Wireless Access

HW INFO:

-RAP-3WNP

-Cisco Switch 3750

STEPS TAKEN:

1. create 2 SSIDs (EMPLOYEE and GUEST)

PROBLEMS:

1. RAP can't ping anywhere

3750 can't ping RAP

but PC connected to EMPLOYEE SSID can go anywhere

because pc can't ping RAP. I can't manage it

?

1. why "show running-config" didn't show its ip but show ip only in "sh ip int"

2. is this problem caused by config in 3750 native vlan?
NOTE:
-if I set 3750 port f2/0/35 native vlan to 40 (RAP ip is 10.0.40.129). I can ping RAP but pc can't get DHCP

-if I set 3750 port f2/0/35 native vlan to 1 (RAP ip is 10.0.40.129). I can't ping RAP but pc can get DHCP

tq

RAP-3WNP:

# sh ip int
Interface IP Address / IP Netmask Admin Protocol
br0 10.0.40.129 / 255.255.255.0 up up
# show run
version 6.4.4.0-4.2.4
virtual-controller-country US
virtual-controller-key f787bd610138808ad3f09ba2cf057551ec1731946730cb98a1
name instant-82:74:1D
terminal-access
clock timezone none 00 00
rf-band all
allow-new-aps
allowed-ap 00:0b:86:82:74:1d
arm
wide-bands 5ghz
80mhz-support
min-tx-power 18
max-tx-power 127
band-steering-mode prefer-5ghz
air-time-fairness-mode default-access
client-aware
scanning
ip dhcp pool
domain-name ngtrain.com
syslog-level warn ap-debug
syslog-level warn network
syslog-level warn security
syslog-level warn system
syslog-level warn user
syslog-level warn user-debug
syslog-level warn wireless
extended-ssid
user guest1 3b1ddfd86a472fa134882c86677673daa13927dd41f29377 portal
mgmt-user admin 14142b96cf0988b96b46526cf0afda2a
wlan access-rule GUEST
index 0
rule any any match any any any permit
wlan access-rule default_wired_port_profile
index 1
rule any any match any any any permit
wlan access-rule wired-instant
index 2
rule masterip 0.0.0.0 match tcp 80 80 permit
rule masterip 0.0.0.0 match tcp 4343 4343 permit
rule any any match udp 67 68 permit
rule any any match udp 53 53 permit
wlan access-rule EMPLOYEE
index 3
rule any any match any any any permit
wlan ssid-profile GUEST
enable
index 0
type guest
essid GUEST
opmode opensystem
max-authentication-failures 0
vlan 60
auth-server InternalServer
rf-band all
captive-portal internal
dtim-period 1
broadcast-filter arp
dmo-channel-utilization-threshold 90
local-probe-req-thresh 0
max-clients-threshold 64
wlan ssid-profile EMPLOYEE
enable
index 1
type employee
essid EMPLOYEE
wpa-passphrase db13aa3033cfeb4540b145966b7f6a9bc2aed79d1fa409ee
opmode wpa2-psk-aes
max-authentication-failures 0
vlan 40
rf-band all
captive-portal disable
dtim-period 1
broadcast-filter arp
dmo-channel-utilization-threshold 90
local-probe-req-thresh 0
max-clients-threshold 64
auth-survivability cache-time-out 24
wlan captive-portal
background-color 13421772
banner-color 16750848
banner-text "Welcome to Guest Network"
terms-of-use "This network is not secure, and use is at your own risk"
use-policy "Please read terms and conditions before using Guest Network"
authenticated
wlan external-captive-portal
server localhost
port 80
url "/"
auth-text "Authenticated"
auto-whitelist-disable
https
blacklist-time 3600
auth-failure-blacklist-time 3600
ids
wireless-containment none
wired-port-profile wired-instant
switchport-mode access
allowed-vlan all
native-vlan guest
no shutdown
access-rule-name wired-instant
speed auto
duplex auto
no poe
type guest
captive-portal disable
no dot1x
wired-port-profile default_wired_port_profile
switchport-mode trunk
allowed-vlan all
native-vlan 1
shutdown
access-rule-name default_wired_port_profile
speed auto
duplex full
no poe
type employee
captive-portal disable
no dot1x
enet0-port-profile default_wired_port_profile
uplink
preemption
enforce none
failover-internet-pkt-lost-cnt 10
failover-internet-pkt-send-freq 30
failover-vpn-timeout 180
airgroup
disable
airgroupservice airplay
disable
description AirPlay
airgroupservice airprint
disable
description AirPrint