Καλησπέρα, θέλω να μετατρέψω έναν 877 σε access point για μερικά wireless interfaces (όλα guest, μόνο για πρόσβαση στο internet).
Ο router είναι πάλι ένας 877 ο οποίος έχει διάφορα ACL, VPN και μερικά wirelless πάνω του (κάποια bridged και κάποια guest) (ξέρω ότι έχει μικρή ισχύ, αλλά αυτός υπάρχει!!!).
Δηλαδή έχουμε:
ADSL-->877router (vlan1=10.101.101.1,dot11 0.21=10.101.106.1, dot11 0.22=10.101.107.1)--->[trunk line Fastethernet]--->
--->877AccessPoint(vlan1=10.101.101.252, dot11 0.31=10.101.111.252, dot11 0.32=10.101.112.252)
Από το IOS του AccessPoint μπορώ να κάνω ping στο router και στους διάφορους wired υπολογιστές, καθώς και ping σε
ιστοσελίδες ipv4.
Άρα το πρώτο πρόβλημα είναι ότι δεν έχω ipv6 resolution στο access point
Οι συσκευές συνδέονται στο access point ασύρματα (πχ ip 10.101.111.2, gateway 10.101.111.252) αλλά δεν μπορούν να
συνδεθούν στο internet (κάνουν resolveμέσω του DNS από url σε διεύθυνση ipv4, αλλά ούτε Ping δεν μπορούν να κάνουν εκεί)
Το δεύτερο πρόβλημα είναι λοιπόν ότι δεν γίνεται routing από τα wireless interfaces του access point στο router μέσω του trunk line.
Καμιά ιδέα;
και μερικά print outsΚώδικας:! ! Last configuration change at 04:52:41 EET Sun Aug 7 2016 by XXX ! NVRAM config last updated at 04:52:42 EET Sun Aug 7 2016 by XXX ! version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service internal service sequence-numbers ! hostname ap_XXX ! boot-start-marker boot system flash:/c870-adventerprisek9-mz.124-24.T7.bin boot-end-marker ! security authentication failure rate 3 log security passwords min-length 6 logging message-counter syslog logging userinfo logging buffered 32767 logging console informational enable secret 5 XXX ! aaa new-model ! ! aaa authentication login local_authen local aaa authentication ppp default local aaa authorization exec local_author local ! ! aaa session-id common clock timezone EET 2 clock summer-time EET recurring last Sun Mar 2:00 last Sun Oct 3:00 ! crypto pki trustpoint TP-self-signed-XXX enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-XXX revocation-check none rsakeypair TP-self-signed-XXX ! ! crypto pki certificate chain TP-self-signed-XXX certificate self-signed 01 nvram:IOS-Self-SigXXX.cer dot11 mbssid dot11 syslog ! dot11 ssid athena2 vlan 31 authentication open authentication key-management wpa mbssid guest-mode wpa-psk ascii 7 XXX ! dot11 ssid cronos2 vlan 32 authentication open authentication key-management wpa mbssid guest-mode wpa-psk ascii 7 XXX ! ip source-route ! ! no ip dhcp use vrf connected ip dhcp excluded-address 10.101.111.1 ip dhcp excluded-address 10.101.112.1 ip dhcp excluded-address 10.101.101.252 ip dhcp excluded-address 10.101.111.252 ip dhcp excluded-address 10.101.112.252 ! ip dhcp pool dhcp_wlanA import all network 10.101.111.0 255.255.255.0 dns-server 10.101.111.252 default-router 10.101.111.252 ! ip dhcp pool dhcp_wlanC import all network 10.101.112.0 255.255.255.0 dns-server 10.101.112.252 default-router 10.101.112.252 ! ! ip cef no ip bootp server ip name-server 10.101.101.1 ip multicast-routing ip inspect max-incomplete high 900 ip inspect max-incomplete low 800 no ip igmp snooping login on-failure log login on-success log ipv6 unicast-routing no ipv6 source-route ipv6 cef ipv6 dhcp pool lan6_dhcp import dns-server import domain-name ! ! multilink bundle-name authenticated ! ! ! vtp mode client username XXX privilege 15 secret 5 XXX ! ! ! archive log config hidekeys ! ! ip tcp synwait-time 10 no ip ftp passive ! ! ! interface Null0 no ip unreachables ! interface BRI0 no ip address encapsulation hdlc shutdown ! interface ATM0 no ip address shutdown no atm ilmi-keepalive dsl bitswap both ! interface FastEthernet0 description -- trunk interface with basement router --- switchport mode trunk spanning-tree portfast ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Dot11Radio0 description $WLAN$ no ip address no ip redirects ip local-proxy-arp ! encryption vlan 31 mode ciphers aes-ccm tkip ! encryption vlan 32 mode ciphers aes-ccm tkip ! broadcast-key vlan 31 change 60 ! broadcast-key vlan 32 change 60 ! ! ssid athena2 ! ssid cronos2 ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root access-point rts threshold 2312 ! interface Dot11Radio0.31 description $athena2$vlan 31$ encapsulation dot1Q 31 ip address 10.101.111.252 255.255.255.0 no ip redirects ip local-proxy-arp ip nat inside ip virtual-reassembly no cdp enable ! interface Dot11Radio0.32 description $cronos2$vlan 32$ encapsulation dot1Q 32 ip address 10.101.112.252 255.255.255.0 no ip redirects ip local-proxy-arp ip nat inside ip virtual-reassembly no cdp enable ! interface Vlan1 ip address 10.101.101.252 255.255.255.0 ip directed-broadcast 50 no ip proxy-arp ip flow ingress ip nat inside ip virtual-reassembly ip tcp adjust-mss 1412 ipv6 address FE80::AAAA:BBBB:CCCC:1252 link-local ipv6 enable hold-queue 100 out ! interface Dialer2 no ip address shutdown no cdp enable ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 Vlan1 10.101.101.1 no ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 180 life 86400 requests 10000 ! ! ip dns server ip nat inside source list 7 interface Vlan1 overload ! logging trap notifications logging facility local6 logging source-interface Vlan1 logging 10.101.101.30 access-list 1 permit 212.205.221.32 log access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark CCP_ACL Category=2 access-list 1 permit 10.101.101.0 0.0.0.255 log access-list 1 permit 10.101.102.0 0.0.0.255 log access-list 1 permit 10.101.110.0 0.0.0.255 log access-list 1 permit 10.101.111.0 0.0.0.255 log access-list 1 permit 10.101.112.0 0.0.0.255 log access-list 7 permit 10.101.111.0 0.0.0.255 access-list 7 permit 10.101.112.0 0.0.0.255 no cdp run ipv6 route ::/0 Vlan1 FE80::AAAA:BBBB:CCCC:1 ! ipv6 access-list ipv6-internet-in χχχχ ! control-plane ! ! scheduler max-task-time 5000 scheduler allocate 4000 1000 scheduler interval 500 ntp server 62.103.129.253 ! webvpn context Default_context ssl authenticate verify all ! no inservice ! end
Βέβαια δεν έχω outside interface, όλα inside είναι.Κώδικας:ap#sh ip rout Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is 10.101.101.1 to network 0.0.0.0 10.0.0.0/24 is subnetted, 2 subnets C 10.101.110.0 is directly connected, Dot11Radio0.30 C 10.101.101.0 is directly connected, Vlan1 S* 0.0.0.0/0 [1/0] via 10.101.101.1, Vlan1
Κώδικας:------------------ show ip nat statistics ------------------ Total active translations: 0 (0 static, 0 dynamic; 0 extended) Peak translations: 0, occurred 00:56:41 ago Outside interfaces: Inside interfaces: Dot11Radio0.30, Dot11Radio0.31, Dot11Radio0.32, Dot11Radio0.33, Vlan1 Hits: 0 Misses: 0 CEF Translated packets: 0, CEF Punted packets: 0 Expired translations: 0 Dynamic mappings: -- Inside Source [Id: 1] access-list 7 interface Vlan1 refcount 0 Appl doors: 0 Normal doors: 0 Queued Packets: 0 ------------------ show ip nat translations ------------------
Εμφάνιση 1-1 από 1
-
07-08-16, 05:29 Μετατροπή Router 877 σε access point #1
Παρόμοια Θέματα
-
Σεταρισμα router σε access point
Από kcostas7 στο φόρουμ ADSLΜηνύματα: 8Τελευταίο Μήνυμα: 25-06-16, 11:47 -
Πως μπορώ να κάνω το παλιό μου Router Repeater/Access Point
Από jimmys στο φόρουμ Wireless NetworkingΜηνύματα: 15Τελευταίο Μήνυμα: 19-04-16, 21:58 -
[TP-Link] Internet σε μονοκατοικία. Router - access point
Από loukoumaki στο φόρουμ ADSL & Broadband Hardware, routers και modems...Μηνύματα: 12Τελευταίο Μήνυμα: 04-04-16, 19:40 -
[Other] Wireless Access Point / Router για High Bandwidth & κάλυψη χώρου
Από Core2Extreme στο φόρουμ ADSL & Broadband Hardware, routers και modems...Μηνύματα: 4Τελευταίο Μήνυμα: 20-12-15, 20:02 -
[Gennet] Αδυναμία μετατροπής παλιου modem router σε wireless access point
Από Gianniskriti στο φόρουμ ADSL & Broadband Hardware, routers και modems...Μηνύματα: 15Τελευταίο Μήνυμα: 17-11-15, 21:52
Bookmarks