Cisco851W, dpride, 20-Авг-10, 17:32 [смотреть все]Есть Cisco 851W с IOS c850-advsecurityk9-mz.124-15.T1.bin. Настроил две беспроводные сети, пока пользуються только одной (192.168.3.0) и почему-то нет пинга между беспроводными клиентами. Соответственно от беспроводных клиентов пингуеться сам маршрутизатор, а также, то что в него воткнуто через Ethernet. Вопрос: Как это побороть? Пинг 2 или 3 раза появлялся после перезагрузки, а потом исчезал. Конфиг ниже.Building configuration... Current configuration : 6110 bytes ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname gw-ics-krasnodar ! boot-start-marker boot-end-marker ! enable secret 5 SECRET ! no aaa new-model clock timezone msk 3 ! ! crypto isakmp policy 1 encr aes authentication pre-share group 2 lifetime 3600 crypto isakmp key KEY address 0.0.0.0 0.0.0.0 ! ! crypto ipsec transform-set STS_VPN esp-aes esp-sha-hmac mode transport ! crypto ipsec profile tun_prof set transform-set STS_VPN ! ! ! ! ! dot11 ssid ICS-KRASNODAR vlan 1 authentication open authentication key-management wpa wpa-psk ascii 0 KEY information-element ssidl advertisement ! dot11 ssid ICS-KRASNODAR-GUEST vlan 2 authentication open authentication key-management wpa guest-mode wpa-psk ascii 0 KEY ! no ip dhcp use vrf connected ip dhcp excluded-address 10.10.120.1 10.10.120.19 ip dhcp excluded-address 192.168.3.1 192.168.3.59 ! ip dhcp pool ICS-KRASNODAR import all network 192.168.3.0 255.255.255.0 default-router 192.168.3.1 dns-server 192.168.0.2 192.168.3.1 domain-name ics.local netbios-name-server 192.168.0.2 ! ip dhcp pool ICS-KRASNODAR-GUEST import all network 10.10.120.0 255.255.255.0 dns-server 10.10.120.1 domain-name ics.local default-router 10.10.120.1 ! ! ip cef ip name-server NAME SERVER ! ! ! archive log config hidekeys ! ! ! bridge irb ! ! interface Tunnel1 description Main tunnel to ofice ip address 10.10.200.6 255.255.255.252 ip mtu 1400 ip rip v2-broadcast delay 1000 tunnel source FastEthernet4 tunnel destination OFFICE IP tunnel path-mtu-discovery tunnel protection ipsec profile tun_prof ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface FastEthernet4 ip address EXT IP ADD ip nat outside ip virtual-reassembly duplex auto speed auto ! interface Dot11Radio0 no ip address ! encryption vlan 1 mode ciphers aes-ccm ! encryption vlan 2 mode ciphers tkip ! ssid ICS-KRASNODAR ! ssid ICS-KRASNODAR-GUEST ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root ! interface Dot11Radio0.1 description ICS Krasnodar main interface encapsulation dot1Q 1 native no cdp enable bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio0.2 encapsulation dot1Q 2 no cdp enable bridge-group 2 bridge-group 2 subscriber-loop-control bridge-group 2 spanning-disabled bridge-group 2 block-unknown-source no bridge-group 2 source-learning no bridge-group 2 unicast-flooding ! interface Vlan1 no ip address bridge-group 1 bridge-group 1 spanning-disabled ! interface Vlan2 no ip address bridge-group 2 bridge-group 2 spanning-disabled ! interface BVI1 ip address 192.168.3.1 255.255.255.0 ip flow ingress ip flow egress ip nat inside ip virtual-reassembly ip route-cache flow ! interface BVI2 ip address 10.10.120.1 255.255.255.0 ip flow ingress ip flow egress ip nat inside ip virtual-reassembly ! router rip version 2 network 10.0.0.0 network 192.168.3.0 ! ip route 0.0.0.0 0.0.0.0 PROVIDER GW ip flow-export version 9 ip flow-export destination 192.168.0.2 9996 ! no ip http server no ip http secure-server ip dns server ip nat inside source list 100 interface FastEthernet4 overload ip nat inside source list 150 interface FastEthernet4 overload ! access-list 1 permit 192.168.0.2 access-list 1 permit 192.168.0.6 access-list 100 deny ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.0.255 access-list 100 deny ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255 access-list 100 permit ip 192.168.3.0 0.0.0.255 any access-list 150 permit ip 10.10.120.0 0.0.0.255 any snmp-server community vgH97nKv RO 1 ! control-plane ! bridge 1 protocol ieee bridge 1 route ip bridge 2 protocol ieee bridge 2 route ip ! line con 0 no modem enable line aux 0 line vty 0 4 password CONSPWD login ! scheduler max-task-time 5000 end
|
- Cisco851W, dpride, 15:59 , 26-Авг-10 (2)
Народ, умные мысли у кого-нибудь появились
- Cisco851W, dpride, 12:10 , 08-Сен-10 (3)
>Народ, умные мысли у кого-нибудь появились Отвечаю сам себе, как только убрал Vlan, и множественные SSID, так сразу все и заработало. Вопрос: как правильно сделать с Vlan.
|