Re: Cisco 871W Wireless Associated but no DHCP

Oh! I feel like such an idiot now. I thought the ip dhcp exclude
command means <ip address> and <ip's subnet>. I have corrected that
but I have to wait til the wireless card to become available to me
again.

Thank you so much! I will post again to let you know if it worked or
not.


Bod43@xxxxxxxxxxxxx wrote:
lorrainek@xxxxxxxxx wrote:

Hi all,

I have been trying to setup my Cisco 871 W router to use LEAP
authentication. I am following Cisco's instructions and I haven't
added anything else to my config. Each time the wireless client is
able to authenticate and associate but is unable to get an IP address.
I am pretty sure that's the only problem, because when I assign the
wireless client an IP address manually, it works. I have also tried
using no authentication and WEP only ssid before, and it results in the
same thing.

Thanks in advance!
Lorraine

The Cisco instructions I am following:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a0080608364.shtml


[The configuration file:]

Building configuration...

Current configuration : 5584 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
aaa new-model
!
!
aaa group server radius rad_eap
server 10.10.10.1 auth-port 1812 acct-port 1813
!
aaa authentication login eap_methods group rad_eap

aaa session-id common
!
resource policy
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1 10.10.10.9
ip dhcp excluded-address 10.10.10.14 10.10.10.254
ip dhcp excluded-address 10.10.10.9 255.255.255.248
ip dhcp excluded-address 10.10.10.9
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
ip dhcp pool wireless-pool
import all
network 10.10.10.8 255.255.255.248
dns-server 206.13.29.12 206.13.30.12
default-router 10.10.10.9
!
!
no ip domain lookup
ip domain name yourdomain.com
!
!
crypto pki trustpoint TP-self-signed-3497546131
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3497546131
revocation-check none
rsakeypair TP-self-signed-3497546131
!
!
crypto pki certificate chain TP-self-signed-3497546131
certificate self-signed 01
3[cert stuff]
quit
username [username] privilege 15 secret 5 [secret]
!
!
!
bridge irb
!
!
!
interface FastEthernet0

interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
!
encryption key 1 size 128bit 0 [wep] transmit-key
encryption mode wep mandatory
!
ssid VestaraLeapNet
authentication open eap eap_methods
authentication network-eap eap_methods
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
ip tcp adjust-mss 1452
!
interface BVI1
ip address 10.10.10.9 255.255.255.248
!
ip route 10.10.10.8 255.255.255.248 BVI1
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
no cdp run
!
!
radius-server local
nas 10.10.10.1 key 0 cisco
user someuser nthash 7 [password]
!
radius-server host 10.10.10.1 auth-port 1812 acct-port 1813 key cisco
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login ^C
[banner stuff]
^C

line con 0
no modem enable
line aux 0
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
end

ip dhcp excluded-address 10.10.10.1 10.10.10.9
ip dhcp excluded-address 10.10.10.14 10.10.10.254
ip dhcp excluded-address 10.10.10.9 255.255.255.248
ip dhcp excluded-address 10.10.10.9

You seem to have excluded all of your IP address range.

ip dhcp excluded-address 10.10.10.1 10.10.10.9
ip dhcp excluded-address 10.10.10.9 255.255.255.248

The other statements are already covered by the two here
which are in turn equivalent to

ip dhcp excluded-address 10.10.10.1 255.255.255.248

The syntax is:-

ip dhcp excluded-address range-start-address range-end-address

So you are excluding

10.10.10.1 - 10.255.255.255
11.0.0.0 - 11.255.255.255
...
255.255.255.248

ip route 10.10.10.8 255.255.255.248 BVI1
This is not needed since it is "connected" already.

Your config is not exactly the usual one.

Mostly I think people use the same IP network for the
wireless and the wired and put

vlan 1
bridge-group 1.

What you have is if anything better though.

Since you have split the networks anyway you could
get rid of the BVI all together.

delete bvi 1, I forget how.
Basically remove all of the bridge references since you don't need
them.


int dot11 0
ip address 10.10.10.9 255.255.255.248
no bridge-group 1

.