Home > Blog > 877W wireless config

877W wireless config

May 13th, 2009 Leave a comment Go to comments

As mentioned earlier I would post my wireless configuration of the Cisco 877W router as soon as I got it to work the way I like. In this setup the commonly used IRB bridge option is not used. This configuration will also work on the 857W model.

!
dot11 ssid <your ssid>
   vlan 2
   authentication open
   authentication key-management wpa
   guest-mode
   wpa-psk ascii 0 <your password>
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.2.1
!
ip dhcp pool wireless
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1
   dns-server <dns server> <dns server>
!
interface Dot11Radio0
 no ip address
 !
 encryption vlan 2 mode ciphers tkip
 !
 ssid <your ssid>
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 channel least-congested 2412 2442 2462
 station-role root
 no cdp enable
!
interface Dot11Radio0.1
 description WLAN vlan2
 encapsulation dot1Q 2
 ip address 192.168.2.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 no cdp enable
!
interface Vlan2
 no ip address
!

On the (outside) dialer0 interface I had to add the following line to enable NAT:

ip nat outside

And at last you’ll need the next ip nat and access-list lines to make it work:

ip nat inside source list 103 interface Dialer0 overload
access-list 103 remark Traffic allowed to enter the router from the WLAN
access-list 103 permit 192.168.2.0 0.0.0.255

You can use the show dot11 or debug dot11 commands to troubleshoot. For example, the following output displays a associated device:

router#show dot11 associations

802.11 Client Stations on Dot11Radio0:

SSID [<your ssid>] :

MAC Address    IP address      Device        Name            Parent         State
xxxx.xxxx.xxxx 192.168.2.2     unknown       -               self           Assoc

router#

Enjoy being wireless!

Categories: Blog Tags: , , ,
  1. MATT
    January 20th, 2011 at 12:11 | #1
    Reply | Quote

    hey man you saved me from a critical situation ..it had been 3 days that i was working on this router and i just couldn’t get that work… that’s a great job .. well done .. it works like a Rolex Watch :D

  2. Vesa
    August 14th, 2011 at 20:07 | #2
    Reply | Quote

    Excellent! I’m so thankful that I found this. Really helped me out. Few things I would like to add. For those who doesn’t use PPPoe “Dialer0″ would be “ATM0.1″. Also if you have firewall features on don’t forget to add “zone-member security in-zone” line to Dot11radio0.1

  3. hugo saavedra
    August 23rd, 2011 at 05:10 | #3
    Reply | Quote

    WIFFI_KSA#sh run
    Building configuration…

    Current configuration : 2265 bytes
    !
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname WIFFI_KSA
    !
    boot-start-marker
    boot-end-marker
    !
    enable password 7 054F262F371F4A1B39
    !
    no aaa new-model
    !
    !
    dot11 syslog
    !
    dot11 ssid WIFFI-KSA
    vlan 2
    authentication open
    authentication key-management wpa
    guest-mode
    wpa-psk ascii 7 1404130A1A012E3925796A6D72
    !
    no ip dhcp use vrf connected
    ip dhcp excluded-address xxxxxxxxxxx
    !
    ip dhcp pool WIRELESS
    network xxxxxxxxxxxxxxxxxxxxxxx
    default-router xxxxxxxxxxxxxxx
    dns-server xxxxxxxxxxxxxxxxxxxxxxxx
    !
    ip dhcp pool LAN
    network xxxxxxxxxxxxxxxxxxxxxxxxxxx
    dns-server xxxxxxxxxxxxxxxxxxxxxxxx
    default-router xxx.xxx.xx.x
    !
    !
    ip cef
    ip domain name saavedra.net.ni
    ip name-server xxx.xx.xx.xx
    ip name-server xxx.xx.xx.x
    !
    !
    !
    username xxxxxxxxxxxxxxxxx password 7 09086E290F5613002B
    !
    !
    archive
    log config
    hidekeys
    !
    !
    !
    !
    !
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    pvc 0/45
    pppoe-client dial-pool-number 1
    !
    dsl operating-mode auto
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Dot11Radio0
    no ip address
    !
    encryption vlan 2 mode ciphers tkip
    !
    ssid WIFFI-KSA
    !
    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
    station-role root
    no cdp enable
    !
    interface Dot11Radio0.1
    encapsulation dot1Q 2
    ip address xxx.xxx.xx.x xxx.xxx.xxx.x
    ip nat inside
    ip virtual-reassembly
    no cdp enable
    !
    interface Vlan1
    ip address xxx.xxx.xx.x xxx.xxx.xxx.x
    ip nat inside
    ip virtual-reassembly
    !
    interface Vlan2
    no ip address
    !
    interface Dialer1
    ip address negotiated
    ip mtu 1492
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    ppp authentication pap callin
    ppp pap sent-username adsl password 7 050A021C2D
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 Dialer1
    !
    ip http server
    no ip http secure-server
    ip nat inside source list 1 interface Dialer1 overload
    !
    access-list 1 permit xxx.xxx.xx.x x.x.x.xxx
    access-list 1 permit xxx.xxx.xx.x x.x.x.xxx
    !
    control-plane
    !
    !
    line con 0
    login local
    no modem enable
    line aux 0
    line vty 0 4
    login local
    !
    scheduler max-task-time 5000
    end

  4. Charles
    November 2nd, 2011 at 02:47 | #4
    Reply | Quote

    Hi,

    When I get to the line below it says that it will overlap with my Vlan1
    Our network is 192.168.0.0 255.255.255.0 and the router address that i am working on is 192.168.0.249.

    interface Dot11Radio0.1
    description WLAN vlan2
    encapsulation dot1Q 2
    =================> ip address 192.168.2.1 255.255.255.0 <==========

    Charles

  1. No trackbacks yet.