Cisco Systems Router 1800 Series User Manual
Have a look at the manual Cisco Systems Router 1800 Series User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 3 Cisco Systems manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
![Page 108
9-4
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 9 Configuring a Wireless LAN Connection
Configure Bridging on VLANs
Configure Bridging on VLANs
Perform these steps to configure integrated routing and bridging on VLANs, beginning in global
configuration mode:
Step 10power [client | local] [cck [number | maximum] |
ofdm [number | maximum]]
Example:
Router(config-if)# power local cck 50Router(config-if)# power local ofdm 30...](http://img.usermanuals.tech/thumb/1178/102794/w64_index.html@nav=null&now=get&message=Downloading&file=1800sg-107.png "Page 108
9-4
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 9 Configuring a Wireless LAN Connection
Configure Bridging on VLANs
Configure Bridging on VLANs
Perform these steps to configure integrated routing and bridging on VLANs, beginning in global
configuration mode:
Step 10power [client | local] [cck [number | maximum] |
ofdm [number | maximum]]
Example:
Router(config-if)# power local cck 50Router(config-if)# power local ofdm 30...")
9-7
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 9 Configuring a Wireless LAN Connection
Configuration Example
authentication open !
ssid ciscowpa
vlan 3 authentication open
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 rts threshold 2312
power local cck 50
power local ofdm 30 channel 2462
station-role root
!interface Dot11Radio0.1
description Cisco Open
encapsulation dot1Q 1 native no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.2
encapsulation dot1Q 2 bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 spanning-disabled bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding!
interface Dot11Radio0.3
encapsulation dot1Q 3 bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 spanning-disabled bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding!
interface Vlan1
no ip address bridge-group 1
bridge-group 1 spanning-disabled
!interface Vlan2
no ip address
bridge-group 2 bridge-group 2 spanning-disabled
!
interface Vlan3 no ip address
bridge-group 3
bridge-group 3 spanning-disabled!
interface BVI1
ip address 10.0.1.1 255.255.255.0!
interface BVI2
ip address 10.0.2.1 255.255.255.0
9-8 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 9 Configuring a Wireless LAN Connection Configuration Example !interface BVI3 ip address 10.0.3.1 255.255.255.0 !
CH A P T E R 10-1 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 10 Sample Configuration This chapter collects the results of the Ethernet WAN interface, DHCP, VLAN, Easy VPN, and wireless interface configurations made in previous chapters. This allows you to view what a basic configuration provided by this guide looks like in a single sample, Example 10-1. NoteCommands marked by “(default)” are generated automatically when you run the show running-config command. Example 10-1 Sample Configuration Router# show running-config Building configuration... Current configuration : 3781 bytes ! version 12.3no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption! hostname retail !boot-start-marker boot-end-marker !enable password cisco123 ! username jsomeone password 0 cg6#107Xaaa new-model ! aaa group server radius rad_eapserver 10.0.1.1 auth-port 1812 acct-port 1813 ! aaa authentication login eap_methods group rad_eapaaa session-id common ip subnet-zero ip cef! vpdn enable vpdn-group 1request-dialin protocol pppoe !interface dialer 1
10-2 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 10 Sample Configuration ip address negotiatedppp authentication chap dialer pool 1 dialer-group 1! dialer-list 1 protocol ip permit ip nat inside source list 1 interface dialer 0 overloadip classless (default) ip route 10.10.25.2 0.255.255.255 dialer 0 !ip dhcp excluded-address 10.0.1.1 10.0.1.10 ip dhcp excluded-address 10.0.2.1 10.0.2.10 ip dhcp excluded-address 10.0.3.1 10.0.3.10! ip dhcp pool vlan1 network 10.0.1.0 255.255.255.0 default-router 10.0.1.1 ! ip dhcp pool vlan2 network 10.0.2.0 255.255.255.0 default-router 10.0.2.1 !ip dhcp pool vlan3 network 10.0.3.0 255.255.255.0 default-router 10.0.3.1 !ip ips po max-events 100 no ftp-server write-enable !bridge irb ! interface FastEthernet2no ip address ! interface FastEthernet3no ip address ! interface FastEthernet4no ip address ! interface FastEthernet5no ip address ! interface FastEthernet6no ip address ! interface FastEthernet7no ip address ! interface FastEthernet8no ip address ! interface FastEthernet9switchport mode trunk no ip address !interface FastEthernet0 ip address 192.1.12.2 255.255.255.0 no ip directed-broadcast (default)ip nat outside ip access-group 103 in no cdp enablecrypto ipsec client ezvpn ezvpnclient outside crypto map static-map
10-3
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 10 Sample Configuration
duplex autospeed auto
!
interface FastEthernet1no ip address
duplex auto
speed auto!
crypto isakmp policy 1
encryption 3desauthentication pre-share
group 2
lifetime 480!
crypto isakmp client configuration group rtr-remote
key secret-passworddns 10.50.10.1 10.60.10.1
domain company.com
pool dynpool!
crypto ipsec transform-set vpn1 esp-3des esp-sha-hmac
!crypto ipsec security-association lifetime seconds 86400
!
crypto dynamic-map dynmap 1
set transform-set vpn1reverse-route
!
crypto map static-map 1 ipsec-isakmp dynamic dynmapcrypto map dynmap isakmp authorization list rtr-remote
crypto map dynmap client configuration address respond
crypto ipsec client ezvpn ezvpnclient
connect auto
group 2 key secret-passwordmode client
peer 192.168.100.1
!interface Dot11Radio0
no ip address
!broadcast-key vlan 1 change 45
!
encryption vlan 1 mode ciphers tkip !
ssid cisco
vlan 1 authentication open
authentication network-eap eap_methods
authentication key-management wpa optional !
ssid ciscowep
vlan 2authentication open
!
ssid ciscowpavlan 3
authentication open
!speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
rts threshold 2312
power local cck 50power local ofdm 30
channel 2462
10-4 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 10 Sample Configuration station-role root! interface Dot11Radio0.1 description Cisco Openencapsulation dot1Q 1 native no cdp enable bridge-group 1bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-sourceno bridge-group 1 source-learning no bridge-group 1 unicast-flooding !interface Dot11Radio0.2 encapsulation dot1Q 2 bridge-group 2bridge-group 2 subscriber-loop-control bridge-group 2 spanning-disabled bridge-group 2 block-unknown-sourceno bridge-group 2 source-learning no bridge-group 2 unicast-flooding !interface Dot11Radio0.3 encapsulation dot1Q 3 bridge-group 3 bridge-group 3 subscriber-loop-controlbridge-group 3 spanning-disabled bridge-group 3 block-unknown-source no bridge-group 3 source-learningno bridge-group 3 unicast-flooding ! interface Vlan1ip address 192.168.1.1 255.255.255.0 no ip directed-broadcast (default) ip nat insidecrypto ipsec client ezvpn ezvpnclient inside ip inspect firewall in no cdp enablebridge-group 1 bridge-group 1 spanning-disabled !interface Vlan2 no ip address bridge-group 2bridge-group 2 spanning-disabled ! interface Vlan3no ip address bridge-group 3 bridge-group 3 spanning-disabled! interface BVI1 ip address 10.0.1.1 255.255.255.0! interface BVI2 ip address 10.0.2.1 255.255.255.0! interface BVI3 ip address 10.0.3.1 255.255.255.0! ip classless !ip http server no ip http secure-server
10-5 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 10 Sample Configuration !radius-server local nas 10.0.1.1 key 0 cisco123 group rad_eap ! user jsomeone nthash 7 0529575803696F2C492143375828267C7A760E1113734624452725707C010B065B user AMER\jsomeone nthash 7 0224550C29232E041C6A5D3C5633305D5D560C09027966167137233026580E0B0D ! radius-server host 10.0.1.1 auth-port 1812 acct-port 1813 key cisco123! control-plane !bridge 1 route ip bridge 2 route ip bridge 3 route ip! ip inspect name firewall tcp ip inspect name firewall udpip inspect name firewall rtsp ip inspect name firewall h323 ip inspect name firewall netshowip inspect name firewall ftp ip inspect name firewall sqlnet ! access-list 103 permit udp host 200.1.1.1 any eq isakmpaccess-list 103 permit udp host 200.1.1.1 eq isakmp any access-list 103 permit esp host 200.1.1.1 any access-list 103 permit icmp any anyaccess-list 103 deny ip any any access-list 105 permit ip 10.1.1.0 0.0.0.255 192.168.0.0 0.0.255.255 no cdp run! line con 0 password cisco123no modem enable transport preferred all transport output allline aux 0 transport preferred all transport output allline vty 0 4 password cisco123 transport preferred alltransport input all transport output all !
10-6 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 10 Sample Configuration
PART 3 Configuring Additional Features and Troubleshooting