cisco access point

400 pts.
Tags:
Access Points
Cisco 1242
Cisco Access Points
Dear all,

network scenario: we have 3 core switches.STP root bridge for vlan 80 and vlan 61 is core 3 switch problem: when traceroute from vlan 50 to vlan 80 I can traceroute to vlan 80 clients but not for vlan 80 default gateway. for vlan 80 default gateway is core 1 192.168.21.252, core2 is 192.168.21.251, core3 192.168.21.253.(No HSRP for vlan 80) for vlan 50 default gateway is core 1 10.10.30.253 core 2 no ip core 3 10.10.30.252 (default gateway for all vlan 61 hosts)(no hsrp) when i trace route to vlan 80 any ip from vlan 50 any ip it shows the route 192.168.21.252. when i trace route to vlan 80 default gateway 192.168.21.253(which is the default gateway for all host in the vlan 80) i could not get traceroute. for all other vlans except vlan 50 there is no problem found. please suggest.  

vlan 50 client configuraton "

no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! no aaa new-model

! dot11 ssid <Removed)    vlan    authentication open ! dot11 arp-cache power inline negotiation prestandard source ! bridge irb ! ! interface Dot11Radio0  no ip address  no ip route-cache  !  encryption vlan 50 XXXX  encryption vlan 50 mode ciphers XXX  !  ssid <Removed)  !  traffic-metrics aggregate-report  speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0  station-role workgroup-bridge  mobile station period 1 threshold 70  antenna receive right  antenna transmit right  infrastructure-client ! interface Dot11Radio0.50  encapsulation dot1Q 50 native  no ip route-cache  bridge-group 1 ! interface Dot11Radio1  no ip address  no ip route-cache  shutdown  dfs band 3 block  speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0  channel dfs  station-role root  no dot11 extension aironet  bridge-group 1  bridge-group 1 subscriber-loop-control  bridge-group 1 block-unknown-source  no bridge-group 1 source-learning  no bridge-group 1 unicast-flooding  bridge-group 1 spanning-disabled ! interface FastEthernet0  no ip address  no ip route-cache  speed 100  full-duplex  hold-queue 160 in ! interface FastEthernet0.50  encapsulation dot1Q 50 native  no ip route-cache  bridge-group 1 ! interface BVI1  ip address 10.10.30.17 255.255.255.0  no ip route-cache ! ip default-gateway 10.10.30.252 ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ! ! control-plane ! bridge 1 route ip ! ! ! line con 0 line vty 0 4  login local ! workgroup-bridge client-vlan 50 end

 

------------------------ Vlan 80 client configuration

AP1_LT3#show run Building configuration...

no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! no ip igmp snooping ip domain name <Removed) ! ! aaa new-model ! ! aaa group server radius rad_eap  server XXXX  server XXXX ! aaa group server radius rad_mac ! aaa group server radius rad_acct  server 192.168.7.20 auth-port 1645 acct-port 1646  server 192.168.7.21 auth-port 1645 acct-port 1646 ! aaa group server radius rad_admin  server XXXX  server XXXX  cache expiry 1 ! aaa group server radius rad_pmip ! aaa group server radius dummy ! aaa authentication login default group radius local aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authentication login aaa-http-access group rad_admin local aaa authentication enable default group radius enable aaa authorization console aaa authorization exec default group radius local aaa authorization exec aaa-http-access group rad_admin local aaa authorization network default group radius local aaa accounting exec default start-stop group rad_acct aaa accounting network default start-stop group rad_acct aaa accounting network acct_methods start-stop group rad_acct aaa cache profile admin_cache  all ! aaa session-id common dot11 activity-timeout client default 100000 dot11 activity-timeout repeater default 100000 dot11 activity-timeout workgroup-bridge default 100000 dot11 activity-timeout bridge default 100000 ! dot11 ssid <Removed)    vlan 80    authentication open eap eap_methods    authentication network-eap eap_methods    authentication key-management wpa cckm    infrastructure-ssid optional ! dot11 ssid <Removed)    vlan 50    authentication open ! power inline negotiation prestandard source ! crypto pki ......................

! ! crypto ca certificate chain TP-self-signed-<Removed)  certificate self-signed 01 <Removed)

  quit username <Removed) password 7 <Removed) username <Removed) privilege 15 password 7 <Removed) ! bridge irb ! ! interface Dot11Radio0  no ip address  no ip route-cache  !  encryption key 1 size 128bit 7 <Removed) transmit-key  encryption mode ciphers wep128  !  encryption vlan 80 mode ciphers tkip  !  encryption vlan 50 key 1 size 128bit 7 <Removed) transmit-key  encryption vlan 50 mode ciphers wep128  !  ssid <Removed)  !  ssid <Removed)  !  speed basic-1.0 basic-2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0  channel 2462  station-role root  infrastructure-client ! interface Dot11Radio0.80  encapsulation dot1Q 80 native  no ip route-cache  bridge-group 1  bridge-group 1 subscriber-loop-control  bridge-group 1 block-unknown-source  no bridge-group 1 source-learning  no bridge-group 1 unicast-flooding  bridge-group 1 spanning-disabled ! interface Dot11Radio0.50  encapsulation dot1Q 50  no ip route-cache  bridge-group 50  bridge-group 50 subscriber-loop-control  bridge-group 50 block-unknown-source  no bridge-group 50 source-learning  no bridge-group 50 unicast-flooding  bridge-group 50 spanning-disabled ! interface Dot11Radio1  no ip address  no ip route-cache  shutdown  dfs band 3 block  speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0  channel dfs  station-role root  bridge-group 1  bridge-group 1 subscriber-loop-control  bridge-group 1 block-unknown-source  no bridge-group 1 source-learning  no bridge-group 1 unicast-flooding  bridge-group 1 spanning-disabled ! interface FastEthernet0  no ip address  no ip route-cache  duplex auto  speed auto  hold-queue 160 in ! interface FastEthernet0.80  encapsulation dot1Q 80 native  no ip route-cache  bridge-group 1  no bridge-group 1 source-learning  bridge-group 1 spanning-disabled ! interface FastEthernet0.50  encapsulation dot1Q 50  no ip route-cache  bridge-group 50  no bridge-group 50 source-learning  bridge-group 50 spanning-disabled ! interface BVI1  ip address 192.168.21.8 255.255.254.0  no ip route-cache ! ip default-gateway 192.168.21.253 no ip http server ip http authentication aaa login-authentication aaa-http-access ip http authentication aaa exec-authorization aaa-http-access ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius source-interface BVI1 ! access-list 111 permit tcp any any neq telnet snmp-server view iso iso included snmp-server view dot11view ieee802dot11 included snmp-server community <Removed) view iso RO snmp-server community <Removed) view iso RW tacacs-server host 192.168.7.20 key 7 <Removed) tacacs-server directed-request radius-server attribute 32 include-in-access-req format %h radius-server host 192.168.7.20 auth-port 1645 acct-port 1646 <Removed) radius-server host 192.168.7.21 auth-port 1645 acct-port 1646 <Removed) radius-server vsa send accounting radius-server vsa send authentication ! control-plane ! bridge 1 route ip ! ! wlccp ap username <Removed) password 7 <Removed) ! line con 0  password 7 <Removed) line vty 5 15 ! sntp server 192.168.0.21 sntp broadcast client end



Software/Hardware used:
cisco ap 1242 series

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hello,

I’m sorry but your question is rather bunched together. I’m having trouble reading it and so I can’t really say either way what may be causing your problems.

Could you post it using proper grammar, so that I can help you?

Ryan

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following