Cisco891w-agn router

Just got the 891 and I am unable to access the 'Internal Access Point Application'. I am assuming this application has the same look and feel as a 1230 ap through the browser. If I am in the Cisco CP Express application, choose wireless, towards the bottom it allows me to click a link 'basically hyper-linking me through the BVI1 interface. I login, and a page comes back with a 'Enter' button and the Cisco Copyright info, though if you select the enter button, you get web page errors ( 'undefined' is null or not an object).
From the router cli, I can session to the embedded ap with no problem. I was just hoping I could access the web gui of the AP in order to config all my SSID's, VLAN, AAA Auth. ect...
Router IOS = 12.4(22)YB
AP IOS = 12.4(21a)JA1
Any help on this would be greatly appreciated.

Hi Jeff..
We are hitting a Bug on 12.4(21a)JA1.
The resolution is to download the AP IOS 12.4(10b)JDA3 from the cisco.com web site and upgrade the AP module using the command..
#archive download-sw / force-reload/ overwrite tftp:/// Hoping you have pointed the image in the tftp server>
Then try browsing to the BVI interface ip address..
This will for sure solve your issue.
Regards
Surendra

Similar Messages

891 W CISCO891W-AGN-A-K9 Wireless

Hi,
I am am having all kinds of problems with setting up my router. I finally got the LAN stuff to work but the wireless will not work its like something is blocking it but I dont see anything. I can ping from wireless to any IP address but I cannot open up web pages. You would think this is DNS issue but I my DNS l looks to be fine and the same DNS works on the 8 port switches on LAN side without issue. I also thought maybe its something to do wtih ACL but I dont see anything there either.
I built this using a couple of other web posts:
http://www.networkstraining.com/basic-cisco-800-router-configuration-for-internet-access/
https://supportforums.cisco.com/docs/DOC-16145
The first one gets my lan up and running, and the second one will let me get my wirelesss up and working and show my SSID but for some reason I am blocked from the internet as far as web pages, and perhaps blocked is not the correct term at this point as it could well be settings but in any case I cannot get there. My level of knowledge is around the CCENT 1, and part of the CCENT 2. I was studying for the first test with my home lab two routers and two older switches when I decided to buy this and since working on this my actual experience has pushed past the first test and pushing me to learn alot of new things. Many of the things in the AP I still dont understand from IOS perspective. all that bridging is a bit confusing and its not in my videos I study for the test.
Anyway I can really use some help and any extra input like if I have things on my router that I probably dont need starting out let me know as less is best so I can fully understand everything I am doing.
(I did find a bug with the 891W model: if you use the GUI and enable the wireless using CCP then you go into the command line and put in guest mode to show the ssid it bugs out and it will not show the SSID. You fix by going back into CCP and turning off SSID and then the command line will work and it shows up, weird huh, but anyway I just put that in here in case some other person is looking for 891W and runs across the error)
Edited: Ok I am adding a piece of information. I can ping google at 74.125.227.51 "from a my PC connected to the wireless AP" but when I Put that same IP into the browser it will not go through. So seems like ICMP is getting through but maybe HTTP and HTTPS are not? I may be on wrong track but seems related.
Note: When connected to the ethernet switch port 0 of the same router (its 8 port switch built in as well) I can get to all websites via browser without any issues. Its only with the wireless that I cannot.
==========================================================================
show run
Building configuration...
Current configuration : 5658 bytes
! Last configuration change at 06:08:06 UTC Wed Jun 20 2012 by brian
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname r1
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
enable secret 5 PASSWORD
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
crypto pki trustpoint TP-self-signed
(bunch of Blah blah blah info here)
quit
ip source-route
ip dhcp excluded-address 10.0.0.1
ip dhcp pool Wireless
   network 10.0.0.0 255.255.255.0
   default-router 10.0.0.1
   dns-server XX.XX.XX.XX
ip dhcp pool WIREDLAN
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server XX.XX.XX.XX
ip cef
no ip domain lookup
ip domain name MYDOMAIN
ip inspect log drop-pkt
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
no ipv6 cef
multilink bundle-name authenticated
license udi pid CISCO891W-AGN-A-K9 sn XXXXXXXX
archive
log config
hidekeys
username NAME privilege 15 secret 5 SOMEPASSWORD
bridge irb
interface FastEthernet0
spanning-tree portfast
interface FastEthernet1
spanning-tree portfast
interface FastEthernet2
spanning-tree portfast
interface FastEthernet3
spanning-tree portfast
interface FastEthernet4
shutdown
spanning-tree portfast
interface FastEthernet5
spanning-tree portfast
interface FastEthernet6
spanning-tree portfast
interface FastEthernet7
shutdown
spanning-tree portfast
interface FastEthernet8
description $ES_WAN$$FW_OUTSIDE$
ip address XXX.XXX.XXX.XXX 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip inspect DEFAULT100 out
ip virtual-reassembly
duplex auto
speed auto
interface GigabitEthernet0
description $ES_WAN$$FW_OUTSIDE$
no ip dhcp client request tftp-server-address
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip inspect DEFAULT100 out
ip virtual-reassembly
duplex auto
speed auto
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan4
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport trunk native vlan 4
switchport mode trunk
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$CVO$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
interface Vlan4
ip address 10.0.0.1 255.255.255.0
interface Async1
no ip address
encapsulation slip
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet8 overload
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
access-list 1 permit any
access-list 100 permit ip any any
access-list 101 permit ip any any
no cdp run
control-plane
bridge 1 protocol ieee
bridge 1 route ip
line con 0
login local
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin udptn ssh
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
scheduler max-task-time 5000
end
r1#
===================================================================================
================AP CONFIG===================================================
show run
Building configuration...
Current configuration : 2778 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname ap
enable secret 5 SOMEPASSWORD
no aaa new-model
dot11 syslog
dot11 ssid TEST
   vlan 4
   authentication open
   authentication key-management wpa
   guest-mode
   wpa-psk ascii 0 TEST123
username USERNAME privilege 15 secret 5 SomePassword
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 4 mode ciphers tkip
broadcast-key vlan 4 change 30
ssid TEST
antenna gain 0
station-role root
interface Dot11Radio0.4
encapsulation dot1Q 4 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
broadcast-key vlan 4 change 30
antenna gain 0
dfs band 3 block
channel dfs
station-role root
interface Dot11Radio1.4
encapsulation dot1Q 4 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecti
ng AP with the host router
no ip address
no ip route-cache
interface GigabitEthernet0.4
encapsulation dot1Q 4 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address dhcp
no ip route-cache
ip default-gateway 10.0.0.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 protocol ieee
bridge 1 route ip
line con 0
privilege level 15
login local
no activation-character
line vty 0 4
login local
cns dhcp
end
ap#
===============================================================================================

Maldehne,
My Wireless client is assigning IPs. I get IP 10.0.0.0.3 I also checked to make sure I had a valid dns which I did. So that is all working perfectly.
I am still learning NAT, and while I understand the theory on it the CLI is still new because thats on the second CCENT 2 test which I have had to crash study for in order to get my new router up. I watched VLAN section and router and I am at the point where its talking about router on a stick but have not finished that.
I wondered about the difference between router on a stick and a router that has a switch built into it like the 891W. Does that communicate the same way?
Anyway I am at work today till 5pm, and while I have access to my router from work I have to disconnect all the internet each night because my kids are out for the summer and they throw a fit if the internet is down and they cannot play xbox lol...   So I work in the evenings on this for the most part. I may go home today and go ahead and hook up the internet back to the router as kids and wife are not going to be out of the house till later this evening today.
Hopefully the NAT is the issue but I do have one question. If NAT was the problem would I be able to PING the IPaddresses wouldnt it drop any private IP that I tried to ping with?
Thats why I did not think it was NAT but I will certainly test that out.
Thanks,
Brian W Catlin

891W to 5505 EZVPN issue...No peer struct to get peer description

Hey everyone,
I've been on the forums looking for a solution to my issue in my lab....
I'm getting the No peer struct to get peer description error in my debug. I've done a search on these forums but the changes that I made did not work for me
It has to be something simple.....
I am able to ping out to my ASA
891Demo#ping 38.98.226.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 38.98.226.100, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 100/106/116 ms
I did a few show commands listed below if anyone wants to take a look...
891Demo#sho run
Building configuration...
Current configuration : 6370 bytes
! Last configuration change at 20:47:45 UTC Fri Jan 10 2014 by admin
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 891Demo
boot-start-marker
boot-end-marker
logging buffered 52000
aaa new-model
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
crypto pki trustpoint TP-self-signed-1670941714
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1670941714
revocation-check none
rsakeypair TP-self-signed-1670941714
crypto pki certificate chain TP-self-signed-1670941714
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363730 39343137 3134301E 170D3133 30393130 31383038
31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36373039
34313731 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A613 DCE81A2F 27DC53B6 6ED91D5E 167EEAEA D9793CB3 33C39BBE CBC5AF0B
029C1605 3FC09722 C7811B2D 173B5887 2C87A9C7 4DDAC1C4 AE13A1C3 743B940E
A5A7AF56 26A83081 2330E910 1BA8317A BE0BC37A 631D858D E307DC04 2F76D648
1500DB09 2BC1B92A 92C0B8FE 59434385 A3D1B19D 5665D3A9 07956793 F2B98EDA
EA870203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1489C50C C4C16781 28F37E31 DABE13A9 2EE9967E 58301D06
03551D0E 04160414 89C50CC4 C1678128 F37E31DA BE13A92E E9967E58 300D0609
2A864886 F70D0101 05050003 81810053 FD39A299 CFF9E763 C89846EE 9BE0DAE4
31B890D0 969764F0 98A21C63 FD103ADB 29BA7DB4 98C142B9 1EA60C71 1D6C4BE5
921224F5 BE5FC348 2A2A4858 A5D0E680 23346C0E 8EA55314 435CE650 5167C796
1EB4EFAD 1D045B2C 84031255 C2A9F5B7 C8542ACF 3C69C46E DE0230AE EA3587EE
464A0AC0 3987D917 47A4ABDB 5B6022
        quit
ip cef
ip dhcp excluded-address 10.10.10.7 10.10.10.254
891Demo#sh run
Building configuration...
Current configuration : 6370 bytes
! Last configuration change at 20:47:45 UTC Fri Jan 10 2014 by admin
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 891Demo
boot-start-marker
boot-end-marker
logging buffered 52000
aaa new-model
aaa authentication login default local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
crypto pki trustpoint TP-self-signed-1670941714
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1670941714
revocation-check none
rsakeypair TP-self-signed-1670941714
crypto pki certificate chain TP-self-signed-1670941714
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363730 39343137 3134301E 170D3133 30393130 31383038
31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36373039
34313731 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A613 DCE81A2F 27DC53B6 6ED91D5E 167EEAEA D9793CB3 33C39BBE CBC5AF0B
029C1605 3FC09722 C7811B2D 173B5887 2C87A9C7 4DDAC1C4 AE13A1C3 743B940E
A5A7AF56 26A83081 2330E910 1BA8317A BE0BC37A 631D858D E307DC04 2F76D648
1500DB09 2BC1B92A 92C0B8FE 59434385 A3D1B19D 5665D3A9 07956793 F2B98EDA
EA870203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1489C50C C4C16781 28F37E31 DABE13A9 2EE9967E 58301D06
03551D0E 04160414 89C50CC4 C1678128 F37E31DA BE13A92E E9967E58 300D0609
2A864886 F70D0101 05050003 81810053 FD39A299 CFF9E763 C89846EE 9BE0DAE4
31B890D0 969764F0 98A21C63 FD103ADB 29BA7DB4 98C142B9 1EA60C71 1D6C4BE5
921224F5 BE5FC348 2A2A4858 A5D0E680 23346C0E 8EA55314 435CE650 5167C796
1EB4EFAD 1D045B2C 84031255 C2A9F5B7 C8542ACF 3C69C46E DE0230AE EA3587EE
464A0AC0 3987D917 47A4ABDB 5B6022
        quit
ip cef
ip dhcp excluded-address 10.10.10.7 10.10.10.254
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
lease 0 2
ip domain name yourdomain.com
no ipv6 cef
ipv6 multicast rpf use-bgp
multilink bundle-name authenticated
license udi pid CISCO891W-AGN-A-K9 sn FTX171783D3
username admin privilege 15 password 0 password
redundancy
csdb tcp synwait-time 30
csdb tcp idle-time 3600
csdb tcp finwait-time 5
csdb tcp reassembly max-memory 1024
csdb tcp reassembly max-queue-length 16
csdb udp idle-time 30
csdb icmp idle-time 10
csdb session max-session 65535
crypto isakmp policy 50
encr 3des
authentication pre-share
group 2
crypto isakmp key D1l2w3r4 address 38.98.226.100
crypto isakmp client configuration group VPNGroupZLAB
key D1l2w3r4
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
mode tunnel
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
mode tunnel
crypto ipsec client ezvpn CISCOCP_EZVPN_CLIENT_1
connect auto
group DefaultL2LGroup key D1l2w3r4
mode client
peer 38.98.226.100
username ztest password D1l2w3r4
xauth userid mode local
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to38.98.226.100
set peer 38.98.226.100
set transform-set ESP-3DES-SHA
match address 102
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
no ip address
interface FastEthernet3
no ip address
interface FastEthernet4
no ip address
interface FastEthernet5
no ip address
interface FastEthernet6
no ip address
interface FastEthernet7
no ip address
interface FastEthernet8
no ip address
shutdown
duplex auto
speed auto
interface Virtual-Template1 type tunnel
no ip address
tunnel mode ipsec ipv4
interface GigabitEthernet0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map SDM_CMAP_1
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
no ip address
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
interface Async1
no ip address
encapsulation slip
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source route-map SDM_RMAP_1 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.1 254
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 192.168.1.1 254
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp 254
ip access-list extended protect_traffic
permit ip host 10.10.10.1 host 10.1.11.1
no cdp run
route-map SDM_RMAP_1 permit 1
match ip address 101
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 remark CCP_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 10.10.10.0 0.0.0.255 10.1.11.0 0.0.0.255
access-list 101 remark CCP_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny   ip 10.10.10.0 0.0.0.255 10.1.11.0 0.0.0.255
access-list 101 permit ip 10.10.10.0 0.0.0.7 any
access-list 102 remark CCP_ACL Category=4
access-list 102 remark IPSec Rule
access-list 102 permit ip 10.10.10.0 0.0.0.255 10.1.11.0 0.0.0.255
control-plane
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
mgcp profile default
line con 0
line 1
modem InOut
speed 115200
flowcontrol hardware
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin udptn ssh
line aux 0
line vty 0 4
access-class 23 in
transport input telnet ssh
transport output telnet ssh
line vty 5 15
access-class 23 in
transport input telnet ssh
transport output telnet ssh
end
=============================================
=============================================
891Demo#sh crypto ipsec sa
interface: GigabitEthernet0
    Crypto map tag: SDM_CMAP_1, local addr 10.0.0.35
   protected vrf: (none)
   local ident (addr/mask/prot/port): (10.10.10.0/255.255.255.0/0/0)
   remote ident (addr/mask/prot/port): (10.1.11.0/255.255.255.0/0/0)
   current_peer 38.98.226.100 port 500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0
     local crypto endpt.: 10.0.0.35, remote crypto endpt.: 38.98.226.100
     path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0
     current outbound spi: 0x0(0)
     PFS (Y/N): N, DH group: none
     inbound esp sas:
     inbound ah sas:
     inbound pcp sas:
     outbound esp sas:
     outbound ah sas:
     outbound pcp sas:
=============================================
=============================================
891Demo#sho crypto se
Crypto session current status
Interface: GigabitEthernet0
Session status: DOWN
Peer: 38.98.226.100 port 500
IPSEC FLOW: permit ip 10.10.10.0/255.255.255.0 10.1.11.0/255.255.255.0
        Active SAs: 0, origin: crypto map
891Demo#
*Jan 10 20:56:15.327: No peer struct to get peer description
=============================================
=============================================
891Demo#sh crypto isakmp default pol
Default IKE policy
Default protection suite of priority 65507
        encryption algorithm:   AES - Advanced Encryption Standard (128 bit keys).
        hash algorithm:         Secure Hash Standard
        authentication method: Rivest-Shamir-Adleman Signature
        Diffie-Hellman group:   #5 (1536 bit)
        lifetime:               86400 seconds, no volume limit
Default protection suite of priority 65508
        encryption algorithm:   AES - Advanced Encryption Standard (128 bit keys).
        hash algorithm:         Secure Hash Standard
        authentication method: Pre-Shared Key
        Diffie-Hellman group:   #5 (1536 bit)
        lifetime:               86400 seconds, no volume limit
Default protection suite of priority 65509
        encryption algorithm:   AES - Advanced Encryption Standard (128 bit keys).
        hash algorithm:         Message Digest 5
        authentication method: Rivest-Shamir-Adleman Signature
        Diffie-Hellman group:   #5 (1536 bit)
        lifetime:               86400 seconds, no volume limit
Default protection suite of priority 65510
        encryption algorithm:   AES - Advanced Encryption Standard (128 bit keys).
        hash algorithm:         Message Digest 5
        authentication method: Pre-Shared Key
        Diffie-Hellman group:   #5 (1536 bit)
        lifetime:               86400 seconds, no volume limit
Default protection suite of priority 65511
        encryption algorithm:   Three key triple DES
        hash algorithm:         Secure Hash Standard
        authentication method: Rivest-Shamir-Adleman Signature
        Diffie-Hellman group:   #2 (1024 bit)
        lifetime:               86400 seconds, no volume limit
Default protection suite of priority 65512
        encryption algorithm:   Three key triple DES
        hash algorithm:         Secure Hash Standard
        authentication method: Pre-Shared Key
        Diffie-Hellman group:   #2 (1024 bit)
        lifetime:               86400 seconds, no volume limit
Default protection suite of priority 65513
        encryption algorithm:   Three key triple DES
        hash algorithm:         Message Digest 5
        authentication method: Rivest-Shamir-Adleman Signature
        Diffie-Hellman group:   #2 (1024 bit)
        lifetime:               86400 seconds, no volume limit
Default protection suite of priority 65514
        encryption algorithm:   Three key triple DES
        hash algorithm:         Message Digest 5
        authentication method: Pre-Shared Key
        Diffie-Hellman group:   #2 (1024 bit)
        lifetime:               86400 seconds, no volume limit
Any insight to this would be appreciated, i'm still going to try and figure it out as well

It is the host site not transmitting. The ACL that i see thats blocking is for a client based VPN.
Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   0.0.0.0         0.0.0.0         Outside
Phase: 2
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   192.168.180.0   255.255.254.0   Inside
Phase: 3
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group Inside_access_in in interface Inside
access-list Inside_access_in extended permit ip object obj_any any
Additional Information:
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 5
Type: NAT
Subtype:
Result: ALLOW
Config:
nat (Inside,Outside) source static DM_INLINE_NETWORK_20 DM_INLINE_NETWORK_20 destination static AT_Remote AT_Remote no-proxy-arp route-lookup
Additional Information:
Static translate 192.168.180.232/12345 to 192.168.180.232/12345
Phase: 6
Type: ACCESS-LIST
Subtype: vpn-user
Result: DROP
Config:
Additional Information:
Result:
input-interface: Inside
input-status: up
input-line-status: up
output-interface: Outside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule

Cisco 891-W Wireless Issues

Hello Cisco,
hopefully someone with more expertise with the Cisco 891-W router can help me figure out my configuration issues? Right now I have the wired part of the 891-W working fine with my cable modem on VLAN1. But it's another story with my VLAN4 (wireless side). I've been working on this all week and am hoping some fresh eyes can catch what's wrong with my config.   Currently, my laptop will see the SSID of the Wi-Fi (891W-WiFi) but when I try to connect I get an 169.254.180.251 IP?   Not sure if it's the DHCP or some kind of bridging with the AP module with the correct VLAN settings with my configuration?  I'll post my config below for both the router and AP.  Thank you to anyone that can give me some insight!
I've attached the configs just in case this post was too messy to read with all the configurations.
891W_Router#sh run
Building configuration...
Current configuration : 4826 bytes
! Last configuration change at 21:49:24 UTC Fri Apr 24 2015
version 15.1
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service sequence-numbers
hostname 891W_Router
boot-start-marker
boot config usbflash0:CVO-BOOT.CFG
boot-end-marker
no logging on
enable secret 5 $1$3JJJ$6wL98gGvGJQ0ot1xChXJt1
no aaa new-model
service-module wlan-ap 0 bootimage autonomous
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-1853469223
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1853469223
revocation-check none
ip source-route
ip dhcp excluded-address 192.168.99.1
ip dhcp excluded-address 192.168.100.1
ip dhcp pool Vlan4
   network 192.168.100.0 255.255.255.0
   default-router 192.168.100.1
   dns-server 8.8.8.8
ip dhcp pool Vlan1
   network 192.168.99.0 255.255.255.0
   default-router 192.168.99.1
   dns-server 192.168.0.1
ip cef
no ip domain lookup
ip name-server 209.18.47.61
ip name-server 209.18.47.62
ip inspect log drop-pkt
no ipv6 cef
multilink bundle-name authenticated
parameter-map type inspect global
log dropped-packets enable
license udi pid CISCO891W-AGN-A-K9 sn FTX15130301
username dvd privilege 15 secret 5 $1$qHnY$pMyIf18Av.AS2ne0cxXle/
username cisco password 7 01100F175804
bridge irb
interface FastEthernet0
switchport mode trunk
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
interface FastEthernet5
interface FastEthernet6
interface FastEthernet7
interface FastEthernet8
no ip address
duplex auto
speed auto
interface GigabitEthernet0
description WAN
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface wlan-ap0
description Service module interface to manage the embedded AP
ip address 10.10.10.10 255.255.255.255
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport trunk native vlan 4
switchport mode trunk
interface Vlan1
description Internal LAN
ip address 192.168.99.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface Vlan4
description Wi-Fi Users
ip address 192.168.100.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface Async1
no ip address
encapsulation slip
interface GMPLS8
no ip address
no fair-queue
no keepalive
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface GigabitEthernet0 overload
ip nat inside source list 2 interface Wlan-GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 dhcp
logging esm config
access-list 1 permit 192.168.99.0 0.0.0.255
access-list 2 permit 192.168.100.0 0.0.0.255
control-plane
bridge 1 protocol ieee
bridge 1 route ip
line con 0
exec-timeout 0 0
password 7 020D0A5409040A2243401A160912
logging synchronous
login
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin udptn ssh
line aux 0
line vty 0 4
password 7 130E191D090E013C3F3D
login
transport input all
end
AP Configuration:
891W_Router#
891W_Router#service-module wlan-ap 0 session
Trying 10.10.10.10, 2002 ... Open
Connecting to AP console, enter Ctrl-^ followed by x,
then "disconnect" to return to router prompt
ap#sh run
Building configuration...
Current configuration : 1976 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname ap
enable secret 5 $1$bW7h$C2mBp2TNgGbgkgj2fQHDa.
no aaa new-model
dot11 syslog
dot11 ssid 891W-WIFi
dot11 ssid 891W-WiFi
   vlan 4
   authentication open
   authentication key-management wpa
   guest-mode
   wpa-psk ascii 0 cisco891
username cisco privilege 15 secret 5 $1$yIzh$7/j0K1xcYbT99mP4hX3ZU/
username dvd password 0 kmob
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 4 mode ciphers aes-ccm tkip
ssid 891W-WiFi
antenna gain 0
station-role root
interface Dot11Radio0.4
encapsulation dot1Q 4 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
antenna gain 0
dfs band 3 block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface
connecting AP with the host router
no ip address
no ip route-cache
interface GigabitEthernet0.4
encapsulation dot1Q 4 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address dhcp
no ip route-cache
ip default-gateway 192.168.100.1
ip http server
no ip http secure-server
ip http help-path
http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 protocol ieee
bridge 1 route ip
line con 0
privilege level 15
login local
no activation-character
line vty 0 4
login local
cns dhcp
end

Hi,
Leo is right and it should come as part of the kit when you order "800-IL-PM-4"
Full Kit should include:
Internal PoE module
48v PoE power cube
Power cord for the power cube
(2) standoffs with two notches
(1) standoff with one notch
(3) screws
http://www.cisco.com/c/en/us/td/docs/routers/access/800/860-880-890/hardware/installation/memory/880FRU.html#wp45561
If for some reason you did not get it or it fails and you need a new one you can use part number "ADP-80LB". I dont think Cisco will sell you this as a standalone item so you may have to look on Ebay, PChub or google to find a place that sells it.
Good luck!

Please Help - Static NAT not working.

I feel like I've tried everything. I'm trying to port-forward to an IP camera. I have ddns setup, and when I type in my domain name I get to my router, so ddns is working correctly. However when I type it in with the port of my camera I'm getting nothing. When I do a show ip nat statistics I see that there have been no static translations. Below is my config.
FranklinRouter#sh ip nat translations | i 8090
tcp 72.x.x.217:8090 10.1.1.101:8090 --- ---
udp 72.x.x.217:8090 10.1.1.101:8090 --- ---
FranklinRouter#
FranklinRouter#sh ip nat statistics
Total active translations: 172 (0 static, 172 dynamic; 172 extended)
Peak translations: 3425, occurred 1w2d ago
Outside interfaces:
interface GigabitEthernet0
description Access to the Internet via this interface
ip address dhcp
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip inspect DEFAULT100 out
ip virtual-reassembly in
duplex auto
speed auto
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface GigabitEthernet0 overload
ip nat inside source static tcp 10.1.1.101 8090 interface GigabitEthernet0 8090
ip nat inside source static udp 10.1.1.101 8090 interface GigabitEthernet0 8090
ip route 0.0.0.0 0.0.0.0 72.x.x 254
ip route 0.0.0.0 0.0.0.0 72.x.x 254
ip access-list extended inboundfilters
permit eigrp any any
deny icmp any any
evaluate tcptraffic
ip access-list extended outboundfilters
permit tcp any any reflect tcptraffic timeout 300
logging trap notifications
access-list 1 permit 10.10.10.0 0.0.0.7
access-list 1 permit 10.1.1.0 0.0.0.255
access-list 23 permit 10.1.4.0 0.0.0.255
access-list 23 permit 10.1.0.0 0.0.255.255
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 permit udp object-group DNS any eq domain
access-list 101 permit udp object-group NTP any eq ntp
access-list 101 permit udp any eq bootps any eq bootpc
access-list 101 deny ip 10.10.10.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip any any log
access-list 101 permit ip any any log

no aaa new-model
clock timezone EST -5 0
clock summer-time EST recurring 1 Mon Mar 0:00 1 Mon Oct 0:00
service-module wlan-ap 0 bootimage autonomous
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-1042258622
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1042258622
revocation-check none
rsakeypair TP-self-signed-1042258622
crypto pki certificate chain TP-self-signed-1042258622
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303432 32353836 3232301E 170D3134 30383234 31393332
35385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30343232
35383632 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E2B2 2533A8B9 518DE4EC 138074EF 6A16B4F0 4B6C19B6 91C0E90A 846F6ABB
81FBFE28 4C396CBC 7C74CB0D 225553D6 D289C25E BC8D13B3 2A4E14B2 36E40D19
8C5B8E40 624F94FC 4C5770F8 984F3218 0FC94123 BF6291BF 714DE11E 32C60C22
401821D5 E21C94A7 A5D78A7B ED39620B 363C486E 5C06C707 1A1FEF1F 70FE0450
49BB0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14AAAD14 38691F79 EF1E5FCD DA9240DA 73CEAE5E 11301D06
03551D0E 04160414 AAAD1438 691F79EF 1E5FCDDA 9240DA73 CEAE5E11 300D0609
2A864886 F70D0101 05050003 81810043 3C95E0A8 85F3402A E140D3C1 D64EC765
38808AF5 BC260208 CC052991 5F748CD6 4E409201 34AD88E7 CE714065 90D608EF
B55C691E 8E4CD18C 8652E887 91762DF1 EFEB5615 4D3C6B3C C7089688 E0F2E7B7
AC1C46CD 51C0BD0B 7A7324A3 D47BAB78 C2FB93AC D0154468 C1384EF3 174B2740
313B7C1A 9BEE1E4C 46410E92 4354DE
quit
no ip source-route
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.1.2.1 10.1.2.10
ip dhcp excluded-address 10.1.1.1 10.1.1.10
ip dhcp excluded-address 10.1.4.1 10.1.4.10
ip dhcp excluded-address 10.1.3.1 10.1.3.10
ip dhcp excluded-address 10.1.1.100 10.1.1.106
ip dhcp pool cvo-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
ip dhcp pool Wireless
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
dns-server 4.2.2.6 208.67.222.220 8.8.8.8
lease 0 6
ip dhcp pool Wired
network 10.1.2.0 255.255.255.0
default-router 10.1.2.1
dns-server 4.2.2.6 208.67.222.220 8.8.8.8
ip dhcp pool Guest
network 10.1.4.0 255.255.255.0
default-router 10.1.4.1
dns-server 4.2.2.6 208.67.222.220 8.8.8.8
ip dhcp pool Security
network 10.1.3.0 255.255.255.0
default-router 10.1.3.1
dns-server 4.2.2.6 208.67.222.220 8.8.8.8
ip cef
no ip bootp server
ip domain name router.sfranklin.ddns.net
ip name-server 8.8.8.8
ip name-server 4.2.2.6
ip name-server 208.67.222.220
ip inspect log drop-pkt
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
ip inspect name DEFAULT100 kerberos
ip inspect name DEFAULT100 isakmp
ip inspect name DEFAULT100 bittorrent
ip inspect name DEFAULT100 ntp
ip inspect name DEFAULT100 dns
ip inspect name DEFAULT100 ipsec-msft
ip inspect name DEFAULT100 pptp
ip ddns update method no-ip
HTTP
ip reflexive-list timeout 120
no ipv6 cef
multilink bundle-name authenticated
parameter-map type inspect global
WAAS enable
log dropped-packets enable
license udi pid CISCO891W-AGN-A-K9 sn FTX1546805G
object-group network DNS
host 8.8.8.8
host 4.2.2.6
host 208.67.222.220
object-group network NTP
host 98.175.203.200
host 206.246.122.250
username admin privilege 15 secret 5 $1$BmSn$Fj9vfdPiU4T9EpeJRpBwM.
ip tcp synwait-time 10
no ip ftp passive
ip ssh version 2
interface Null0
no ip unreachables
interface FastEthernet0
no ip address
interface FastEthernet1
no ip address
spanning-tree portfast
interface FastEthernet2
no ip address
spanning-tree portfast
interface FastEthernet3
no ip address
spanning-tree portfast
interface FastEthernet4
switchport mode trunk
no ip address
spanning-tree portfast
interface FastEthernet5
no ip address
spanning-tree portfast
interface FastEthernet6
no ip address
spanning-tree portfast
interface FastEthernet7
no ip address
spanning-tree portfast
interface FastEthernet8
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
interface GigabitEthernet0
description Access to the Internet via this interface
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
no ip address
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
ip address 10.1.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
interface Vlan2
description $FW_INSIDE$
ip address 10.1.2.1 255.255.255.0
ip helper-address 10.1.1.1
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
interface Vlan3
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip virtual-reassembly in
interface Vlan4
description Guest VLAN$FW_INSIDE$
ip address 10.1.4.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly in
interface Async1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation slip
interface GMPLS0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no fair-queue
no keepalive
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface GigabitEthernet0 overload
ip nat inside source static tcp 10.1.1.101 8091 interface GigabitEthernet0 8091
ip nat inside source static udp 10.1.1.101 8091 interface GigabitEthernet0 8091
ip route 0.0.0.0 0.0.0.0 72x254
ip route 0.0.0.0 0.0.0.0 72.x 254
ip access-list extended inboundfilters
permit eigrp any any
deny icmp any any
evaluate tcptraffic
ip access-list extended outboundfilters
permit tcp any any reflect tcptraffic timeout 300
logging trap notifications
access-list 1 permit 10.10.10.0 0.0.0.7
access-list 1 permit 10.1.1.0 0.0.0.255
access-list 5 permit any log
access-list 23 permit 10.1.4.0 0.0.0.255
access-list 23 permit 10.1.0.0 0.0.255.255
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 permit udp object-group DNS any eq domain
access-list 101 permit udp object-group NTP any eq ntp
access-list 101 permit udp any eq bootps any eq bootpc
access-list 101 deny ip 10.10.10.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip any any log
access-list 101 permit ip any any log
control-plane
mgcp profile default
line con 0
login local
transport output telnet
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin udptn ssh
line aux 0
login local
transport output telnet
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
scheduler interval 500
ntp server 98.175.203.200 prefer
ntp server 206.246.122.250
end

891w connecting to wlc 5508

Hi
I am having problems connecting an 891w to a WLC, is it possible to have to separate vlans, one for the Lan ports and another for the AP modue.
I do not want the AP part of the 891w in autonomous mode. The WAN port of the router will be connected to a DSL type service.
Is there a guide or something to get a 891W to connect to the WLC?
I would like to have users on a data vlan (vlan1) connecting to the network like a normal router, then the AP module to connect to the WLC via a different IP proablly vlan 2
On the WLC itself i do not see any attempts in the logging.

WLC: sh sysinfo
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.220.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... SIGNRYCC01
System Location.................................. SIG NRY
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 10.192.22.10
Last Reset....................................... Software reset
System Up Time................................... 49 days 19 hrs 47 mins 11 secs
System Timezone Location......................... (GMT+10:00) Sydney, Melbourne, Canberra
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... AU - Australia
--More-- or (q)uit
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +40 C
External Temperature............................. +28 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 3
Number of Active Clients......................... 2
Burned-in MAC Address............................ CC:EF:48:0C:7F:20
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 50
ap#sh inventory
NAME: "AP801", DESCR: "Cisco AP801 Access Point with dual IEEE 802.11a/g/n radio ports"
PID: AP801AGN-N-K9     , VID: V01, SN: FGL161721MR
ap#sh ver
Cisco IOS Software, AP801 Software (AP801-K9W7-M), Version 12.4(21a)JA1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 16-Sep-09 18:59 by prod_rel_team
ROM: Bootstrap program is AP801 boot loader
BOOTLDR: AP801 Boot Loader (AP801-BOOT-M) Version 12.4(23c)JX, RELEASE SOFTWARE (fc1)
ap uptime is 11 minutes
System returned to ROM by power-on
System image file is "flash:/ap801-k9w7-mx.124-21a.JA1/ap801-k9w7-mx.124-21a.JA1"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AP801AGN-N-K9        (PowerPC 8343) processor (revision B0) with 49142K/16384K bytes of memory.
Processor board ID FGL161721MR
PowerPC 8343 CPU at 400Mhz, revision number 0x0031
Last reset from power-on
1 Gigabit Ethernet interface
2 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 70:CA:9B:2A:F8:E8
Part Number                          : 73-11027-11
PCA Assembly Number                  : 800-28808-11
PCA Revision Number                  : B0
PCB Serial Number                    : FOC16122N66
Top Assembly Part Number             : 800-29576-05
Top Assembly Serial Number           : FGL161721MR
Top Revision Number                  : C0
Product/Model Number                 : AP801AGN-N-K9
Configuration register is 0xF
890W: sh version
Cisco 891 (MPC8300) processor (revision 1.0) with 393216K/131072K bytes of memory.
Processor board ID FGL161721MR
9 FastEthernet interfaces
2 Gigabit Ethernet interfaces
1 Serial interface
2 terminal lines
1 Virtual Private Network (VPN) Module
1 cisco Embedded AP (s)
256K bytes of non-volatile configuration memory.
250880K bytes of ATA CompactFlash (Read/Write)
License Info:
License UDI:
Device#   PID                   SN
*0        CISCO891W-AGN-N-K9    FGL161721MR
License Information for 'c890'
    License Level: advipservices   Type: Permanent
    Next reboot license Level: advipservices
Configuration register is 0x2102

Access connection can only connect at 54Mbps

I'm running Access Connection 5.50. My W500 has Intel Wifi link 5300 AGN with PAN (driver 13.0.0.107). Going through AC, I can only get 54Mbps connecting to a TP-Link WR841N AP (BGN) but using Windows Wireless Services, I get 130Mbps. I have another T61P not running AC and it also gets 130Mbps on the same AP. What could be the problem?

Same problem here with HP 8530W + Intel 5300 AGN : just 54Mbps while other Wifi clients do get 150Mbps from my AGN router (Netgear WNDR3700). Luckily also solved, this way:
download & install Intel Proset Wireless http://downloadcenter.intel.com/SearchResult.aspx?lang=eng&keyword=%22proset+wireless%22
go to properties of Wireless settings, either using Intel or Microsoft Wireless manager. Edit the profile of the SSID, and set the band to 2.4Ghz specific. Takes a bit of searching, in Intel it's under Advanced profile properties.
Set the router's wireless security properties to use WPA2 (PSK) + AES (not TKIP)
Re-connect, be sure that "2.4 Ghz" is still enabled at the client
Voila, 300Mbps instead of 54Mbps

Which Cisco 89X Wireless model for Europe (N,E or A)?

Hi all,
Can anyone tell me which model of the three I should used for Europe:
CISCO891W-AGN-N-K9
CISCO892W-AGN-E-K9
CISCO891W-AGN-A-K9
Thanks in advance.
Regards,
Laurent

E is the one.
Here is a full list of countries in each domain:
http://www.cisco.com/en/US/prod/collateral/wireless/ps5679/ps5861/product_data_sheet0900aecd80537b6a_ps10981_Products_Data_Sheet.html
Please Make sure to rate correct answers

CSCtx17284 - "Ethernet Switch Module transmit queue is full" Msgs on 800

This error is happening across all my CISCO891W-AGN-A-K9 Routers....There's no explanation or reason. My users are experiencing severely low bandwidth. I'm going to open a TAC case, but it's going to go into this BUG black whole with no answer. Has anyone else hit this bug?

The feature you want to use is called config-sync. It is available on NXOS 5.x on the N5K.
http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/system_management/502_n1_1/Cisco_n5k_system_mgmt_cg_rel_502_n1_1_chapter3.html
Regards,
jerry

X201 win7 centrino 6200 agn, cannot connect to 11g router

My X201 is win7 and with intel centrino 6200 agn wifi chipset. I can use wifi at work (which is 11n AP). However, my home is using an 11g dsl router, and the wifi connection stuck. It kept trying to connect to the router but failed. I pluged in a USB 11g wifi adapter and got connected within a second. Is there anyboy having the same problem? This really pissed me off....

Is it encrypted? You're gonna have to give a lot more details if you expect any help.
Owned Thinkpads: X300 X201T X200,T X61,s,T,T+ X60,s,T,T+ X41 X40 X31 T510 T500 T410 T400 T400s T61,p T60,p T43 T42 T41,p T40 W500 W700. To do list: X301 X220 X220T X201 X201s X200s X201i T420s T410s T420 T520 W510 W701

Home Network Router for T500 w/Intel WiFi Link 5300 (AGN)

I just purchased a new T500 notebook (Type 2242-34U) and am interested in setting up a home network. I have broadband cable hooked up to my Dell PC (Time Warner/Roadrunner). My T500 comes with Intel WiFi Link 5300 (AGN). Any advice and/or recommendations with regards to the model/type of router is greatly appreciated. Thanks a bunch.
OO

oonouye wrote:
My T500 comes with Intel WiFi Link 5300 (AGN). Any advice and/or recommendations with regards to the model/type of router is greatly appreciated.
Get a Cisco/Linksys WRT-610N.
As Small Net Builder says.....
But if you're looking for a reasonably-priced dual-band, dual-radio draft 11n router, the 610N continues the 600N's tradition of being the only viable game in town.
- http://www.smallnetbuilder.com/content/view/30530/96/
I'm using a Linksys WRT-600N (the previous model) with 4965AGN and 5300AGN cards in various ThinkPads and have been very satisfied with the 802.11n performance.
Cheers,
Bill
I don't work for Lenovo

How do I tell what radio frequency and speed (AGN) my WRT610N router is operating on ?

with each of my laptops, and how do you change this ?

If i am not wrrong, you need to change the Wireless Settings of your Router? That you can do it by simly logging in to your Router setup page. That you can do it by Open an Internet Explorer browser page on your wired computer(desktop).In the address bar type - 192.168.1.1 Leave username blank & in password use admin in lower case...Then Click on the Wireless Tab and there you can Set the RadioBand and Channel as per your Need.

New Intel WIFI Wireless Network Adapter does not recognize Wireless Router

I have had a Linksys BEFW11S4 Version 4 Wireless router for quite some time. It works like a champ and I have one Laptop wired to it and a second using Wireless working just fine. Recently, I received a new ThinkPad W500 Laptop with an Intel WIFI Link 5100 AGN wireless network adapter. The older laptop that works just fine with the router uses a
11a/b/g Wireless LAN Mini PCI Express Adapter by Atheros. However, the NEW laptop with the Intel Adapter fails to connect to the Router. It will either indicate a failure while "Waiting for Association" or it will indicate a failure when waiting to "renew IP Address". Sometimes, it will show a signal strength close to ZERO (Even as the older laptop with the other adapter is showing a signal strength close to 100%) When I called Linksys support, I was told that the facts that the Router (a) works find with the wired Laptop and (b) works fine with the 11a/b/g NEtwork Adapter and (c) works fine when WIRED to the new laptop all indicate that the problem is NOT with the router at all -- but with the Network Adapter. Can anyone tell me what has to be adjusted in the Adapter settings? Right now, I am using IBM Access Connections for BOTH of the wireless laptops. I have made sure to set IDENTICAL values for SSID and WEP (128-bit) [static] password. I have also ensured that all OTHER settings are the same for the two laptops. Yet, in one laptop, there is NO PROBLEM while in the other, I can not get the Wireless Adapter to "see" the signal from the Router. TO further check this, I have [temporarily] disabled the WEP password, enabled SSID broadcast, and disabled the MAC address restrictions that I put in (so that the system would be totally "open") yet the Intel Adapter STILL did not "find" anything. In addition, when I use the "Find WIFI" feature in Access Connections, I find that SOMETIMES the network with SSID is found and sometimes, it will display "unknown network" and not pick up the SSID.
This is all very frustrating. If anyone has experience with the Intel WIFI Link 5100 AGN Adapter, I would appreciate any hints, tricks, ideas, etc.
Think you!!!!
--Zvi

I installed the LATEST version of IBM Access Connections as well as verifying that I have teh LATEST drivers for the Intel Wireless NEtwork Adapter.
What now happens is that I am able to authenticate to the Router. However, I get a failure on "renewing IP Address" -- which [according to the diagnostic message] means that the Rotuer fails to provide me with an IP address to use. Do you have any suggestions?

AGN Virtual Network Adapter

Why does AGN Network adapter install and what does it do?
I had two icons in network connections:
1. AGN Virtual Network Adapter
2. Local Area Connection
I am connected to an adsl router and am able to connect OK.
I disabled the AGN Virtual network adapter and am still able to connect ok.

Sorry, let me further add I get the following messages from Access connections after the wireless connection fails....
Error code: 011
Veyify that the encryption settings (WEP/TKIS/AES) specified in this profile match those expected by the wireless network
and
Verify that the wireless adapter in your computer has not been restricted from accessing the radio channels being used by the wireless newtork.
and
The wireless network name (SSID) specified in this profile shares the same radio channel as another wireless network that is in range. To attempt to resolve this conflict, click repair.
None of these messages are helpful or should be the problem. I had been using wireless access on this laptop with the same router for several years before 'uprading' the dirver...that's when my problems started.

HP DV7T 6000 USE AN intel 622ANHMW 6200 6200 agn wireless card sps:572509-001?

Hello,
My Wi-Fi card only works on 2.4 Ghz.
I want to upgrade it to a dual band 2.4Ghz/5 Ghz.
I have two HP DV7T's 6000 (With PART# LM726AV & PART#LM726AAR). Will an intel 622ANHMW 6200 6200 agn wireless card sps:572509-001? work in them?
I have tried other cards on past HP Laptops and sometimes they are locked out and will not work and receive a BIOS error.
Thanks!

Huffer,
check this out:
=============================================================================
http://forum.notebookreview.com/hp-pavilion-notebooks/651517-found-hp-approved-dual-band-wireless-n-...
In the threads discussing upgrading the Intel Wireless-N 1030 to dual band, I haven't seen this card mentioned, but if I missed it and I'm repeating old news, I apologize.
I have a dv7T-6000 I received in February 2012 and I wasn't happy with the built-in wireless card, but the BIOS mods didn't seem very stable either (i.e. you can't save changes to BIOS settings after installing the modded version). I decided to take a look through the BIOS code on my own and was able to locate the FCC ID whitelist, which is where I found this card listed.
From what I can find, this card is actually sold by HP for some of its business laptops but for whatever reason it's listed in our whitelist. The cards are available from Hong Kong on eBay for 25 bucks by searching for "630813-001". I just received mine today (took about 2 weeks or so) and it installed perfectly, the bluetooth and Wifi is working fine. I don't have a Wireless-N router to test it with yet, but the important part is the BIOS accepted it and the drivers are working. HP Connection Manager also recognizes it, and the wifi button on the keyboard is operable as well. There are drivers for this card actually listed under the dv7-6c00 on the HP support site, although the link only says Ralink b/g/n, but then if you click through, it lists several more Ralink adapters including this one, the a/b/g/n.
http://www.amazon.com/gp/product/B00AARQ5F2/ref=ox_sc_act_title_1?ie=UTF8&smid=A2KPDAFXIXUTZL
===========================================================================
I am going to try it.

Cisco891w-agn router

Similar Messages

Maybe you are looking for