Ap connected users can not ping the server IP

Created: Aug 23, 2019 14:59:51Latest reply: Aug 23, 2019 15:14:37 124 1 0 0
  Rewarded Hi-coins: 0 (problem resolved)

Hi Community,


there is an AP (AP4050 DN) in FAT mode, here only one way communication happens not two way like wan to Ap connected user communication happeneing but vise versa not.

software version: V2R7


local connectovity:

Nexis Router>>>Cisco L3 switch>>AP>>> Users



cofiguration:--


Ap 4050 DN

-----------------------------------------------------------

-----------------------------------------------------------

Info: You are advised to change the password to ensure security.

<Huawei>dis cu

#

 http secure-server ssl-policy default_policy

 http server enable

#

 clock timezone ChennaiKolkataMumbaiNew_Delhi add 05:30:00

#

ssl renegotiation-rate 1

#

vlan batch 100 to 101

#

authentication-profile name default_authen_profile

authentication-profile name dot1x_authen_profile

authentication-profile name mac_authen_profile

authentication-profile name portal_authen_profile

authentication-profile name macportal_authen_profile

#

dns resolve

dns server 115.112.18.130

dns server 115.112.18.22

dns server 8.8.8.8

dns proxy enable

#

dhcp enable

#

radius-server template default

#

pki realm default

 certificate-check none

 rsa local-key-pair default

 enrollment self-signed

#

ssl policy default_policy type server

 pki-realm default

 version tls1.0 tls1.1 tls1.2

 ciphersuite rsa_aes_128_cbc_sha rsa_aes_128_sha256 rsa_aes_256_sha256

ssl policy https type client

 pki-realm default

 version tls1.2

 server-verify enable

 prefer-ciphersuite rsa_aes_128_sha256 rsa_aes_256_sha256

#

acl name nat 2000

 rule 5 permit

#

free-rule-template name default_free_rule

#

portal-access-profile name portal_access_profile

#

aaa

 authentication-scheme default

 authentication-scheme radius

  authentication-mode radius

 authorization-scheme default

 accounting-scheme default

 domain default

  authentication-scheme default

 domain default_admin

  authentication-scheme default

 local-user root password irreversible-cipher $1a$L]iZYRZ[TT$<Yi"Hu*Kz-LsJg#Hll!-4e4gE`|GZWgEWK,*M<;#$

 local-user root privilege level 15

 local-user root service-type ssh http

 local-user admin password irreversible-cipher $1a$)Mx#I(~b\8$!d;;QuvV(Kp]yo4EX[++9XR^/)6pdTZcS$E:3,J6$

 local-user admin privilege level 15

 local-user admin service-type telnet ssh http

#

interface Dialer1

 link-protocol ppp

#

interface Vlanif1

 ip address 172.29.14.226 255.255.255.128

#

interface Vlanif100

 ip address 192.168.1.1 255.255.255.0

#

interface Vlanif101

 ip address 172.29.115.140 255.255.255.128

 dhcp select interface

 dhcp server excluded-ip-address 172.29.115.129 172.29.115.131

 dhcp server dns-list 8.8.8.8

#

interface GigabitEthernet0/0/0

#

interface NULL0

#

 undo snmp-agent

#

 sftp server enable

 stelnet server enable

ssh server secure-algorithms cipher aes256_ctr aes128_ctr

ssh server secure-algorithms hmac sha2_256

ssh server key-exchange dh_group14_sha1

ssh client secure-algorithms cipher aes256_ctr aes128_ctr

ssh client secure-algorithms hmac sha2_256

ssh client key-exchange dh_group14_sha1

#

ip route-static 0.0.0.0 0.0.0.0 172.29.14.129

#

user-interface con 0

 authentication-mode password

user-interface vty 0

 authentication-mode aaa

 screen-length 44

 protocol inbound all

user-interface vty 1 4

 authentication-mode aaa

 protocol inbound all

user-interface vty 16 20

 protocol inbound all

#

wlan

 traffic-profile name default

 traffic-profile name huawei-ap

 security-profile name default

 security-profile name huawei-ap

  security wpa-wpa2 psk pass-phrase %^%#Ke5LBn;4)VZZIc*W5ND@=(l{(vALg;:<qjCgXWX=%^%# aes

 ssid-profile name default

 ssid-profile name huawei-ap

  ssid huawei-ap

 vap-profile name default

 vap-profile name huawei-ap

  service-vlan vlan-id 101

  ssid-profile huawei-ap

  security-profile huawei-ap

  traffic-profile huawei-ap

 country-code IN

 air-scan-profile name default

 rrm-profile name default

  calibrate auto-txpower-select disable

 radio-2g-profile name default

 radio-5g-profile name default

 wids

#

interface Wlan-Radio0/0/0

 vap-profile huawei-ap wlan 2

#

interface Wlan-Radio0/0/1

 vap-profile huawei-ap wlan 2

#

dot1x-access-profile name dot1x_access_profile

#

mac-access-profile name mac_access_profile

#

 undo ntp-service enable

#

return

<Huawei>

----------------------------------------

------------------------------------

Cisco//L3//NSK-C5548UP


interface Vlan280

  no shutdown

  no ip redirects

  ip address 172.29.115.130/25

  hsrp 253

    authentication text AD$56

    preempt

    priority 243

    ip 172.29.115.129


NOI5NXS01#

----------------------------------------

---------------------------------------





  • x
  • convention:

Featured Answers
Popeye_Wang
Admin Created Aug 23, 2019 15:14:37 Helpful(0) Helpful(0)

Hi Tyagi,
Do the uses obtain the IP addresses correctly?
Why the default route on the AP does not point to the Cisco switch?
cs

This article contains more resources

You need to log in to download or view. No account?Register

x
  • x
  • convention:

All Answers
Popeye_Wang
Popeye_Wang Admin Created Aug 23, 2019 15:14:37 Helpful(0) Helpful(0)

Hi Tyagi,
Do the uses obtain the IP addresses correctly?
Why the default route on the AP does not point to the Cisco switch?
cs

This article contains more resources

You need to log in to download or view. No account?Register

x
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login