API tools faq
paste
Guest User

Untitled

a guest
Apr 23rd, 2018
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.64 KB | None | 0 0
raw download clone embed print report
  1. Introduction:-
  2.  
  3. Autonomous AP and Bridge Basic Configuration Template
  4.  
  5.  
  6.  
  7. Configuration Example:-
  8.  
  9. --->>>>>>>Configuring an IOS AP <<<<<<<<<--------
  10.  
  11. 1C 1. Creating an SSID :-
  12.  
  13. AP#
  14. Configure terminal
  15. Dot11 ssid <ssid_name>
  16. Authentication open
  17. Guest-mode <--- To broadcast the SSID
  18.  
  19. 2. Configuring AP as a DHCP server :-
  20.  
  21.  
  22. AP#
  23. Configure terminal
  24. Ip dhcp excluded-address <---List of IP addresses to be excluded>
  25. Ip dhcp pool <pool name>
  26. Network <network id> <mask>
  27. Default-router <IP address>
  28.  
  29. 3. 3. Configuring radio interface:
  30.  
  31. Configure terminal
  32. Int dot11radio0 or Intdot11radio1
  33. Ssid <ssid_name> <--- Map the SSID to radio interface
  34. Station-role root
  35. bridge-group
  36. no shut
  37.  
  38.  
  39. 4. Configuring Ethernet interface:
  40.  
  41.  
  42. interface FastEthernet0
  43. bridge-group 1
  44.  
  45.  
  46.  
  47. 5. 5. Configure the BVI interface:
  48.  
  49. interface BVI1
  50. ip address <ip address> <mask>
  51.  
  52. 6.
  53. 6. Specify the default gateway:
  54.  
  55. ip default-gateway <ip_address>
  56.  
  57.  
  58.  
  59. 7. 7. Configuring radio sub interfaces :
  60.  
  61. If there are multiple vlans(For ex,vlans 1,2,3 in this case), configure one of the vlan to be native depending on your network/switchport config and map it to bridge-group 1
  62.  
  63.  
  64. Conf t
  65. interface Dot11Radio0.1
  66. encapsulation dot1Q 1 native
  67. bridge-group 1
  68.  
  69.  
  70. interface Dot11Radio0.2
  71. encapsulation dot1Q 2
  72. bridge-group 2
  73.  
  74.  
  75. interface Dot11Radio0.3
  76. encapsulation dot1Q 3
  77. bridge-group 3
  78.  
  79.  
  80.  
  81. 8. 8. Configuring fa sub interfaces for multiple vlans:
  82.  
  83.  
  84. interface fa0.1
  85. encapsulation dot1Q 1 native
  86. bridge-group 1
  87.  
  88. interface fa0.2
  89. encapsulation dot1Q 2
  90. bridge-group 2
  91.  
  92.  
  93. interface fa0.3
  94. encapsulation dot1Q 2
  95. bridge-group 3
  96.  
  97.  
  98.  
  99. 9. 9. Enabling mbssid if multiple ssids needs to be broadcast:
  100.  
  101.  
  102. Interface dot11 0
  103. Mbssid
  104.  
  105.  
  106. Dot11 ssid <ssid_name>
  107. Mbssid guest-mode
  108.  
  109. 10. SSID and vlan mapping for multiplevlans/ssids:
  110.  
  111. Conf t
  112. Dot11 ssid <ssid1>
  113. Vlan 1
  114.  
  115.  
  116. Dot11 ssid <ssid2>
  117. Vlan 2
  118.  
  119.  
  120.  
  121. 11. Speed, channel and power settings:
  122. Conf t
  123. Int dot11 0
  124.  
  125. Speed range or Speed throughput
  126.  
  127. Power local max
  128. Or
  129.  
  130. Powerlocal cck max
  131. Powerlocal ofdm max
  132.  
  133. Channel <number> or <least-congested>
  134.  
  135.  
  136.  
  137.  
  138. 12. Enabling http and https to access GUI :
  139.  
  140. Conft
  141. ip http server
  142. ip http secure-server
  143. ip http authentication local
  144.  
  145.  
  146.  
  147. 13. WEP configuration:
  148.  
  149.  
  150. Configuration if there are multiplevlans and if SSIDs are mapped to vlans:
  151.  
  152. Conf t
  153. interface Dot11Radio0
  154. encryption vlan <id> mode wepmandatory
  155. encryption vlan <id> key<slot> size 128bit 0 <encryption key> transmit-key
  156.  
  157. or
  158.  
  159. Configuration if there is a single vlans and if SSID is notmapped to vlan explicitly”
  160. Conf t
  161. interface Dot11Radio0
  162. encryptionmode wep mandatory
  163. encryption key <slot> size 40bit 0 <encryption key> transmit-key
  164.  
  165.  
  166. 14. WPA1 configuration:
  167.  
  168. Configure terminal
  169. interface dot11Radio 0
  170. encryption vlan <id> modeciphers tkip
  171.  
  172. (or )
  173.  
  174. encryption mode ciphers tkip <--- Configuration if SSID is not mapped to vlans explicitly
  175.  
  176. exit
  177.  
  178. dot11 ssid <ssid_name>
  179. authentication open
  180. authentication key-management wpa
  181. wpa-psk ascii <Enter pre-shared_key>
  182.  
  183.  
  184. 15 15. WPA2 configuration:
  185.  
  186. Configure terminal
  187. interface dot11Radio 0
  188. encryption vlan <id> mode ciphers aes-ccm
  189.  
  190. (or)
  191.  
  192. encryption mode ciphers aes-ccm <--- Configuraton if SSID is not mapped to vlans explicitly
  193. exit
  194.  
  195. dot11 ssid <ssid_name>
  196. authentication open
  197. authentication key-management wpa version 2
  198.  
  199. wpa-psk ascii <Enter pre-shared_key>
  200.  
  201.  
  202.  
  203. 16.Configuration on switchport:
  204.  
  205. switchport mode trunk
  206. switchport trunk encapsulation dot1q
  207. switchport trunk native vlan 1
  208. switchport trunk allowed vlan 1,2,3
  209.  
  210.  
  211. ------------->>>>>>>>>>>>>>>>>Bridge Configuration<<<<<<<<<<<<------------------
  212.  
  213.  
  214. Unlike APs, bridges would have a single SSID mapped to native VLAN for bridging. The SSID, Encryption, Authentication on root and non root bridges should match.
  215.  
  216. 1. Configuration Root bridge:-
  217.  
  218. dot11 ssid bridging
  219. vlan 1
  220. infrastructure-ssid <--- Use infrastructure-ssid optional ifwireless clients are to be connected too
  221.  
  222. int dot11 0
  223. station-role root bridge
  224.  
  225. or
  226.  
  227. station-role root bridge wireless-clients <--- Bridging and allow client association too
  228.  
  229. interfaceDot11Radio0.1
  230. encapsulation dot1Q 1 native
  231. bridge-group 1
  232.  
  233. interfaceDot11Radio0.2
  234. encapsulation dot1Q 2
  235. bridge-group 2
  236.  
  237. interfaceFastEthernet0.1
  238. encapsulation dot1Q 1 native
  239. bridge-group 1
  240.  
  241. interfaceFastEthernet0.2
  242. encapsulation dot1Q 2
  243. bridge-group 2
  244.  
  245.  
  246. 2. Configurationon Non Root bridge:-
  247.  
  248. dot11 ssid bridging
  249. vlan 1
  250. infrastructure-ssid
  251.  
  252. int dot11 0
  253. station-role non-root bridge
  254.  
  255. (or)
  256.  
  257. station-role non-root bridge wireless-clients <--- Bridging and allow client association too
  258.  
  259. interfaceDot11Radio0.1
  260. encapsulation dot1Q 1 native
  261. bridge-group 1
  262.  
  263. interfaceDot11Radio0.2
  264. encapsulation dot1Q 2
  265. bridge-group 2
  266.  
  267. interfaceFastEthernet0.1
  268. encapsulation dot1Q 1 native
  269. bridge-group 1
  270.  
  271. interfaceFastEthernet0.2
  272. encapsulation dot1Q 2
  273. bridge-group 2
  274.  
  275.  
  276. Useful commands:-
  277.  
  278.  
  279. - - ‘Show dot11 associations all’ to check details of associated clients.
  280.  
  281.  
  282. - ‘Show controllers dot11 0’ to check the current channel,current and available power values, number of mbssids.
  283.  
  284.  
  285. - ‘Dot11 dot11radio 0 carrier busy and show dot11 carrier busy’ shows the interference percentage for every channel which can be used to select the channel with least interference.
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!