unset  up                    up
GigabitEthernet0.12        unassigned      YES unset  up                    up

2. Output from wireless connection testing. I can't figure out why my first SSID isn't giving out an IP address anymore...
881W-AP#
Apr 21 02:25:57.182: %DOT11-6-DISASSOC: Interface Dot11Radio0,  Deauthenticating Station 0014.ab15.1abc2 Reason: Sending station has  left the BSS
881W-AP#
Apr 21 02:26:14.778: %DOT11-6-ASSOC: Interface Dot11Radio0, Station WIN7 0014.ab15.1abc2 Associated KEY_MGMT[WPAv2 PSK]
881W-AP#
Apr 21 02:26:27.246: %DOT11-6-ASSOC: Interface Dot11Radio0, Station   54321.caba.d00d Associated KEY_MGMT[WPAv2 PSK]
881W-AP#show dot11 associations

802.11 Client Stations on Dot11Radio0:

SSID [CatchVirusHere] :

MAC Address    IP address      Device        Name            Parent         State
0014.ab15.1abc2 [B][COLOR=#ff0000]0.0.0.0[/COLOR][/B]         ccx-client    WIN7          self           Assoc

SSID [WantVirus] :

MAC Address    IP address      Device        Name            Parent         State
54321.caba.d00d 192.168.1.201   unknown       -               self           Assoc

881W-AP#show dot11 associations

802.11 Client Stations on Dot11Radio0:

SSID [CatchVirusHere] :

MAC Address    IP address      Device        Name            Parent         State
0014.ab15.1abc2 [COLOR=#ff0000][B]169.254.240.3[/B][/COLOR]   ccx-client    WIN7          self           Assoc

SSID [WantVirus] :

MAC Address    IP address      Device        Name            Parent         State
54321.caba.d00d 192.168.1.201   unknown       -               self           Assoc

881W-AP#

Here are the configurations of both the router, and the internal access points:

Router:
881W-R1#show running-config
Building configuration...

Current configuration : 4111 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 881W-R1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
enable secret 5 someencryptedpassword
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!

ip source-route
!
!
ip dhcp excluded-address 10.10.10.1 10.10.10.99
ip dhcp excluded-address 10.10.10.200 10.10.10.254
ip dhcp excluded-address 192.168.1.1 192.168.1.200
!
ip dhcp pool myDHCPpool
   import all
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
   dns-server 10.10.10.1 255.255.255.0
!
ip dhcp pool GuestPool
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 192.168.1.1 255.255.255.0
!
!
ip cef
ip domain name somedomain.net
ip name-server 68.94.156.1
ip name-server 68.94.157.1
!
no ipv6 cef
!
multilink bundle-name authenticated
!
!
username someuser privilege 15 secret 5 someencryptedpassword
!
!
!
archive
 log config
  hidekeys
!
!
ip ssh version 2
!
!
!
interface FastEthernet0
 switchport access vlan 11
!
interface FastEthernet1
 switchport access vlan 11
!
interface FastEthernet2
 switchport access vlan 12
!
interface FastEthernet3
 switchport access vlan 12
!
interface FastEthernet4
 description ISP Connection
 ip address dhcp
 no ip redirects
 no ip proxy-arp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 no cdp enable
!
interface wlan-ap0
 description Service module to manage the enbedded AP
 ip unnumbered Vlan11
 arp timeout 0
!
interface Wlan-GigabitEthernet0
 description Internal switch interface connecting to the embedded AP
 switchport mode trunk
!
interface Vlan1
 no ip address
!
interface Vlan11
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Vlan12
 description Guest Vlan
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 75.30.252.1
no ip http server
no ip http secure-server
!
!
ip nat inside source list 11 interface FastEthernet4 overload
!
access-list 11 permit 10.10.10.0 0.0.0.255
!
!
!
!
!
control-plane
!
!
line con 0
 password 7 someencryptedpassword
 logging synchronous
 login
 no modem enable
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
line vty 0 4
 password 7 someencryptedpassword
 login
 transport input ssh
!
scheduler max-task-time 5000
end

The Internal Wireless AP: 
881W-AP#show run
Building configuration...

Current configuration : 4176 bytes
!
! Last configuration change at 20:23:44 UTC Thu Apr 20 1905 by someuser
! NVRAM config last updated at 20:27:33 UTC Thu Apr 20 1905 by someuser
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 881W-AP
!
enable secret 5 someencryptedpassword
!
no aaa new-model
!
!
dot11 vlan-name vlan11 vlan 11
dot11 vlan-name vlan12 vlan 12
!
dot11 ssid CatchVirusHere
   vlan 11
   authentication open
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 7 someencryptedpassword
!
dot11 ssid WantVirus
   vlan 12
   authentication open
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 7 someencryptedpassword
!
!
!
username someuser privilege 15 secret 5 someencryptedpassword
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 11 mode ciphers aes-ccm
 !
 encryption vlan 12 mode ciphers aes-ccm
 !
 ssid CatchVirusHere
 !
 ssid WantVirus
 !
 mbssid
 speed  basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m1. m2. m3. m4. m8. m9. m10. m11. m12. m13. m14. m15.
 channel 2462
 station-role root
!
interface Dot11Radio0.11
 encapsulation dot1Q 11 native
 no ip route-cache
 bridge-group 11
 bridge-group 11 subscriber-loop-control
 bridge-group 11 block-unknown-source
 no bridge-group 11 source-learning
 no bridge-group 11 unicast-flooding
 bridge-group 11 spanning-disabled
!
interface Dot11Radio0.12
 encapsulation dot1Q 12
 no ip route-cache
 bridge-group 12
 bridge-group 12 block-unknown-source
 no bridge-group 12 source-learning
 no bridge-group 12 unicast-flooding
 bridge-group 12 spanning-disabled
!
interface GigabitEthernet0
 description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
 no ip address
 no ip route-cache
!
interface GigabitEthernet0.11
 encapsulation dot1Q 11 native
 no ip route-cache
 bridge-group 11
 no bridge-group 11 source-learning
 bridge-group 11 spanning-disabled
!
interface GigabitEthernet0.12
 encapsulation dot1Q 12
 no ip route-cache
 bridge-group 12
 no bridge-group 12 source-learning
 bridge-group 12 spanning-disabled
!
interface BVI1
 ip address 10.10.10.3 255.255.255.0
 no ip route-cache
!
ip default-gateway 10.10.10.1
no ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 protocol ieee
bridge 1 route ip
!
!
!
line con 0
 privilege level 15
 password 7 someencryptedpassword
 logging synchronous
 login local
 no activation-character
line vty 0 4
 password 7 someencryptedpassword
 logging synchronous
 login local
!
end
My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
· Share on FacebookShare on Twitter

Comments

  • LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
    Ok, so I'm trying to figure out why I can't get the BVI interface to stay up. does it have anything to do with native vlans?



    VLAN and interface stats from the host router side of the 881W
    R1-881W#show vlan-switch

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa3
11   MAIN_VLAN                        active    Fa0, Fa1
12   VLAN0012                         active    Fa2
101  wifi_and_faste_dot1x             active
102  WebAuth_Guest_data_vlan          active
701  voice_vlan                       active
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        1002   1003
11   enet  100011     1500  -      -      -        -    -        0      0
12   enet  100012     1500  -      -      -        -    -        0      0
101  enet  100101     1500  -      -      -        -    -        0      0
102  enet  100102     1500  -      -      -        -    -        0      0
701  enet  100701     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        1      1003

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1003 tr    101003     1500  1005   0      -        -    srb      1      1002
1004 fdnet 101004     1500  -      -      1        ibm  -        0      0
1005 trnet 101005     1500  -      -      1        ibm  -        0      0


R1-881W#show interface trunk

Port      Mode         Encapsulation  Status        Native vlan
Wl0       on           802.1q         trunking      1

Port      Vlans allowed on trunk
Wl0       1-4094

Port      Vlans allowed and active in management domain
Wl0       1-2,11-12,101-102,701

Port      Vlans in spanning tree forwarding state and not pruned
Wl0       1-2,11-12,101-102,701

R1-881W#show interface status

Port    Name               Status       Vlan       Duplex Speed Type
Fa0                        connected    11         a-full   a-100 10/100BaseTX
Fa1                        notconnect   11           auto    auto 10/100BaseTX
Fa2                        notconnect   12           auto    auto 10/100BaseTX
Fa3                        notconnect   1            auto    auto 10/100BaseTX
Wl0     Internal switch in connected    trunk      a-full  a-1000 10/100BaseTX



R1-881W#show ip interface brief

Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0              unassigned      YES unset  up                    up
FastEthernet1              unassigned      YES unset  up                    down
FastEthernet2              unassigned      YES unset  up                    down
FastEthernet3              unassigned      YES unset  up                    down
FastEthernet4              unassigned      YES DHCP   up                    down
NVI0                       unassigned      YES unset  administratively down down
SSLVPN-VIF0                unassigned      NO  unset  up                    up
Vlan1                      unassigned      YES NVRAM  up                    up
Vlan11                     10.10.10.1      YES NVRAM  up                    up
Vlan12                     192.168.1.1     YES NVRAM  up                    up
Wlan-GigabitEthernet0      unassigned      YES unset  up                    up
wlan-ap0                   10.10.10.1      YES TFTP   up                    up

    VLAN and interface stats from the AP side of the 881W
    AP-881W#show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
BVI1                       10.10.10.3      YES NVRAM  down                  down
Dot11Radio0                unassigned      YES NVRAM  up                    up
Dot11Radio0.11             unassigned      YES unset  up                    up
Dot11Radio0.12             unassigned      YES unset  up                    up
GigabitEthernet0           unassigned      YES NVRAM  up                    up
GigabitEthernet0.11        unassigned      YES unset  up                    up
GigabitEthernet0.12        unassigned      YES unset  up                    up

AP-881W#show interface stats
BVI1
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor          0          0         11        660
             Route cache          0          0          0          0
                   Total          0          0         11        660
Dot11Radio0
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor     108294    5988445       1572     316905
             Route cache       1504     263440       1277      69368
                   Total     109798    6251885       2849     386273
GigabitEthernet0
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor      25555    1533300      20937    2308024
             Route cache       1655     242071          0          0
                   Total      27210    1775371      20937    2308024

AP-881W#show vlans

Virtual LAN ID:  1 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interfaces:  Dot11Radio0
GigabitEthernet0

   Protocols Configured:   Address:              Received:        Transmitted:
        Other                                           0               20632

   0 packets, 0 bytes input
   2581 packets, 916255 bytes output
        Other                                           0               20632

   0 packets, 0 bytes input
   18051 packets, 1282405 bytes output

Virtual LAN ID:  11 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interfaces:  Dot11Radio0.11
GigabitEthernet0.11

 This is configured as native Vlan for the following interface(s) :
Dot11Radio0
GigabitEthernet0

   Protocols Configured:   Address:              Received:        Transmitted:
        Bridging        Bridge Group 11             26879                1570
        Other                                           0                   5

   139 packets, 20794 bytes input
   1513 packets, 233131 bytes output
        Bridging        Bridge Group 11             26879                1570
        Other                                           0                   5

   27089 packets, 1867921 bytes input
   68 packets, 16278 bytes output

Virtual LAN ID:  12 (IEEE 802.1Q Encapsulation)

   vLAN Trunk Interfaces:  Dot11Radio0.12
GigabitEthernet0.12

   Protocols Configured:   Address:              Received:        Transmitted:
        Bridging        Bridge Group 12              2205                2814
        Other                                           0                  75

   2258 packets, 307258 bytes input
   1566 packets, 268093 bytes output
        Bridging        Bridge Group 12              2205                2814
        Other                                           0                  75

   646 packets, 54516 bytes input
   1434 packets, 252634 bytes output
    My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
    AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
    WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
    · Share on FacebookShare on Twitter
  • LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
    Well, I did some troubleshooting tonight, and I was able to get the BVI1 interface up. I was able to get a DHCP IP address from one of my SSID's, but not the other. The strange thing is that I cannot ping between the BVI interface (10.10.10.3) on the AP side, and the Host router/VLAN11 address (10.10.10.1).... My DHCP config resides on the host router side, but addresses are being allocated for one of my SSID's, even though I can't ping between the AP and Host Router.... I tested this out by changing the range of the excluded dhcp pool on that SSID, and it allocated a new address...
    My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
    AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
    WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
    · Share on FacebookShare on Twitter
  • LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
    Ok, so I did some DHCP debugging, and found that the DHCP pool associated with VLAN 12 (192.168.1.0 network) works perfectly. When I connected to the SSID linked to vlan 12, I got the output below on the router side:
    R1-881W#debug ip dhcp server events

*May  1 19:34:03.892: DHCPD: Sending notification of ASSIGNMENT:
*May  1 19:34:03.892:  DHCPD: address 192.168.1.3 mask 255.255.255.0
*May  1 19:34:03.892:   DHCPD: htype 1 chaddr 54321.caba.d00d
*May  1 19:34:03.892:   DHCPD: lease time remaining (secs) = 86400

[B]Verifying:[/B]

R1-881W#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address          Client-ID/              Lease expiration        Type
                    Hardware address/
                    User name
192.168.1.3         0154.321c.abad.00d       May 02 2012 07:34 PM    Automatic

[B]I then cleared the binding so the address would go back to the pool:
[/B]
R1-881W#clear ip dhcp binding 192.168.1.3
R1-881W#show ip dhcp binding
*May  1 19:37:50.952: DHCPD: Sending notification of TERMINATION:
*May  1 19:37:50.952:  DHCPD: address 192.168.1.3 mask 255.255.255.0
*May  1 19:37:50.952:  DHCPD: reason flags:
*May  1 19:37:50.952:   DHCPD: htype 1 chaddr 54321.caba.d00d
*May  1 19:37:50.952:   DHCPD: lease time remaining (secs) = 86173
*May  1 19:37:50.952: DHCPD: returned 192.168.1.3 to address pool Guest.

[B]Verifying:[/B]

R1-881W#show ip dhcp binding
*May  1 19:38:02.288: DHCPD: checking for expired leases.
R1-881W#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address          Client-ID/              Lease expiration        Type
                    Hardware address/
                    User name

[B]DHCP Pool Info:[/B]

R1-881W#show ip dhcp pool

Pool myDHCPpool :
 Utilization mark (high/low)    : 100 / 0
 Subnet size (first/next)       : 0 / 0
 Total addresses                : 254
 Leased addresses               : 0
 Pending event                  : none
 1 subnet is currently in the pool :
 Current index        IP address range                    Leased addresses
 10.10.10.1           10.10.10.1       - 10.10.10.254      0

Pool Guest :
 Utilization mark (high/low)    : 100 / 0
 Subnet size (first/next)       : 0 / 0
 Total addresses                : 254
 Leased addresses               : 0
 Pending event                  : none
 1 subnet is currently in the pool :
 Current index        IP address range                    Leased addresses
 192.168.1.4          192.168.1.1      - 192.168.1.254     0
R1-881W#

    When I tried to associate to the SSID linked to VLAN 11 (10.10.10.0 network), nothing happened, and it just sat and spun. On the AP side, it shows that the association was made, but no IP address was assigned. Does anyone have any ideas why this may be?

    Just for grins, here is my "show ip route" from the host router side of the 881W:
    R1-881W#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets
C       10.10.10.0 is directly connected, Vlan11
C    192.168.1.0/24 is directly connected, Vlan12


R1-881W#show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0              unassigned      YES unset  down                  down
FastEthernet1              unassigned      YES unset  up                    down
FastEthernet2              unassigned      YES unset  up                    down
FastEthernet3              unassigned      YES unset  up                    down
FastEthernet4              unassigned      YES NVRAM  up                    down
NVI0                       unassigned      YES unset  administratively down down
SSLVPN-VIF0                unassigned      NO  unset  up                    up
Vlan1                      unassigned      YES NVRAM  up                    up
[B]Vlan11                     10.10.10.1      YES NVRAM  up                    up
Vlan12                     192.168.1.1     YES NVRAM  up                    up[/B]
Wlan-GigabitEthernet0      unassigned      YES unset  up                    up
    My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
    AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
    WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
    · Share on FacebookShare on Twitter
  • deth1kdeth1k Member Posts: 312
    So you have bridge-group 11 and 12 under your interfaces yet bridge-group 1 configured
    · Share on FacebookShare on Twitter
  • deth1kdeth1k Member Posts: 312
    also why don't you terminate your clients on AP direct i.e have an IP address under each dot11 interface? let us know what you are trying to achieve?
    · Share on FacebookShare on Twitter
  • LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
    Yes, because supposedly the 881W has two separate IOS instances inside; The router, and the AP. With the 881W, only one BVI interface can route traffic (in this case BVI1). Any other bridge-groups should route through BVI1. Last night I updated my configuration so that the bridge-group 11 is now defined as bridge-group 1, while the encapsulation is now "encapsulation Dot1Q 11 native". This was applied on interfaces Dot11Radio0.11 and GigabitEthernet0.11. I am working not to have to use VLAN 1. is this a futile attempt?

    The link below is where I went to make sense of the inner workings of the 881W:

    Dissecting The Cisco 881w ISR – Astorino Networks

    My configuration is based off of the following link:

    Cisco 880W (881W, 886W, 887W, 888W) Multiple - Dual SSID Integrated Access Point Configuration
    My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
    AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
    WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
    · Share on FacebookShare on Twitter
  • deth1kdeth1k Member Posts: 312
    well your BVI1 is not associated with any interface and wont route traffic, it was originally applied to Gi0 and Wifi interfaces when default config was on the box. Try adding bridge-group 1 to you Gi0 physical interface on the AP.
    · Share on FacebookShare on Twitter
  • LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
    Ok, after putting the "0.11" interfaces back in bridge-group 11, and putting the "0" interfaces in bridge-group 1, here is what I have now: Not able to ping still, but interfaces are all up. Also, only one DHCP pool "Guest" is working...
    [B]AP-881W#show ip interface brief[/B]
Interface                  IP-Address      OK? Method Status                Protocol
BVI1                       10.10.10.3      YES NVRAM  [COLOR=#006400][B]up[/B] [/COLOR]                   [COLOR=#006400][B]up[/B][/COLOR]
Dot11Radio0                unassigned      YES NVRAM  up                    up
Dot11Radio0.11             unassigned      YES unset  up                    up
Dot11Radio0.12             unassigned      YES unset  up                    up
GigabitEthernet0           unassigned      YES NVRAM  up                    up
GigabitEthernet0.11        unassigned      YES unset  up                    up
GigabitEthernet0.12        unassigned      YES unset  up                    up

[B]AP-881W#show bridge group[/B]

Bridge Group 1 is running the IEEE compatible Spanning Tree protocol

   Port 3 (Dot11Radio0) of bridge group 1 is forwarding
   Port 2 (GigabitEthernet0) of bridge group 1 is forwarding

[B]AP-881W#ping 10.10.10.1  [COLOR=#0000cd]<---Address of VLAN11 (router) interface[/COLOR]
[/B]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:

Apr 20 18:42:30.547: IP ARP: creating incomplete entry for IP address: 10.10.10.1 interface BVI1
Apr 20 18:42:30.547: IP ARP: sent req src 10.10.10.3 d0d0.fd46.a08c,
                 dst 10.10.10.1 0000.0000.0000 BVI1
Apr 20 18:42:31.547: IP ARP throttled out the ARP Request for 10.10.10.1.
Apr 20 18:42:32.547: IP ARP: sent req src 10.10.10.3 d0d0.fd46.a08c,
                 dst 10.10.10.1 0000.0000.0000 BVI1
Apr 20 18:42:33.547: IP ARP throttled out the ARP Request for 10.10.10.1
Apr 20 18:42:33.547: IP ARP throttled out the ARP Request for 10.10.10.1
Apr 20 18:42:34.547: IP ARP: sent req src 10.10.10.3 d0d0.fd46.a08c,
                 dst 10.10.10.1 0000.0000.0000 BVI1
Apr 20 18:42:35.547: IP ARP throttled out the ARP Request for 10.10.10.1.
Apr 20 18:42:36.547: IP ARP: sent req src 10.10.10.3 d0d0.fd46.a08c,
                 dst 10.10.10.1 0000.0000.0000 BVI1
Apr 20 18:42:36.547: IP ARP throttled out the ARP Request for 10.10.10.1
Apr 20 18:42:37.547: IP ARP throttled out the ARP Request for 10.10.10.1.
Apr 20 18:42:38.547: IP ARP: sent req src 10.10.10.3 d0d0.fd46.a08c,
                 dst 10.10.10.1 0000.0000.0000 BVI1
Apr 20 18:42:39.547: IP ARP throttled out the ARP Request for 10.10.10.1
Apr 20 18:42:39.547: IP ARP throttled out the ARP Request for 10.10.10.1
Apr 20 18:42:40.547: IP ARP: sent req src 10.10.10.3 d0d0.fd46.a08c,
                 dst 10.10.10.1 0000.0000.0000 BVI1
Apr 20 18:42:41.547: IP ARP throttled out the ARP Request for 10.10.10.1.
Apr 20 18:42:42.547: IP ARP: sent req src 10.10.10.3 d0d0.fd46.a08c,
                 dst 10.10.10.1 0000.0000.0000 BVI1
Apr 20 18:42:42.547: IP ARP throttled out the ARP Request for 10.10.10.1
Apr 20 18:42:43.547: IP ARP throttled out the ARP Request for 10.10.10.1.
[COLOR=#ff0000][B]Success rate is 0 percent (0/5)[/B][/COLOR]
AP-881W#
Apr 20 18:42:44.547: IP ARP: sent req src 10.10.10.3 d0d0.fd46.a08c,
                 dst 10.10.10.1 0000.0000.0000 BVI1
Apr 20 18:42:45.547: IP ARP throttled out the ARP Request for 10.10.10.1

[B]AP-881W#show arp[/B]
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.10.10.3              -   d0d0.fd46.a08c  ARPA   BVI1
    My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
    AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
    WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
    · Share on FacebookShare on Twitter
  • LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
    Wow, I guess this problem is more dubious that I originally thought....
    My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
    AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
    WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
    · Share on FacebookShare on Twitter
  • LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
    I went back and re-did my configuration putting everything that was in Vlan11 into Vlan1. This seemed to be the only thing that would work. So I have to use Vlan1 then it seems? Interesting.... Please tell me if I am wrong.
    My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
    AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
    WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
    · Share on FacebookShare on Twitter
  • LinuxRacrLinuxRacr Member Posts: 653 ■■■■□□□□□□
    This past weekend I fire-walled, and put my 881W out in the DMZplus mode via my U-verse RG. When I did show ip nat translations, I was able to see some, but I couldn't get out to the internet, even with my ip nat overload line. DNS wouldn't resolve either. I have a strange feeling some of this may be due to the firewall rules. This damn thing is making me learn a lot in a short time....
    My WGU B.S. IT - Security Progress : Transferred In|Remaining|In Progress|Completed
    AGC1, CLC1, GAC1, INC1, CTV1, INT1, BVC1, TBP1, TCP1, QLT1, HHT1, QBT1, BBC1 (39 CUs), (0 CUs) (0 CUs)
    WFV1, BNC1, EAV1, EBV1, COV1 | MGC1, IWC1 | CQV1, CNV1, IWT1, RIT1 | DRV1, DSV1, TPV1, CVV1 | EUP1, EUC1, DHV1| CUV1, C173 | BOV1, CJV1, TXP1, TXC1 | TYP1, TYC1, SBT1, RGT1 (84 CUs) DONE!
    · Share on FacebookShare on Twitter
Sign In or Register to comment.