Cisco 897VAMW Wireless Routed config med flere SSID

From Teknologisk videncenter
Jump to: navigation, search

Router config

DreamTeam-hold1#<input>sh run</input>
Building configuration...

Current configuration : 2777 bytes
!
! Last configuration change at 06:18:44 UTC Wed Jun 18 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname DreamTeam-hold1
!
boot-start-marker
boot-end-marker
!
!
enable password tdc
!
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
!
!
ip cef
!
!
!
!


!
!
ip dhcp pool RFC1918
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.1
 import all
 class LAN-ADD
  address range 192.168.10.100 192.168.10.199
!
ip dhcp pool GuestLAN
 network 192.168.12.0 255.255.255.0
 default-router 192.168.12.1
 import all
 class GuestLAnRange
  address range 192.168.12.200 192.168.12.240
!
!
ip dhcp class LAN-ADD
!
ip dhcp class GuestLAnRange
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid C897VAM-W-E-K9 sn FCZ1821902K
!
!
!
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
!
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
!
interface Ethernet0
 no ip address
 shutdown
!
interface GigabitEthernet0
 no ip address
!
interface GigabitEthernet1
 no ip address
!
interface GigabitEthernet2
 no ip address
!
interface GigabitEthernet3
 no ip address
!
interface GigabitEthernet4
 no ip address
!
interface GigabitEthernet5
 no ip address
!
interface GigabitEthernet6
 no ip address
!
interface GigabitEthernet7
 no ip address
!
interface GigabitEthernet8
 ip address dhcp client-id GigabitEthernet8
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
 media-type rj45
!
interface Wlan-GigabitEthernet8
 switchport trunk allowed vlan 1,10,20,1002-1005
 switchport mode trunk
 no ip address
!
interface wlan-ap0
 description Embedded Service module interface to manage the embedded AP
 ip unnumbered Vlan1
!
interface Vlan1
 description *** Data Net ***
 ip address 192.168.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan10
 description *** VoIP net ***
 ip address 192.168.11.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan20
 description **** Guest WIFI ***
 ip address 192.168.12.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list ACL_LAN_POOL interface GigabitEthernet8 overload
!
ip access-list standard ACL_LAN_POOL
 permit 192.168.10.0 0.0.0.255
 permit 192.168.11.0 0.0.0.255
 permit 192.168.12.0 0.0.0.255
!
!
!
control-plane
!
!
alias exec gotoap service-modul wlan-ap 0 session
!
line con 0
 no modem enable
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 stopbits 1
line vty 0 4
 password tdc
 login
 transport input all
!
scheduler allocate 20000 1000
!
end

AP config

DreamTeam-AP#<input>show run</input>
Building configuration...

Current configuration : 4948 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname DreamTeam-AP
!
logging rate-limit console 9
enable secret 5 $1$N6yk$BBSBjdSYHZ0PT6.JNMRAi1
!
no aaa new-model
no ip domain lookup
ip host tsmtek3 193.163.24.233
!
!
dot11 syslog
!
dot11 ssid Dreamteam-Data
   vlan 1
   authentication open
   authentication key-management wpa
   mbssid guest-mode
   wpa-psk ascii 7 06020E354D4A080D04
!
dot11 ssid Dreamteam-Guest
   vlan 20
   authentication open
   authentication key-management wpa
   mbssid guest-mode
   wpa-psk ascii 7 121E1012011F0B112F3830
!
dot11 ssid Dreamteam-Voice
   vlan 10
   authentication open
   authentication key-management wpa
   mbssid guest-mode
   wpa-psk ascii 7 03125402050A3743470A1C
!
!
crypto pki trustpoint TP-self-signed-3703804506
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3703804506
 revocation-check none
 rsakeypair TP-self-signed-3703804506
!
!
crypto pki certificate chain TP-self-signed-3703804506
 certificate self-signed 01
  3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33373033 38303435 3036301E 170D3032 30333031 30303139
  31315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 37303338
  30343530 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100ACA5 CF861AB6 7A4243F9 EC2BF5CD EA2234AB 80715FAA 76BEDE13 4337C156
  CC3C7979 BC77BB57 7F059FE4 220D6CF6 D02BE7EE 947A27EB 0BEFF642 0B1BCAB4
  2941D380 347A4951 BCA6DCCF BDF7B2A6 EC976C27 8AB683D3 5880F4AC D34052DF
  76DC5A7B AE96AB57 98125B58 FB581E8C B9DB011D 84EB3C85 B4FAA0A4 0C491267
  7EDB0203 010001A3 62306030 0F060355 1D130101 FF040530 030101FF 300D0603
  551D1104 06300482 02617030 1F060355 1D230418 30168014 B035F66A D1DE712B
  8709197C EDA79065 D06AE119 301D0603 551D0E04 160414B0 35F66AD1 DE712B87
  09197CED A79065D0 6AE11930 0D06092A 864886F7 0D010104 05000381 81001950
  EF135F86 525D8524 18872FEE A26DD0D0 7C55D98D 24145996 B1B554FE 14608646
  8224A0C7 3A61A621 74B2E3A0 96CF85DD 2DFE7910 2B09E10F E58BD950 D7ACD2B3
  CFD028FF B53A983A BD98035C 304306BD 1D568851 86EFCFDE EECB35B2 796B7C3C
  62EF1F55 5AF20E04 41AD53AE 17ADCC03 AE9B93F6 7EC2C66A 56C6DE33 0453
  quit
username Cisco password 7 112A1016141D
!
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 1 mode ciphers tkip
 !
 encryption vlan 10 mode ciphers tkip
 !
 encryption vlan 20 mode ciphers tkip
 !
 ssid Dreamteam-Data
 !
 ssid Dreamteam-Guest
 !
 ssid Dreamteam-Voice
 !
 antenna gain 0
 mbssid
 station-role root
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.10
 encapsulation dot1Q 10
 no ip route-cache
 bridge-group 10
 bridge-group 10 subscriber-loop-control
 bridge-group 10 block-unknown-source
 no bridge-group 10 source-learning
 no bridge-group 10 unicast-flooding
 bridge-group 10 spanning-disabled
!
interface Dot11Radio0.20
 encapsulation dot1Q 20
 no ip route-cache
 bridge-group 20
 bridge-group 20 subscriber-loop-control
 bridge-group 20 block-unknown-source
 no bridge-group 20 source-learning
 no bridge-group 20 unicast-flooding
 bridge-group 20 spanning-disabled
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 !
 encryption key 1 size 128bit 7 403EC038BBEA5C207F4663056E3B transmit-key
 encryption mode wep mandatory
 antenna gain 0
 no dfs band block
 power local 8
 channel dfs
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
 description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host router
 no ip address
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.10
 encapsulation dot1Q 10
 no ip route-cache
 bridge-group 10
 no bridge-group 10 source-learning
 bridge-group 10 spanning-disabled
!
interface GigabitEthernet0.20
 encapsulation dot1Q 20
 no ip route-cache
 bridge-group 20
 no bridge-group 20 source-learning
 bridge-group 20 spanning-disabled
!
interface BVI1
 ip address 192.168.10.254 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.10.1
no ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
 login local
!
end