Your access point are the controller based version, I.E. lightweight, that means they are supposed to connect to a Wireless Lan Controller ("WLC")
At startup the access points get an IP from DHCP then try (by several methods) to join a WLC. When they fell to do so, they reset their network interface and try again until they succeed.
You cannot use such AP (with this software) without a WLC.
They can be converted to autonomous (standalone) mode by uploading another software into the AP. The easiest way to do so is... ...from a WLC, and it requires that you do have the software available (trough a Cisco support contract).
Such AP have in their product name either "L" (for "LightWeight") or a "C" (for "CAPWAP based").
A standalone AP (without L or C in the name) may have been converted to lightweight mode. In this case the original software may still be present in flash, and you can reconfigure the AP to boot from the original software rather than the lightweight one.
I think you misunderstood how a router process a packet, thus coming with a solution that is not at all appropriate for your needs.
Why?
Let say computer A has the following configuration:
- mac address
00:53:BA:12:17:19
- IP address
192.168.0.7
- subnet mask of
255.255.255.0
- default gateway
192.168.0.1
A send a packet to the internet host www.example.com which has IP address 203.0.113.5
.
The packet has the following characteristics:
- source IP address : 192.168.0.7
- destination IP address: 203.0.113.5
It compare (in binary) its subnet mask with the destination IP address and find that the destination is not on the local subnet, so it will send the packet to its default gateway, 192.168.0.1
It lookup in its ARP table and if needed perform an ARP request to find the mac address of the host which hold the 192.168.0.1 IP address.
It finds 00:53:00:17:a7:b3
Then it builds a frame with the following characteristics:
- source mac address: 00:53:BA:12:17:19
- destination mac address: 00:53:00:17:a7:b3
inside this ethernet frame the IP packet is encapsulted, and it still has:
- source IP address : 192.168.0.7
- destination IP address: 203.0.113.5
As you can seed the destination IP address is NOT the gateway.
So the router receive this frame, strip the Ethernet header and lookup the packet to perform a routing decision.
The basic of routing is that the routing decision is made solely on the destination IP address, 203.0.113.5
The router then look in its routing table, find a route for 203.0.113.5 and send the packet through the associated interface (performing NAT if configured which is required here).
As you can see, the IP address of the gateway that was used has no role in the routing decision. And, more importantly, the router does not even know what was this IP address. It only know on which interface the frame arrived
Ok so, why not configuring 2 different gateways on two different interfaces. Well you can't, not on a Cisco router. You cannot have two overlapping networks on two different layer 3 interfaces. Otherwise the router could not decide on which interface it must send a packet for this network.
This is why your dual gateway cannot work.
But more importantly, it's not required to achieve your goal.
What could work?
Now if you want the router to take a different routing decision based on the sender, it is possible. It's called policy based routing
(PBR)
PBR allow you to configure different routing table on the router, and perform routing decision on different criteria.
The most common (and easy to configure) criteria are the source IP address and destination IP address.
Note that you can specify the outgoing interface rather than the next-hop IP, which is handy for a outgoing interface configured by DHCP.
So what you have to do (if I understood correctly what you want), is to:
- set a group of computers with specific IP address pool (fixed IP, DHCP reservations)
- set another group of computer with a second IP address pool
- write a route map that will set the destination IP or outgoing interface for each pool
- activate PBR on the incoming interface (the one that has the LAN gateway)
To manually change the outgoing interface for some computer in case one link fail, you just have to alter the route-map, which is a matter of minutes.
You can have 4 pools for example:
- computers that will always use ISP 1, and never fail-over to ISP2
- computers that will always use ISP 2, and never fail-over to ISP1
- computer that will use ISP 1 if available, and manually fail-over to ISP2 if needed
- computer that will use ISP 2 if available, and manually fail-over to ISP1 if needed
Best Answer
You'll find that the ethernet sockets you're speaking of are actually a switch, on those smaller routers.
Cisco does the same thing with SOHO-type equipment, eg 867VAE, for the same reason.
[EDIT rewrote from here down]
With a 2811 you can add a switch module in just the same way, such as HWIC-4ESW. Switch ethernet ports are also called Layer 2 ports, and they are associated to a VLAN (by default VLAN 1) and can be set to be trunk ports, access ports and so on. These are expected to be faster for switch-like behaviour.
You can also add more "layer 3" interfaces, such as with HWIC-2FE. These have IP addresses, access lists and so on. These are expected to be faster for routing behaviour.
Somewhat confusingly, both types of interface are written the same way,but if you, for example, put an IP address on an L2 interface you get an error:
If you have a need for say, four interfaces with 192.168.0.1/24 through 192.168.3.1/24 on them, with routing and access control lists, NAT, etc, then there are a couple of common approaches.
Use lots of L3 interfaces in the obvious way
Use switch ports, with lots of VLANs [EDIT: corrected this to a config which is correct, from an 867VAE with 15.2]
Quite how you make VLANs varies on different routers. On a 2811 with the built-in interfaces (tested on 15.1) you can use an external switch with VLANS, and use "subinterfaces" which look like this
Choosing between these approaches depends on the hardware you've got. There are sometimes performance complexities or subtle restrictions eg max ether HWICs for a chassis. My understanding is that some Cisco L3-capable interfaces can be put into L2 mode, and they enter this by the
switchport
command; but some require "subinterfaces", see below.A structure which is extremely common is sometimes called "router on a stick". A router is configured with one L3 towards internet, and one set as a trunk port towards a switch. The switch has many VLANs; the router has many
interface vlan
lines.Note also the so-called "Layer 3 Switch", which is a switch with a router in it that can be enabled in configuration. The difference between a router with a switch in it and a switch with a router in it is mostly one of engineering emphasis; for many purposes it's just a question of which has got the interfaces you want, and perhaps the routing protocols and higher level functions.