Either a powersurge or something caused our router's configuration to get wiped, and our last backup was before the wireless network was setup.
We have not been able to reconfigure the wireless since then, so was curious if anyone here would be able to determine what configuration is needed.
We are using a Cisco 851W running 12.4(15)T9
We would like to use WPA encryption, and have it on the same network as the rest of the office network.
Config file is below:
User Access Verification
Building configuration...
Current configuration : 3857 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname BOB
!
boot-start-marker
boot-end-marker
!
enable secret 5 *********************
!
no aaa new-model
!
!
dot11 syslog
no ip source-route
!
!
ip cef
no ip bootp server
ip domain name BOB.com
ip name-server 61.11.1.1
ip name-server 61.11.1.2
!
!
!
username BOBB privilege 15 password 7 *************************
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
!
!
!
interface FastEthernet0
no cdp enable
!
interface FastEthernet1
no cdp enable
!
interface FastEthernet2
no cdp enable
!
interface FastEthernet3
no cdp enable
!
interface FastEthernet4
description WAN Connection$ETH-WAN$
ip address 61.11.1.14 255.255.254.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no cdp enable
!
interface Dot11Radio0
no ip address
shutdown
!
encryption mode ciphers tkip
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
no cdp enable
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.20
ip access-group Guest-ACL in
no cdp enable
!
interface Vlan1
description Internal Network
ip address 192.168.2.60 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 61.11.2.14
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
!
ip access-list extended Guest-ACL
deny ip any 192.0.0.0 0.0.0.255
permit ip any any
!
access-list 1 permit 192.0.0.0 0.0.0.255
access-list 100 remark SDM_ACL Category=2
access-list 100 permit ip 192.0.0.0 0.0.0.255 any
no cdp run
!
control-plane
!
!
Best Answer
From:
http://www.cisco.com/en/US/products/hw/routers/ps380/products_configuration_example09186a00808a8d80.shtml
Configure the SSID for WPA-PSK Authentication
Complete these actions:
Enable the radio interface.
In order to enable the radio interface, go to the DOT11 radio interface configuration mode and assign an SSID to the interface.
In order to enable WPA key management, first configure the WPA encryption cipher for the VLAN interface. This example uses tkip as the encryption cipher..
Type this command to specify the WPA key management type on the radio interface.
Bind SSID to a VLAN.
In order to enable the SSID on this interface, bind the SSID to the VLAN in SSID configuration mode.
Configure the SSID with WPA-PSK authentication.
You need to configure open or network EAP authentication first in the SSID configuration mode to enable WPA key management. This example configures open authentication.
Now, enable WPA key management on the SSID. The key management cipher tkip is already configured for this VLAN.
Configure the WPA-PSK authentication on the SSID.
!--- 1234567890 is the pre-shared key value for this SSID. Ensure that the same key is specified for this SSID at the client side.
Enable VLAN on the radio interface.