Question
-
CreatorTopic
-
November 1, 2016 at 2:09 pm #2341879
cisco 870 w
Lockedby daveymannion · about 7 years, 4 months ago
Tags: Networking
hi , there was a topic posted here a while back on the cisco 870w config.
in it it said there was a man name JUstin James who had a template for configuring the device.
but the link is dead it seems
does any one have that template or a similar one .
im having problems getting this router workingTopic is locked -
CreatorTopic
All Answers
-
AuthorReplies
-
-
April 18, 2017 at 3:16 pm #2442897
Sample config
by ianc1 · about 6 years, 11 months ago
In reply to cisco 870 w
daveymannion I am not sure if you have received your sample config yet since this post is over 5 months old but here is a basic config for an 870W series router (note this works for the 880W and 890W series routers as well). I am assuming your LAN network is 192.168.1.0/24 and that you want to have a guest wireless SSID on a separate subnet.
Router#sh conf
!
!
ip dhcp excluded-address 192.168.1.1 192.168.1.150
ip dhcp excluded-address 192.168.1.200 192.168.1.254
ip dhcp excluded-address 172.16.1.1 172.16.1.150
ip dhcp excluded-address 172.16.1.200 172.16.1.254
!
ip dhcp pool Local
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 4.2.2.1
lease 0 2
!
ip dhcp pool Wireless-Guest
network 172.16.1.0 255.255.255.0
dns-server 8.8.8.8
default-router 172.16.1.254
!
!
no ip domain lookup
ip domain name yourdomain.com
no ipv6 cef
!
!
no spanning-tree vlan 1
!
!
archive
log config
logging enable
logging size 250
hidekeys
!
!
bridge irb
!
interface FastEthernet4
description WAN Link
ip address x.x.x.x x.x.x.x
ip nat outside
duplex auto
speed auto
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
no ip address
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered BVI1
!
interface Vlan1
no ip address
ip nat inside
bridge-group 1
!
interface Vlan2
no ip address
ip nat inside
bridge-group 2
!
interface BVI1
ip address 192.168.1.1 255.255.255.0
!
interface BVI2
ip address 172.16.1.254 255.255.255.0
!
ip nat inside source list DO_NAT interface GigabitEthernet0 overload
!
ip access-list extended DO_NAT
deny ip 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255
deny ip 192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255
deny ip 172.16.1.0 0.0.0.255 172.16.1.0 0.0.0.255
deny ip 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255
permit tcp 192.168.1.0 0.0.0.255 any
permit udp 192.168.1.0 0.0.0.255 any
permit icmp 192.168.1.0 0.0.0.255 any echo
permit tcp 172.16.1.0 0.0.0.255 any
permit udp 172.16.1.0 0.0.0.255 any
permit icmp 172.16.1.0 0.0.0.255 any echo
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
!
!
end-
April 18, 2017 at 3:16 pm #2442896
AP Side
by ianc1 · about 6 years, 11 months ago
In reply to Sample config
Here is the AP side of the config as well:
ap#sh conf
!
dot11 syslog
!
dot11 ssid PRIVATEGUEST
vlan 2
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 0 PASSPHRASE
!
dot11 ssid WIRELESS1
vlan 1
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 0 PASSPHRASE
!
dot11 network-map 30
!
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers aes-ccm
!
encryption vlan 2 mode ciphers aes-ccm
!
ssid PRIVATEGUEST
!
ssid WIRELESS1
!
antenna gain 0
mbssid
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
!
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host
router
no ip address
no ip route-cache
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
!
interface BVI1
ip address XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
no ip route-cache
!
ip default-gateway XXX.XXX.XXX.XXX
!
bridge 1 protocol ieee
bridge 1 route ip
!
endap#
-
-
-
AuthorReplies