I hope someone on here can help me figure this out.

A couple of months ago, I saw a great deal on the 1941W and decided to buy it to replace my old Linksys router. It will also be used in my CCNP lab when I get around setting up that lab.


Anyway, I have a CCNA so I know my way around the IOS CLI. I've configured the router for Wired access without a problems. It's connected to my Comcast cable modem and I'm able to browse the net and serve DHCP/DNS on the router.


I'm stuck with the wireless configuration. No matter how many blogs I read or manuals I read on this device, I can't seem to get it to work. I've read a couple of post on here and have taking some of the configs from the posts to piecemeal something but nothing has worked. If any of you nice guys out there can look at my config below and let me know what I'm doing wrong, that will be greatly appreciated.


What I want to setup is this: Two SSID's on the private network ("HomeNet2" on the 2.4GHz radio and "HomeNet5" on the 5GHz radio). Then a third (HomeNet2Guest) SSID on the 2.4GHz network for guests. I want the guess SSID/Vlan to be isolated from the rest of the network. And lastly, I want both LAN and WLAN to get IP's from the 192.168.1.0 DHCP Pool. Then I want the WLAN guests to get IP's from the 192.168.2.0 DHCP Pool. I hope I gave enough details on what I'm trying to achieve.




Router:


! Last configuration change at 04:05:41 UTC Tue Apr 22 2014 by admin
! NVRAM config last updated at 04:39:04 UTC Tue Apr 22 2014 by admin
! NVRAM config last updated at 04:39:04 UTC Tue Apr 22 2014 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname RBRouter
!
boot-start-marker
boot system flash:c1900-universalk9-mz.SPA.151-4.M7.bin
boot-end-marker
!
!
!
no aaa new-model
!
service-module wlan-ap 0 bootimage autonomous
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.110 192.168.1.254
ip dhcp excluded-address 192.168.1.2
ip dhcp excluded-address 192.168.1.3
ip dhcp excluded-address 192.168.1.100
ip dhcp excluded-address 192.168.1.105
ip dhcp excluded-address 192.168.1.101
ip dhcp excluded-address 192.168.2.1
!
ip dhcp pool LAN-POOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 192.168.1.1
domain-name HomeNet
lease 14
!
ip dhcp pool WLAN_GUEST
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 68.87.64.146 8.8.8.8
lease 14
!
!
ip domain name HomeNet
ip host HikNVR 192.168.1.105
ip name-server 68.87.64.146
ip name-server 8.8.8.8
!
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-2788177606
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2788177606
revocation-check none
rsakeypair TP-self-signed-2788177606
!
!
crypto pki certificate chain TP-self-signed-2788177606
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32373838 31373736 3036301E 170D3134 30343139 31343039
31315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 37383831
37373630 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100DF80 BB903B36 36A58105 E2E64AA8 010320A1 87F2DF3B 74384F6D 20BB5D0B
5C4ECFC4 7DE41109 148DA437 D2C68CC9 A74535DB C9B14FD1 17BD9ECB BD96C1F9
BE6812C2 9E4F4B61 1F7DA4AE F8ACD442 89FDEAB1 511774AC 70465CDD 1F87DB70
704F6E80 55B36C72 E3EC3E3F 823AB4C8 F1E63AEF EADBFF41 7B537A5D 0DFE2FD0
834B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 147D59FA 066B8598 9576299A C786F9A8 8DB48FBA D7301D06
03551D0E 04160414 7D59FA06 6B859895 76299AC7 86F9A88D B48FBAD7 300D0609
2A864886 F70D0101 05050003 81810072 F696E03D 4E4489AE 4C61FE35 FFAFEC1C
6420774F 13F5605F AC8FCDAE D5E0ED43 1AC784A4 A8F49849 464A3F49 63D270BE
123C69D8 98B3C963 270D3E61 275C39E0 C5B81E5E A0FB396D 8825DCEC 85C11C24
A9141EC1 DA05D923 F9EB7099 880EDAF8 9D79E417 D955AFED E0E9598A BF503FF2
878E7F67 74E516F7 780C3770 FBFBA4
quit
license udi pid CISCO1941W-A/K9 sn FTX1541000U
hw-module ism 0
!
!
!
vtp domain HomeNet
vtp mode transparent
username admin privilege 15 secret 5 Hidden
!
redundancy
!
!
!
!
vlan 6
name None
!
vlan 10
name HOME-WIFI
!
vlan 20
name HomeNet
!
vlan 30
name HomeNet-Wireless
!
vlan 33
name WIRELESS_GUEST
!
vlan 40
name Voice
!
vlan 999
name Management
!
ip ssh version 2
!
!
!
bridge irb
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered GigabitEthernet0/1
arp timeout 0
no mop enabled
no mop sysid
!
interface GigabitEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Wlan-GigabitEthernet0/0
description Internal Switch interface connecting to the embedded AP
switchport mode trunk
no ip address
!
interface GigabitEthernet0/1/0
no ip address
!
interface GigabitEthernet0/1/1
no ip address
!
interface GigabitEthernet0/1/2
no ip address
!
interface GigabitEthernet0/1/3
no ip address
!
interface Vlan1
ip unnumbered GigabitEthernet0/1
bridge-group 1
!
interface Vlan10
no ip address
!
interface Vlan33
no ip address
bridge-group 33
!
interface BVI1
ip address dhcp
!
ip forward-protocol nd
!
no ip http server
ip http secure-server
!
ip dns server
ip nat inside source list NAT_THESE_To_INTERNET interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 xx.xxx.xxx.x 254
!
ip access-list extended NAT_THESE_To_INTERNET
permit ip 192.168.1.0 0.0.0.255 any
!
!
control-plane
!
bridge 1 route ip
bridge 33 route ip
!
!
line con 0
exec-timeout 30 0
password 7 hidden
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
exec-timeout 30 0
password 7 hidden
logging synchronous
login local
transport input ssh
!
scheduler allocate 20000 1000
end






&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&


AP:


WAP#sh run
Building configuration...


Current configuration : 4111 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname WAP
!
enable secret 5 hidden
!
no aaa new-model
!
!
dot11 syslog
!
dot11 ssid HomeNet2
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 hidden
!
dot11 ssid HomeNet2Guest
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 hidden
!
dot11 ssid HomeNet5
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 hidden
!
!
crypto pki trustpoint TP-self-signed-4051175986
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4051175986
revocation-check none
rsakeypair TP-self-signed-4051175986
!
!
crypto pki certificate chain TP-self-signed-4051175986
certificate self-signed 01
3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34303531 31373539 3836301E 170D3032 30333031 31343434
31305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 30353131
37353938 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BF7C 96E23D5D 028442E1 7EDB7996 754D4919 6641302D 03311EDD EE619C6D
6C6BDDBF 39273922 0283B22F C5DE4491 16C767CF F9398473 029446DB 02B9D2B0
4B77C0C1 9C754B10 956E0E99 28062CFE D270EBBE C6763209 68664931 DC5F69E8
63AB1CAF 8005E922 CB30F94F A4F30554 A9360A00 ACC4B3FF 29740E6A 6055C0AB
6BB30203 010001A3 62306030 0F060355 1D130101 FF040530 030101FF 300D0603
551D1104 06300482 02617030 1F060355 1D230418 30168014 65E50227 33286B18
5D2268BE 52D2C081 0689DF7F 301D0603 551D0E04 16041465 E5022733 286B185D
2268BE52 D2C08106 89DF7F30 0D06092A 864886F7 0D010104 05000381 8100368F
6D47C025 245E483F 89591AFB 197542CA F7ED67C0 B6B8B6A7 002E5887 7AF6F701
776BBDA6 7FC2782E 2D50400F AAAF23FD 05F005AE 9FB382AB 699FC13F 2241F0DF
70513E7E F86065A1 0D2F9279 2CE5207B 2EFB50BE 7D46C359 C9ACF487 0A0203C7
ACC5A5D8 62A73AA1 BE72E9B9 241DFC83 EAA76320 1F36598E 743B59F7 1A20
quit
username Cisco password 7 hidden
username admin privilege 15 secret 5 hidden.
!
!
bridge irb
!
!
interface Dot11Radio0
description 802.11bgn 2.4GHz Radio
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid HomeNet2
!
antenna gain 0
station-role root
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1
description 802.11n 5GHz Radio
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid HomeNet5
!
antenna gain 0
dfs band 3 block
channel dfs
station-role root
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
description The embedded AP Gig 0 is an internal interface connecting AP with the host router
no ip address
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.33
encapsulation dot1Q 33
no ip route-cache
bridge-group 33
no bridge-group 33 source-learning
bridge-group 33 spanning-disabled
!
interface BVI1
ip address 192.168.1.3 255.255.255.0
no ip route-cache
!
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779...onfig/help/eag
bridge 1 protocol ieee
bridge 1 route ip
!
!
!
line con 0
exec-timeout 30 0
password 7 hidden
logging synchronous
login local
no activation-character
line vty 0 4
exec-timeout 30 0
password 7 hidden
logging synchronous
login
!
end