asked on

Reconfig of Cisco AP to no vlans

Hi Experts,

I initially set up my cisco wireless ap on a network where I have several vlans, the config works great. I have been asked to ship one of my ap to another site where they do not have vlans and I wanted to make sure my config would work once shipped. I am including the important part of this config change. I understand the ip address and pretty normal stuff will change and I have that under control its this part of the config I want to make sure is ok.

This is my initial config:

dot11 ssid <ssid>
vlan 90
authentication open eap eap_methods
authentication key-management wpa
!

interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 90 mode ciphers tkip
!
encryption vlan 75 mode ciphers aes-ccm tkip
!
ssid <ssid>
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.75
encapsulation dot1Q 75
no ip route-cache
!
interface Dot11Radio0.90
encapsulation dot1Q 90
no ip route-cache
bridge-group 90
bridge-group 90 subscriber-loop-control
bridge-group 90 block-unknown-source
no bridge-group 90 source-learning
no bridge-group 90 unicast-flooding
bridge-group 90 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.1
encapsulation dot1Q 1
no ip route-cache
!
interface FastEthernet0.40
encapsulation dot1Q 40 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.90
encapsulation dot1Q 90
no ip route-cache
bridge-group 90
no bridge-group 90 source-learning
bridge-group 90 spanning-disabled

This is my reconfigured AP with no vlans:

dot11 ssid <ssid>
vlan 1
authentication open eap eap_methods
authentication key-management wpa
!

interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
ssid <ssid>
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.1
no ip route-cache
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled

Also, since I am not using vlans, can this be put on a normal switchport and not a trunk port?

Thanks,

R

Sorenson

Get rid of the subintefaces (.1).. That will still assume you have vlan 1 configured on a switch, and that the AP is connected to a dot1q trunk port.

change it to look like:
==snip===
!
interface Dot11Radio0
no ip address
no ip route-cache
!
no shut
!
ssid xxxxxxx
!
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
!
interface FastEthernet0
no ip address
no ip route-cache
no shut
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
hold-queue 160 in
!
!
interface BVI1
ip address x.x.x.x x.x.x.x
no ip route-cache
no shut
!
==snip===

then you will be able to hang it from a regular switch port (non trunked).

rhltechie28

ASKER

Ah, gotcha. So the config I sent along would work if I have an ip address on vlan 1 of my switch correct? I believe I do. I apologize when I said no vlans, that was obviously the wrong wording.

ASKER CERTIFIED SOLUTION

Sorenson

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

rhltechie28

ASKER

Thank you for your help.

Sorenson

np -