[c-nsp] Cisco 1801W wireless configuration woes.

Dave Lim dave.daturax at gmail.com
Tue Mar 28 08:22:37 EST 2006 

Hi guys,

I have no problem creating the SSID to access vlan100, after which I
create a DHCP pool for this vla 100 n which is a different segment
from the LAN (vlan1) and do a NAT inside. This was not an issue for
me.

But I have problems securing the wireless using WPA-PSK. When I try to
configure the Wireless Security via the SDM in the SSID mananger to
use WPA-PSK, it gives me this error

"Vlan should not be associated with a SSID to configure this setting"

Anyone have any idea? Can someone point me to a guide to configuring
WPA-PSK for SSID
Here's my running config.
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.201 192.168.1.254
ip dhcp excluded-address 192.168.1.1 192.168.1.100
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool testing at KA
   import all
   network 192.168.1.0 255.255.255.0
   dns-server 210.193.2.34 210.193.2.36
   default-router 192.168.1.1
!
ip dhcp pool testingGuest
   import all
   network 192.168.2.0 255.255.255.0
   dns-server 210.193.2.34 210.193.2.36
   default-router 192.168.2.1
!
!
no ip domain lookup
ip domain name testing.com.sg
ip name-server 210.193.2.34
!
interface Dot11Radio0
 no ip address
 !
 ssid testing
    vlan 100
    authentication open
    guest-mode
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
36.0 48.0 54.0
 station-role root
 no dot11 extension aironet
!
interface Dot11Radio0.100
 encapsulation dot1Q 100
 ip address 192.168.2.1 255.255.255.0
 ip access-group 101 in
 ip access-group 101 out
 ip nat inside
 ip virtual-reassembly
 shutdown
 no snmp trap link-status
 no cdp enable
!ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.10.0 255.255.255.0



 FastEthernet0
On 3/28/06, Asbjorn Hojmark - Lists <lists at hojmark.org> wrote:
> > But he had a special request for his wireless. He wants the
> > wireless clients connect to the Cisco 1801 wireless, denied LAN
=> > access and only internet access.
>
> Run the WLAN in a subnet separate to the LAN, and apply an
> access list, which denies WLAN<->LAN access and permits all
> other traffic.
>
> -A
>
>

More information about the cisco-nsp mailing list