[c-nsp] Cisco 1801W wireless configuration woes.
Dave Lim
dave.daturax at gmail.com
Tue Mar 28 08:36:51 EST 2006
What about the cipher suites? Do I have to enable those?
On 3/28/06, Dan Massey <dan at gconnect.net> wrote:
> I could not get wpa-psk to work through the gui interface and ended up
> using the cli instead. The basic commands were:
>
> ssid <name>
> authentication open
> authentication key-management wpa
> guest-mode
> wpa-psk ascii <key>
>
> Hope that helps
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dave Lim
> Sent: 28 March 2006 14:23
> To: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Cisco 1801W wireless configuration woes.
>
> Hi guys,
>
> I have no problem creating the SSID to access vlan100, after which I
> create a DHCP pool for this vla 100 n which is a different segment from
> the LAN (vlan1) and do a NAT inside. This was not an issue for me.
>
> But I have problems securing the wireless using WPA-PSK. When I try to
> configure the Wireless Security via the SDM in the SSID mananger to use
> WPA-PSK, it gives me this error
>
> "Vlan should not be associated with a SSID to configure this setting"
>
> Anyone have any idea? Can someone point me to a guide to configuring
> WPA-PSK for SSID Here's my running config.
> ip cef
> no ip dhcp use vrf connected
> ip dhcp excluded-address 10.10.10.1
> ip dhcp excluded-address 192.168.1.201 192.168.1.254 ip dhcp
> excluded-address 192.168.1.1 192.168.1.100 ip dhcp excluded-address
> 192.168.2.1 192.168.2.99 !
> ip dhcp pool testing at KA
> import all
> network 192.168.1.0 255.255.255.0
> dns-server 210.193.2.34 210.193.2.36
> default-router 192.168.1.1
> !
> ip dhcp pool testingGuest
> import all
> network 192.168.2.0 255.255.255.0
> dns-server 210.193.2.34 210.193.2.36
> default-router 192.168.2.1
> !
> !
> no ip domain lookup
> ip domain name testing.com.sg
> ip name-server 210.193.2.34
> !
> interface Dot11Radio0
> no ip address
> !
> ssid testing
> vlan 100
> authentication open
> guest-mode
> !
> speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
> 36.0 48.0 54.0 station-role root no dot11 extension aironet !
> interface Dot11Radio0.100
> encapsulation dot1Q 100
> ip address 192.168.2.1 255.255.255.0
> ip access-group 101 in
> ip access-group 101 out
> ip nat inside
> ip virtual-reassembly
> shutdown
> no snmp trap link-status
> no cdp enable
> !ip route 0.0.0.0 0.0.0.0 Dialer0
> ip route 192.168.10.0 255.255.255.0
>
>
>
> FastEthernet0
> On 3/28/06, Asbjorn Hojmark - Lists <lists at hojmark.org> wrote:
> > > But he had a special request for his wireless. He wants the wireless
>
> > > clients connect to the Cisco 1801 wireless, denied LAN
> => > access and only internet access.
> >
> > Run the WLAN in a subnet separate to the LAN, and apply an access
> > list, which denies WLAN<->LAN access and permits all other traffic.
> >
> > -A
> >
> >
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list