Cisco Aironet autonomous AP - WDS Configuration...
Hello.
I have 10 AP I am defining as my WDS access point / Radius Server and configure the other 9 to use this AP as the Radius server. LATHQWAP01 the AP I want set up as WDS and LATHQWAP02 server is the first AP I want to link to the WDS AP. However, I'm struggling...
I used the CLI as the GUI is beyond useless. Here are the commands that I published on the radius (LATHQWAP01) server:
LATHQWAP01 (config) #aaa new-model
LATHQWAP01 (config) #aaa rad_eap radius server group
LATHQWAP01 (config-sg-RADIUS) #server X.X.201.170
LATHQWAP01 (config-sg-RADIUS) #exit
LATHQWAP01 (config) #aaa authentication login eap_methods group rad_eap
LATHQWAP01 (config) #radius - X.X.201.170 - key cisco123 host server
LATHQWAP01 (config) #-local radius server
LATHQWAP01(config-radsrv) #nas X.X.201.170 - key cisco123
LATHQWAP01(config-radsrv) #user wds password cisco123
LATHQWAP01(config-radsrv) #exit
LATHQWAP01 (config) #wlccp wds priority 255 interface bvi1
LATHQWAP01 (config) #wlccp authentication infrastructure eap_method Server
LATHQWAP01 (config) #wlccp ap wds user password cisco123
LATHQWAP01 (config) #exit
LATHQWAP01 #show wlccp wds
MAC: 881d.fc46.c865, IP-ADDR: X.X.201.170, IPV6-ADDR::
Priority: 255
Interface BVI1, State: Administratively autonomous - ACTIVE
AP count: 0 Count MN: 0
Here are the commands I issued on the AP I want to link to the WDS / AP RADIUS.
LATHQWAP02 #conf t
Enter configuration commands, one per line. End with CNTL/Z.
LATHQWAP02 (config) #wlccp ap wds user name password cisco123
LATHQWAP02 (config) #exit
LATHQWAP02 #show wlccp ap
WDS = 881d.fc46.c865, IP: x.x.201.170 IPV6:
State = wlccp_ap_st_leap_auth
IN authenticator = IP: x.x.201.170 IPV6:
However, you can see on the Show wlccp wds output the number of AP is 0. Surely, you need 2? AP WDS with himself and the second point of access I linked?
See the race on the WDS (LATHQWAP01)...
User access audit
User name: admin
Password:
LATHQWAP01 #show run
Building configuration...
Current configuration: 5148 bytes
!
! Last configuration change at 22:53:11 UTC Tuesday, March 2, 1993 by admin
version 15.3
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
hostname LATHQWAP01
!
!
Pulse 9 logging console
!
AAA new-model
!
!
AAA rad_eap radius server group
Server x.x.201.170
!
AAA authentication login default local
AAA authentication login eap_methods group rad_eap
AAA authorization exec default local
!
!
!
!
!
AAA - the id of the joint session
no ip source route
no ip cef
!
!
!
!
dot11 syslog
dot11 vlan data name of vlan 1000
dot11 vlan-name COMMENTS vlan 1234
dot11-name of vlan VOICE vlan 1200
!
SSID dot11 x
VLAN 1000
open authentication
authentication-key wpa version2 management
WPA - psk ascii 7 046F03555A2A55475C1B090241
!
SSID dot11 x
VLAN 1234
open authentication
authentication-key wpa version2 management
Comments-mode
WPA - psk ascii 7 0828425A0C15091E150E0210272A362336212B1D00
No customer ID MFP
!
!
Dot11 phone
!
!
!
username ADMIN privilege 15 password 7 062A5B35601E0A4D21
!
!
!
class-map correspondence _class_Lync2
match ip dscp cs3
class-map correspondence _class_Lync0
match ip dscp cs5
class-map correspondence _class_Lync1
match ip dscp af41
!
Policy-map Lync
class _class_Lync0
COS Set 6
class _class_Lync1
COS Set 5
class _class_Lync2
COS Set 4
!
Bridge IRB
!
!
!
interface Dot11Radio0
no ip address
!
encryption mode vlan 1000 ciphers aes - ccm
!
encryption mode vlan 1234 ciphers aes - ccm
!
SSID x
!
SSID x
!
gain of antenna 0
STBC
root of station-role
!
interface Dot11Radio0.1000
encapsulation dot1Q 1000
Bridge-group 255
Bridge-group subscriber-loop-control 255
Bridge-group 255 covering people with reduced mobility
Bridge-group 255 block-unknown-source
No source of bridge-group 255-learning
No bridge group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
!
interface Dot11Radio0.1200
encapsulation dot1Q 1200 native
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface Dot11Radio0.1234
encapsulation dot1Q 1234
Bridge-group 254
Bridge-group subscriber-loop-control 254
Bridge-group 254 covering people with reduced mobility
Bridge-254 block-unknown-source group
No source of bridge-group 254-learning
No bridge group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
!
interface Dot11Radio1
no ip address
!
encryption mode vlan 1000 ciphers aes - ccm
!
encryption mode vlan 1234 ciphers aes - ccm
!
SSID x
!
SSID x
!
gain of antenna 0
peakdetect
no block of dfs
STBC
channel SFR
root of station-role
!
interface Dot11Radio1.1000
encapsulation dot1Q 1000
Bridge-group 255
Bridge-group subscriber-loop-control 255
Bridge-group 255 covering people with reduced mobility
Bridge-group 255 block-unknown-source
No source of bridge-group 255-learning
No bridge group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
!
interface Dot11Radio1.1200
encapsulation dot1Q 1200 native
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface Dot11Radio1.1234
encapsulation dot1Q 1234
Bridge-group 254
Bridge-group subscriber-loop-control 254
Bridge-group 254 covering people with reduced mobility
Bridge-254 block-unknown-source group
No source of bridge-group 254-learning
No bridge group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
!
interface GigabitEthernet0
no ip address
full duplex
automatic speed
!
interface GigabitEthernet0.1000
encapsulation dot1Q 1000
Bridge-group 255
Bridge-group 255 covering people with reduced mobility
No source of bridge-group 255-learning
service-policy input Lync
service-policy output Lync
!
interface GigabitEthernet0.1200
encapsulation dot1Q 1200 native
Bridge-Group 1
Bridge-Group 1 covering-disabled people
No source of bridge-Group 1-learning
!
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
Bridge-group 254
Bridge-group 254 covering people with reduced mobility
No source of bridge-group 254-learning
service-policy input Lync
service-policy output Lync
!
interface BVI1
881d.fc46.c865 Mac address
IP address x.x.201.170 255.255.254.0
!
IP default-gateway x.x.201.202
IP forward-Protocol ND
IP http server
aaa IP http authentication
no ip http secure server
IP http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
local RADIUS server
NAS x.x.201.170 touches 110A1016141D5A5E57 7
NAS x.x.201.171 touches 1511021F07257A767B 7
the nthash wds user 7 013250267D2D5257036A1E5F3F5144332E5B220872747B10107531574626
24770B
!
RADIUS-server host 10.10.201.170 touches 14141B180F0B7B7977 7
!
rap_eap RADIUS server
!
1 channel ip bridge
!
!
wlccp ap username wds going 7 104D000A061843595F
And show performed on the WDS AP client...
User access audit
User name: admin
Password:
LATHQWAP02 #show run
Building configuration...
Current configuration: 4668 bytes
!
! Last configuration change at 03:25:50 UTC Tuesday, March 2, 1993 by admin
version 15.3
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
hostname LATHQWAP02
!
!
Pulse 9 logging console
!
AAA new-model
!
!
AAA authentication login default local
AAA authorization exec default local
!
!
!
!
!
AAA - the id of the joint session
no ip source route
no ip cef
!
!
!
!
dot11 syslog
dot11 vlan data name of vlan 1000
dot11 vlan-name COMMENTS vlan 1234
dot11-name of vlan VOICE vlan 1200
!
SSID dot11 x
VLAN 1000
open authentication
authentication-key wpa version2 management
WPA - psk ascii 7 046F03555A2A55475C1B090241
!
SSID dot11 x
VLAN 1234
open authentication
authentication-key wpa version2 management
Comments-mode
WPA - psk ascii 7 0828425A0C15091E150E0210272A362336212B1D00
No customer ID MFP
!
!
Dot11 phone
!
!
!
username ADMIN privilege 15 password 7 062A5B35601E0A4D21
!
!
!
class-map correspondence _class_Lync2
match ip dscp cs3
class-map correspondence _class_Lync0
match ip dscp cs5
class-map correspondence _class_Lync1
match ip dscp af41
!
Policy-map Lync
class _class_Lync0
COS Set 6
class _class_Lync1
COS Set 5
class _class_Lync2
COS Set 4
!
Bridge IRB
!
!
!
interface Dot11Radio0
no ip address
!
encryption mode vlan 1000 ciphers aes - ccm
!
encryption mode vlan 1234 ciphers aes - ccm
!
SSID x
!
SSID x
!
gain of antenna 0
STBC
root of station-role
!
interface Dot11Radio0.1000
encapsulation dot1Q 1000
Bridge-group 255
Bridge-group subscriber-loop-control 255
Bridge-group 255 covering people with reduced mobility
Bridge-group 255 block-unknown-source
No source of bridge-group 255-learning
No bridge group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
!
interface Dot11Radio0.1200
encapsulation dot1Q 1200 native
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface Dot11Radio0.1234
encapsulation dot1Q 1234
Bridge-group 254
Bridge-group subscriber-loop-control 254
Bridge-group 254 covering people with reduced mobility
Bridge-254 block-unknown-source group
No source of bridge-group 254-learning
No bridge group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
!
interface Dot11Radio1
no ip address
!
encryption mode vlan 1000 ciphers aes - ccm
!
encryption mode vlan 1234 ciphers aes - ccm
!
SSID x
!
SSID x
!
gain of antenna 0
peakdetect
no block of dfs
STBC
channel SFR
root of station-role
!
interface Dot11Radio1.1000
encapsulation dot1Q 1000
Bridge-group 255
Bridge-group subscriber-loop-control 255
Bridge-group 255 covering people with reduced mobility
Bridge-group 255 block-unknown-source
No source of bridge-group 255-learning
No bridge group 255 unicast-flooding
service-policy input Lync
service-policy output Lync
!
interface Dot11Radio1.1200
encapsulation dot1Q 1200 native
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface Dot11Radio1.1234
encapsulation dot1Q 1234
Bridge-group 254
Bridge-group subscriber-loop-control 254
Bridge-group 254 covering people with reduced mobility
Bridge-254 block-unknown-source group
No source of bridge-group 254-learning
No bridge group 254 unicast-flooding
service-policy input Lync
service-policy output Lync
!
interface GigabitEthernet0
no ip address
full duplex
automatic speed
!
interface GigabitEthernet0.1000
encapsulation dot1Q 1000
Bridge-group 255
Bridge-group 255 covering people with reduced mobility
No source of bridge-group 255-learning
service-policy input Lync
service-policy output Lync
!
interface GigabitEthernet0.1200
encapsulation dot1Q 1200 native
Bridge-Group 1
Bridge-Group 1 covering-disabled people
No source of bridge-Group 1-learning
!
interface GigabitEthernet0.1234
encapsulation dot1Q 1234
Bridge-group 254
Bridge-group 254 covering people with reduced mobility
No source of bridge-group 254-learning
service-policy input Lync
service-policy output Lync
!
interface BVI1
f44e.053c.092d Mac address
IP address x.x.201.171 255.255.254.0
!
IP default-gateway x.x.201.202
IP forward-Protocol ND
IP http server
aaa IP http authentication
no ip http secure server
IP http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
!
1 channel ip bridge
!
!
wlccp ap username wds going 7 00071A1507545A545C
!
Line con 0
line vty 0 4
transport of entry all
!
ntp2c.MCC.AC.UK SNTP server
SNTP client distribution
end
I'm completely at a loss with this. Any help is greatly appreciated.
This is what looks like my WDS Setup:
RADIUS AAA server WDS group
the name of the WDS server
!
AAA authentication login eap_methods group rad_eap
AAA authentication login mac_methods local
AAA authentication login method_WDS group WDS
AAA authorization exec default local
AAA accounting network acct_methods power group rad_acct
local RADIUS server
No leap authentication
no authentication mac
NAS 192.168.180.6 touches 062506324F41584B56 7
the nthash wds user 7 132444425D595072727C7F63167B4056322654077C0E0475285A4B32787E71710A
!
format of server RADIUS attribute 32 include-in-access-req hour
!
RADIUS WDS server
ipv4 192.168.180.6 address auth-port 1812 acct-port 1813
touch 7 14341B180F0B7B7977
!
Bridge Protocol ieee 1
1 channel ip bridge
!
!
wlccp ap username wds password 7 140016185D 5679
wlccp-server authentication infrastructure method_WDS
priority interface 255 wlccp wds BVI1
but I have a question, you will allow an SSID with 802. 1 X? If you're not then gains WDS nothing as the PSK will be validated at each AP WDS allows you an access point to the authenticator for the users, if when you move from one AP to another do you a 4 - way handshake with the WDS master instead of a handshake 15 pin with the AAA server.
HTH,
Steve
Tags: Cisco Wireless
Similar Questions
-
Cisco Aironet autonomous 1602i
I'm having a difficult time linking the stand-alone Cisco Aironet 1602i access point to my network.
How to connect it to the network so that when I try to connect to the AP via a wireless device, I see the SSID?
Thanks, let me know.
Dan
You have a guide that your help? If this isn't the case, then take a look at this:
https://supportforums.Cisco.com/docs/doc-16087
Here are several example guides:
http://www.Cisco.com/en/us/products/HW/wireless/ps4570/prod_configuration_examples_list.html
Thank you
Scott
Help others by using the rating system and marking answers questions as 'response '.
-
Point of access Cisco Aironet 1200 series help
We have 4 Cisco Aironet 1200 Access Points and they are all set to authenticate with our RADIUS server. However, authentication is hooked and can't understand why. Does anyone have any knowledge/experience with Cisco Aironet 1200 Access Points configuration?
OK, I do not work with the GUI so although the memory is a little hazy but from the APs home page look on the left hand side and there is an option for something like "Software Setup" or something to that effect. You should be able to find the IOS version of here. This requires that you are indeed runnig IOS code. How old are these APs? If more than a few years ago (and perhaps even more recent) that they could very well be running VxWorks and then we are in a different ball game. If you see what I have described above and the homepage for the AP is often white with a bit of greenish-blue, bluish-green color then IOS, if it is more colorful, yellow stuff and VxWOrks.
I hope this helps. Let me know if you need anything that anyone else. I will try to answer as soon as POSSIBLE.
-
Stand-alone configuration of Cisco Aironet 700i
Hello
I'm well aware new products Cisco. So please forgive my basic questions.
I have Cisco Aironet 700 series AP(AIR-SAP702I-Q-K9). I don't have a controller. I need to set this up as standalone access point.
I tried all the basic steps and tried to activate the two radios, but no luck. Anyone can guide me please on how to configure the AP.
I use web access to configure the AP.
Help, please
Thank you
Sagar
Hi Sam,
Please check these messages to set up autonomous AP.
https://rscciew.WordPress.com/2014/05/24/single-SSID-configuration-on-au...
https://rscciew.WordPress.com/2014/05/24/multiple-SSID-configurations-on...
Concerning
Remember messages useful rates
-
How to configure Aironet autonomous 1602i WAP
Hi all. I have 4 Aironet 1130AG autonomous WAP and I must add on 2 Aironet autonomous 1602i WAP as repeaters to extend the same network. Is it possible for me to save the configuration of a 1130AG that is configured as a Repeater and then download on WAP 1602i? Or do I need to manually set up the WAP 1602i as repeaters? Thank you.
Just in case, here is an older guide
http://www.Cisco.com/en/us/docs/wireless/access_point/12.4_3g_JA/CONFIGU...
Sent by Cisco Support technique iPhone App
-
Aironet autonomous 2600 does support WDS?
Hello
Aironet autonomous/Standalone 2602 does support WDS (Wireless Domain Services)?
I noticed that on controller Aironet 2602 doesn't support WDS. I would use 1242AG series, but it will soon go EOS.
Thank you.
AIOS all AP should support WDS
Steve
Sent by Cisco Support technique iPhone App
-
Cisco Aironet 2600 series Configuration of the DHCP server is NOT serving addresses?
Cisco Aironet 2600 series Configuration of the DHCP server is NOT serving addresses?
I have (2) AIR-SAP2602I-A-K9, configured the same way.
on two different remote LANs.
They don't seem to be handing out addresses via DHCP.
{If I connect to a local network with another DHCP server}
wireless devices can obtain addresses
This another DHCP server on the LAN through the access point.}
I followed 12.4.25d. JA.cg.pdf
Configuration of the Access Point to provide the Service DHCP 5-22
---------|---------|---------|
e.g. 3444-RCS1-AN #show running-config
Building configuration...
version 15.2
3444-RCS1-YEAR host name
no ip Routing
USH - DM IP domain name
DHCP excluded-address IP 192.168.29.89
IP dhcp RCS1 pool
network 192.168.29.88 255.255.255.248
router by default - 192.168.28.1
Rental 1 0
interface BVI1
IP 192.168.28.211 255.255.254.0
no ip route cache
default IP gateway - 192.168.28.1
---------|---------|---------|
---------|---------|---------|
e.g. 3444-RCS2-AN #show running-config
Building configuration...
version 15.2
3444-RCS2-YEAR host name
no ip Routing
USH - DM IP domain name
DHCP excluded-address IP 192.168.129.81
IP dhcp RCS2 pool
network 192.168.129.80 255.255.255.248
router by default - 192.168.128.1
Rental 2 0
interface BVI1
IP 192.168.128.171 255.255.254.0
no ip route cache
default IP gateway - 192.168.128.1
---------|---------|---------|
Thats the DHCP Pool range 192.168.29.88 through 192.168.28.95
Well this will confuse your customers.
And this is NOT how to set up your "range". See below:
DHCP excluded-address IP 192.168.29.1 192.168.29.87
DHCP excluded-address IP 192.168.29.96 192.168.29.254
IP dhcp RCS1 pool
network 192.168.28.211 255.255.254.0
router by default - 192.168.28.1
Rental 1 0
-
Several points of access Cisco Aironet 1131AG and same SSID?
We have several Cisco Aironet 1131AG, all wired devices on a switch (2560) Cisco L2 which is connected to the L3 switch (3550). We have assigned a VLAN for access point to the L3 switch which acts as a vtp Server (L2 switch is vtp client). All the ap will have a static ip address and all will have the same SSID and no security, and they will use several channels (e.g. 1,6,11). They will work in 3 floors for a roaming wireless client. We not using any wireless controller.
So my question is this: how to configure the same APs-all with a different ip address, can we use L3 switch to create the dhcp server to access points VLAN (pool for guests) and the rest of the static ip address for the ap? One of the ap can be WDS and on the same radius server local time with users without Cisco Secure ACS or similar controller or I did not understand this very well :-). I followed the guide http://www.cisco.com/en/US/docs/wireless/access_point/12.3_2_JA/configuration/guide/s32roamg.html for WDS where Abu Cisco ACS part is a problem, so I can use the same ap as a Local authenticator as a guide http://www.cisco.com/en/US/docs/wireless/access_point/12.3_4_JA/configuration/guide/s34local.html#wp1035723.
Thank you very much...
Well, just so you know, WDS, and local RADIUS authentication is necessary only if you use authentication on your wireless connection. You say that you do not plan to use security, so it's not necessary. However, I highly recommend at least using a simple WPA2-PSK to lock your connection, otherwise you might end up giving free Internet access at best and at worst you could give access to the computers and corporate servers. If you want to reuse a 802. 1 x or WPA authentication method, then Yes, you can use an AP as RADIUS and to improve WDS Server authenticated to roaming, but this is much more limited than the use of a Cisco ACS.
As for your other questions, Yes, your APs can all be configured the same except for at least three settings: IP address, hostname, and channel. Configure your static IP addresses on the interface of the PA BVI1. Do not place it on the Radio or Ethernet interfaces, because if one of these interfaces goes down, you lose the ability to configure the AP, so it's best to use the BVI1 interface.
And Yes, configure a DHCP scope for your customers on your L3 switch is good design, or you can also use your DHCP server on a different subnet by using the command of support-ip address on the interface of L3. I hope this helps! Let me know if you need help to set all this up.
Merry Christmas!
Jeff
-
Cisco Aironet SAP1602E - changing open to WPA - PSK access remote (RAP and map)
I currently have a deployment of Cisco Aironet SAP1602E Wireless point to point bridge (bridge using RAP and card, root wireless and Non-Root Bridge) to expand a layer 2 VLAN from one building to the other. It currently operates uisng open authentication and encryption - and is administered remotely via the bridge of root, to get wireless (manage) the bridge Non-Root - RAP wireless remote.
Try to configure the PSK WPA2-PSK remotely via the GUI or CLI - first setup - I informed a similar error to her below indicating that:
Error: Key-management WPA is requried for WPA-PSK
Read around, it seems, there is a configuration-control problem, and that I need to specify the mode as WPA2-PSK first, before then being able to specify the PSK there instead of using. However, as soon as this mode is specified on RAP, my remote administration is broken - as probably the RAP try to use WPA2-PSK to look for a PSK, which has not yet been configured. Am I missing something obvious here, or is the order of operations of CLI (1] convert to WPA - PSK; (2] shared secret to apply PSK) as a migration from open to WPA2-PSK cannot be configured remotely (short of preparation of a startup-config; TFTPing presents more; and issuance of a 'reload' remote control)? Can someone please enlighten me as to what the logic is here - no doubt I should be able to specify a PSK first (fo without worrying if I use WPA, WPA2 or other), and then be able to specify that I want as the layer of encryption (WPA) to make use of this pre-parameter PSK? If it was a router, you don't can me to add something to the authentication key chain OSPF; before clarifying its use - why so different Aironet Wireless IOS?You're right, and because you will have to enter several lines of configuration to switch to WPA2-PSK with AES didn't really matter; the AP would reset the radio anyway because you make changes related to the radio interface. It would be very useful that if Cisco router/switch IOS 'macro' feature available AP thus in changes like this, unfortunately this is not the case.
Start with the nonroot AP and make sure that the following lines are added to your configuration. If you add by the console, the order must be like that, do it by downloading a new configuration of booting with tftp, that it does not matter.
interface Dot11Radio0
encryption ciphers aes - ccm modeSSID dot11 TEST
authentication wpa key management
WPA - psk ascii 0Please rate helpful messages... :-)
-
Cisco Aironet 1830 disable broadcasting of the SSID
I recently bought a Cisco Aironet 1830 with the mobility Express version. installed 8.2.100.0. This unit is my controller and my only AP. I configured the device, but I can't seem to find a setting in the GUI or the CLI of the controller or AP disable broadcasting of the SSID. Can someone help with this?
Thank you
The CLI is available, the following command:
config ssid broadcast disable wlan
where wlan id is the number of your wlan. If in doubt, do a show wlan summary which should give you this info, I hope. Ric
-
Cisco Aironet 1131AG and measure access points to the power of the wireless signal?
/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 à 5.4pt 0 à 5.4pt ; mso-para-marge-top : 0 ; mso-para-marge-droit : 0 ; mso-para-marge-bas : 10.0pt ; mso-para-marge-left : 0 ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;}
/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 à 5.4pt 0 à 5.4pt ; mso-para-marge-top : 0 ; mso-para-marge-droit : 0 ; mso-para-marge-bas : 10.0pt ; mso-para-marge-left : 0 ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;}
We have about forty points of access Cisco Aironet 1131AG spread over four floors and they all have a static IP (BVI1) on the same SSID, customers will be on its own virtual local area network (dhcp on 3750 switch) and they use several channels (1,6,11). Cisco Wireless Control System is pending. This wireless network should support roaming for customers (there will be Wi - Fi tags of multiple AeroScout and wireless laptops). To measure the strength of the wireless signal and wireless coverage on each floor. My questions are:
- How to measure the strength of the wireless signal: we must meet at least three APs available with signal excellent (I guess for the WCS needs that will determine the position of the client in the building)? We thought to use NetStumbler and a few laptops with wifi and measure as many points as we can as simpler thing. Or should we use something like Cisco Aironet Client adapters for our mobile phone and then use Cisco Aironet Client Utility (is it worth buying for our analysis and measurement)? Any other idea?
- What signal level should we consider for a good wireless (dBm)?
- That we should propose for authentication, authorization and management accounting? What happens to the roaming wireless? I did not quiteunderstand WCS, WDS and WLC-that should be used for above tasks?
Thanks in advance.
"Use the command on the AP" sh dot11 associations "will give you the clients associated with success. If you add the MAC address of the client at the end of the command, you will get detailed information. Look under "Signal Strength" and "Signal to noise". Under the strength of the Signal, you want a value of-75 dBm or lower (lower values the better). -76 dBm and is bad. Under Signal-noise, you want a value of 25 dBm or more (values higher the better).
To measure the strength of the signal, I use Airmagnet, but you can use Netstumbler or Cisco Wireless Site Survey.
-
Cisco Aironet 1140 Standalone AP
Greetings. For some time I'm looking for bargains from a class wireless access point. I narrowed down it to the stand-alone Cisco Aironet 1140 (no controller). I'm no stranger to Cisco products. I worked with the routers, switches and firewalls Pix / ASA. However, I did not have the opportunity to work with their wireless access point I hope that someone here who has experience using these AP (more precisely the autonomous 1140), can provide information on the reliability and safety of these devices. Some of the features that I would like to have as Mgmt. Radio and Rogue AP Detection I see are only available on the controller base units. Do not have these features on the autonomous unit reduced its reliability and safety? It's for a small business and the budget does not drop to a controller at this time. Thank you!
The 1140's are a good choice for standalone 802.11n. Regarding reliability and safety, it would be identical to a lightweight AP. you can use different types of encryption as well as using 802.1 x. You will not not reliable detection functions or management of radio since these are autonomous.
Thank you
Scott Fella
Sent from my iPhone
-
Create the Pool DHCP on Cisco Aironet 1131AG
Hello
How to create a DHCP on a Cisco Aironet pool so that laptops could get an IP address from this range when connected?
I don't want to use DHCP on our servers because these laptops are to be on a separate network.
Just do not know what commands to use.
Thank you!
Hello
There is a nice step by step to configure the DHCP Service on the AP in this doc;
Configuration of the Access Point to provide DHCP Service
I hope this helps!
Rob
Thank you to support CSC helps Haiti
-
New Cisco Aironet 1602i is not broadcasting the SSID I place
New Cisco Aironet 1602i is not broadcasting the SSID I place
SSID I set up is not broadcasting, so I don't see the wireless network to choose and connect. On my laptop if I choose specify the name of the SSID then I am able to connect to the wireless network. I have only 1 Configuration SSID on the access point. Anyone know how to update the configuration for the SSID is broadcast?
The green light on the AP flashes and turns off about 3 seconds; is this normal or should it stays on all the time?
Current configuration: 1842 bytes
!
version 15.2
no service button
horodateurs service debug datetime msec
Log service timestamps datetime msec
encryption password service
!
host ap name
!
!
Pulse 9 logging console
enable secret 5 $1$ rrlE$ msWqu8CGY/tpDkgRAAAIe /.
!
No aaa new-model
no ip Routing
no ip cef
!
!
!
dot11 syslog
!
dot11 ssid Mi Casa
open authentication
authentication-key wpa version2 management
WPA - psk ascii 7 142017070F0C787B7579
!
!
Crypto pki token removal timeout default 0
!
!
username Cisco privilege 15 password 7 112A1016141D
!
!
Bridge IRB
!
!
!
interface Dot11Radio0
no ip address
no ip route cache
!
encryption algorithms aes - ccm tkip encryption mode
!
SSID Mi Casa
!
gain of antenna 0
STBC
beamform ofdm
root of station-role
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface Dot11Radio1
no ip address
no ip route cache
!
encryption algorithms aes - ccm tkip encryption mode
!
SSID Mi Casa
!
gain of antenna 0
DFS block 3 Strip
STBC
beamform ofdm
channel SFR
root of station-role
Bridge-Group 1
Bridge-group subscriber-loop-control 1
Bridge-Group 1 covering-disabled people
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
!
interface GigabitEthernet0
no ip address
no ip route cache
automatic duplex
automatic speed
Bridge-Group 1
Bridge-Group 1 covering-disabled people
No source of bridge-Group 1-learning
!
interface BVI1
IP 192.168.10.200 255.255.255.0
no ip route cache
!
by default-gateway IP 192.168.10.1
IP forward-Protocol ND
IP http server
no ip http secure server
IP http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
1 channel ip bridge
!
!
!
Line con 0
line vty 0 4
local connection
transport of entry all
!
end
Hi you must guest mode config on the ssid... Read this bud
https://supportforums.Cisco.com/docs/doc-5442
Sent by Cisco Support technique iPhone App
-
Only the needs of the Cisco Aironet 1550 series a WLC?
Hello
Nice day. I would like to ask if the Cisco Aironet 1550 series requires a controller to run. Note that the references SKU in this fomat AIR-CAP1552E-A-K9-AIR-CAP1552EU-A-K9. I noticed that on the autonomous access point there they keyword 'SAP' on its SKU while the controller based has "CAP". If the
Cisco Aironet 1550 Series needs a controller which controller should it be associated? (e.g. AIR-CT2500)
Thank you
It can work stand-alone image:
1550 relies on:
2500, 7500, 5508, WISM2,... .etc
check the release notes of the code controller that you have and you should be able to identify what is supported and what is not supported.
----------------------------------------------------------------------------------------------
Please ensure good answers to rate
Maybe you are looking for
-
iCloud contacts new Mac not all synchronized
I currently have a macbook air, two iphones (5 and 6 years old) and have recently received a macbook pro work, so configure everything on it... on the air and the two iphones (+ icloud.com) I see all my contacts perfectly, on the new pro, I see only
-
whenever im typing something into a Web site; previous text will pop up and I want him to stop. for example if I am in my number of credit card on a Web site, a box will appear giving the rest of my card number.
-
EAS dead after update 1.3.5
My EAS no longer works after update last night. My emails stopped coming so I deleted the account and attempted to add again and now I get the message "Unable to validate mail server settings in" I know that the settings are correct, they worked befo
-
No privileges for the user account
Hey there, I have a strange problem and I'm not finding useful answers... I installed Windows 7 Pro on a box that is used as a file server, database server and the virtual machine host. Homegroup is disabled and password sharing is turned on. While I
-
In the use of Clone, I selects with ATL, then when I move the mouse the picture moves and I can't clone