Hi,
I have just replaced my 837 and AP350 with an integrated 877W and it all works fine except that I can no longer ping or communicate between any two wireless hosts. Wired LAN devices can ping wireless devices and wireless devices can ping wired LAN devices.
The problem it causes me is that my printers are wireless and I cannot print at the moment. I have a very simple config bridging the wireless and VLAN1, see below.
I assume this is a new security feature but I can't find a way around it, has anybody seen this before?
IOS version: c870-advsecurityk9-mz.123-8.YI1.bin
Many thanks,
Nick Ersdown
version 12.3 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname router ! boot-start-marker boot-end-marker ! logging buffered 16000 debugging enable secret ! username privilege 15 password aaa new-model ! ! aaa authentication login userauthen local aaa authorization network groupauthor local aaa session-id common ip subnet-zero ip cef ! ! ip inspect name DEFAULT100 cuseeme ip inspect name DEFAULT100 ftp ip inspect name DEFAULT100 h323 ip inspect name DEFAULT100 icmp ip inspect name DEFAULT100 netshow ip inspect name DEFAULT100 rcmd ip inspect name DEFAULT100 realaudio ip inspect name DEFAULT100 rtsp ip inspect name DEFAULT100 esmtp ip inspect name DEFAULT100 sqlnet ip inspect name DEFAULT100 streamworks ip inspect name DEFAULT100 tftp ip inspect name DEFAULT100 tcp ip inspect name DEFAULT100 udp ip inspect name DEFAULT100 vdolive ip domain name no ftp-server write-enable ! ! ! bridge irb ! ! interface ATM0 no ip address no ip mroute-cache no atm ilmi-keepalive pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! dsl operating-mode auto ! interface FastEthernet0 no ip address ! interface FastEthernet1 no ip address ! interface FastEthernet2 no ip address duplex full speed 100 ! interface FastEthernet3 no ip address ! interface Dot11Radio0 no ip address no ip route-cache cef no ip route-cache ! encryption key 1 size 128bit 7 transmit-key encryption mode wep mandatory ! ssid authentication open authentication shared ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
48.0 54.0 channel least-congested 2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 bridge-group 1 bridge-group 1 spanning-disabled ! interface Vlan1 description $FW_INSIDE$ no ip address ip virtual-reassembly no ip mroute-cache bridge-group 1 hold-queue 40 out ! interface Dialer0 description Connects to ISP ip address ip mtu 1492 ip inspect DEFAULT100 out ip nat outside ip virtual-reassembly encapsulation ppp no ip route-cache cef no ip route-cache ip tcp adjust-mss 1452 no ip mroute-cache dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap callin ppp chap hostname ppp chap password 7 ! interface BVI1 description $ES_LAN$ ip address 192.168.x.x 255.255.255.0 ip access-group 101 in ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer0 ! no ip http server ip http secure-server ip nat inside source list 100 interface Dialer0 overload ! dialer-list 1 protocol ip permit ! control-plane ! bridge 1 protocol ieee bridge 1 route ip ! line con 0 exec-timeout 0 0 logging synchronous no modem enable transport preferred all transport output all stopbits 1 line aux 0 transport preferred all transport output all stopbits 1 line vty 0 4 access-class 23 in password 7 logging synchronous transport preferred all transport input all transport output all ! scheduler max-task-time 5000 end