WRV200 as WAP

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by eric_stewart, Apr 10, 2007.

  1. eric_stewart

    eric_stewart Super Moderator Staff Member Member

    I have an 802.11b webcam ....Linksys WVC11B. It supports WEP encryption only. The rest of my network is 802.11g equipment. With the WRV200 I am able to set it up as a wireless access point, with 2 SSIDs. One to keep the WPA2 encrypted 802.11g clients happy and another, set to b-only mode with WEP encryption for my wireless camera. No need to dumb down the security of my whole network because of the camera. This is slick. I set it up with a static, bogus address on its WAN port so I needed to find some way for it to learn its default gateway (tried programming it to no avail) so.......

    Furthermore, I turned on RIP version 2 on the WRV200. It now obtains its default route from its "LAN side" as I am injecting a default route into the LAN from my Cisco ASA5505. While it doesn't need this default gateway for routing (I am using it as a WAP), this *does* allow the device to synchronize its clock off of an NTP server and do DNS queries since it has a proper default route.

    I'm just getting back on the WRV200 bandwagon since I had an enforced hiatus while I was waiting for my bricked unit to be replaced. The beta team at Linksys was kind enough to send me another unit.

    I'm going to conjure up a configuration where I can use the VLAN capability of the box, maybe putting one of the ports into my existing DMZ established by my ASA and putting in the same VLAN as another SSID so my kids' friends can have their own wireless hotspot without wacking my internal network.

    I have a diagram of my plaything....errrm....network at this link:


    Take the WRT54GS out of the picture and substitute the WRV200 and you the idea.

    moderator and contributor to LinksysInfo.org
    webmaster and contributor to Breezy.ca <-- have you got Breezy?
  2. arSouth

    arSouth LI Guru Member

    sorry, i'm kind of nosy to bug in to your buisness
    when i see cisco stuff, i get excited, getting a Cisco 871w myself.

    I see that you have a PIX 501 between the ASA5505 and the Internet access.
    i feel that it's not nessary, because the ASA5505 is a PIX, and it's a better pix then the pix501.
    so maybe you have one less thing to deal with if you lose the pix501.

    back to the wireless part, actually i think a Cisco WAP is more manageable in your situation, since you are running business level Cisco equipment. but it does cost a lot more money then the WRV200.
    i think right now is easy way to go is to get rip of the WRV200(well not that easy to get rip of a router that doesn't work well), and get a Cisco WAP, it'll handle it all. VLAN, WPA, LEAP, EAP.... i setup a couple Cisco 1200APs in the school, it's been running none stop since i put them in last spring. plus removable antennas. my sugguestion.

    /Technical Assistant of Cisco Networking Academy at MVCC, IL
  3. eric_stewart

    eric_stewart Super Moderator Staff Member Member

    Well. I might be running a business-class network but (as you note yourself) I can't afford to buy all Cisco equipment.

    The WRV200 seems to be a good choice at its price point for my needs. Failing that (literally...I'm still testing!) I'll just put out a spare WRT54GS to look after my b-only WEP wireless camera.

    Also, the reason that I'm using two firewalls is explained at this link: http://www.breezy.ca/?q=node/120 It also gives me the capability of running NAT rules and static translations to specific inside servers and largely avoid using PAT and using port forwarding since the PIX is doing PAT. In fact, another new(ish) feature of the 7.x code on the ASA and PIX firewalls is that you don't have to do NAT anymore if you don't want to. The 6.x code requires translations.

  4. DocLarge

    DocLarge Super Moderator Staff Member Member


    For those who don't know what Eric_Stewart brings to the team:

    - 20yrs CISCO Experience
    - Senior Network Engineer/Consultant
    - Cleanup guy when "the kids" (Toxic, Kspare, and myself) have issues

    As an added extra, he's just plain "cool" to play with when you get new toys (such as my 871w) we played around with for week or so getting configured).

    Oh yes, he is nerdy, too...

    Need more be said? :)

  5. eric_stewart

    eric_stewart Super Moderator Staff Member Member

    Me a nerd?

    BTW, now that I'm such an expert no one will ask me questions!

  6. arSouth

    arSouth LI Guru Member

    lol, sorry
    i'm not trying to question your knowledge, sorry, for the miss understanding.
    i'm just curious about your network setup. i get really excited when i see all these kool stuff. lol.....
    as you can see, i'm just starting out, alot of stuff to learn. you know.
    if you mind, i'll be picking your brain from now on.

    actually i'm kinda troubleshooting a T1 connection for a side job. this ISP running T1 over FRame-relay, they call in to the business and said their side went down. they sent tech out to fix the problem, after that, the T1 never come back up again, we have try 2 routers (cisco 1720, 2600) with 3 WIC cards, all came up with the same yellow AL light green CD light, interface down, line protocol down. it's a half T1. i call the ISP several times to run test and verified configs, the connection flips for a while when they were running the test.
    i don't know, i'm running out of possibility here.
    sorry i think this is not the right place.
  7. eric_stewart

    eric_stewart Super Moderator Staff Member Member

    If it is a sudden issue on an existing T1 *and* the configuration hasn't changed then it is almost definitely a circuit-level (ie: layer 1 = PHY OSI layer) issue. Your LEDs indicate same. The fact that you have the same issue on both the 1720 and 2600 with 3 different WICs just adds weight to this.

    Might take this as an opportunity to save a few $$ and go to a DSL or cable connection. More speed, less $$ but also less security! You would need to configure a site-to-site VPN connection to replace those circuit-switched FR over T1 WAN links.

  8. arSouth

    arSouth LI Guru Member


    Yeah, WE got that issue resolve at the business. turns out the ISP have a bad port on their site, because they called and told the business that their site was down fisrt. and their department is so separated, took them 2 freakin weeks to stop pointing the finger and go find out what happen. stupid idiots.....

    anyways..........the line is now up, the business is getting cable for backup, they need the t1 to host services. but properly going to change ISP.

    oh....and the business owner going to sue the ISP for been such stupid idiots.:biggrin:

    Thanks Eric.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice