Hi
Please forgive me, i am new to Cisco routers and I am slowly losing my hair...
I have added a Vlan and a couple of wireless interfaces using a template provided by the kind people at techrepulic.com.
Would someone mind taking a look at the following config?
Thanks
ciscobox#show config Using 5974 out of 131072 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname ciscobox ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings enable secret 5 enable password 7 ! aaa new-model ! ! aaa authentication login default local aaa authorization exec default local ! ! aaa session-id common ! crypto pki trustpoint TP-self-signed-821777187 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-821777187 revocation-check none rsakeypair TP-self-signed-821777187 ! ! crypto pki certificate chain TP-self-signed-821777187 certificate self-signed 01 nvram:IOS-Self-Sig#1B.cer dot11 syslog ! dot11 ssid ABCGuestWLAN vlan 20 authentication open authentication key-management wpa guest-mode wpa-psk ascii 7 03257928211A245F5A3A1C0605171F ! dot11 ssid ABCInternalWLAN vlan 1 authentication open authentication key-management wpa wpa-psk ascii 7 106F2B3A323B33253F012939213C ! no ip dhcp use vrf connected ip dhcp excluded-address 10.10.10.1 ip dhcp excluded-address 192.168.1.1 192.168.1.99 ip dhcp excluded-address 192.168.2.1 192.168.2.99 ! ip dhcp pool sdm-pool import all network 10.10.10.0 255.255.255.248 default-router 10.10.10.1 lease 0 2 ! ip dhcp pool Internal-net import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 domain-name ajbates.co.uk lease 4 ! ip dhcp pool VLAN20 import all network 192.168.2.0 255.255.255.0 default-router 192.168.2.1 domain-name ajbates.co.uk lease 4 ! ! ip cef ip inspect name MYFW tcp ip inspect name MYFW udp no ip domain lookup ip domain name ajbates.co.uk ! ! ! username alex privilege 15 password 7 ! ! archive log config hidekeys ! ! ! bridge irb ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ip address dhcp ip access-group Internet-inbound-ACL in ip inspect MYFW out ip nat outside ip virtual-reassembly ip tcp adjust-mss 1460 duplex auto speed auto no cdp enable ! interface Dot11Radio0 no ip address no dot11 extension aironet ! encryption vlan 1 mode ciphers tkip ! encryption vlan 20 mode ciphers tkip ! ssid ABCGuestWLAN ! ssid ABCInternalWLAN ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
36.0 48.0 54.0 channel 2462 station-role root no cdp enable ! interface Dot11Radio0.1 encapsulation dot1Q 1 native no cdp enable bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio0.20 description Guest wireless LAN - routed WLAN encapsulation dot1Q 20 ip address 192.168.2.1 255.255.255.0 ip access-group Guest-ACL in ip inspect MYFW out ip nat inside ip virtual-reassembly no cdp enable ! interface Vlan1 description Internal Network ip address 10.10.10.1 255.255.255.248 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 bridge-group 1 bridge-group 1 spanning-disabled ! interface BVI1 description Bridge to Internal Network ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 dhcp ! ip http server ip http access-class 23 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source list 1 interface FastEthernet4 overload ! ip access-list extended Guest-ACL deny ip any 192.168.1.0 0.0.0.255 permit ip any any ip access-list extended Internet-inbound-ACL permit udp any eq bootps any eq bootpc permit icmp any any echo permit icmp any any echo-reply permit icmp any any traceroute permit gre any any permit esp any any ! access-list 1 permit 192.168.1.0 0.0.0.255 access-list 1 permit 192.168.2.0 0.0.0.255 access-list 23 permit 10.10.10.0 0.0.0.7 no cdp run ! control-plane ! bridge 1 route ip banner exec ^C % Password expiration warning.-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level of 15 using the following command.
username privilege 15 secret 0
Replace and with the username and password you want to use.
----------------------------------------------------------------------- ^C banner login ^C
----------------------------------------------------------------------- Cisco Router and Security Device Manager (SDM) is installed on this device. This feature requires the one-time use of the username "cisco" with the password "cisco". The default username and password have a privilege le vel of 15.
Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.
username privilege 15 secret 0 no username cisco
Replace and with the username and password you want to use .
For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to
ciscobox#