[c-nsp] Cisco 1801W wireless configuration woes.
Dave Lim
dave.daturax at gmail.com
Tue Mar 28 08:22:37 EST 2006
Hi guys,
I have no problem creating the SSID to access vlan100, after which I
create a DHCP pool for this vla 100 n which is a different segment
from the LAN (vlan1) and do a NAT inside. This was not an issue for
me.
But I have problems securing the wireless using WPA-PSK. When I try to
configure the Wireless Security via the SDM in the SSID mananger to
use WPA-PSK, it gives me this error
"Vlan should not be associated with a SSID to configure this setting"
Anyone have any idea? Can someone point me to a guide to configuring
WPA-PSK for SSID
Here's my running config.
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.201 192.168.1.254
ip dhcp excluded-address 192.168.1.1 192.168.1.100
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool testing at KA
import all
network 192.168.1.0 255.255.255.0
dns-server 210.193.2.34 210.193.2.36
default-router 192.168.1.1
!
ip dhcp pool testingGuest
import all
network 192.168.2.0 255.255.255.0
dns-server 210.193.2.34 210.193.2.36
default-router 192.168.2.1
!
!
no ip domain lookup
ip domain name testing.com.sg
ip name-server 210.193.2.34
!
interface Dot11Radio0
no ip address
!
ssid testing
vlan 100
authentication open
guest-mode
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
36.0 48.0 54.0
station-role root
no dot11 extension aironet
!
interface Dot11Radio0.100
encapsulation dot1Q 100
ip address 192.168.2.1 255.255.255.0
ip access-group 101 in
ip access-group 101 out
ip nat inside
ip virtual-reassembly
shutdown
no snmp trap link-status
no cdp enable
!ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 192.168.10.0 255.255.255.0
FastEthernet0
On 3/28/06, Asbjorn Hojmark - Lists <lists at hojmark.org> wrote:
> > But he had a special request for his wireless. He wants the
> > wireless clients connect to the Cisco 1801 wireless, denied LAN
=> > access and only internet access.
>
> Run the WLAN in a subnet separate to the LAN, and apply an
> access list, which denies WLAN<->LAN access and permits all
> other traffic.
>
> -A
>
>
More information about the cisco-nsp
mailing list