Solved

Reconfig of Cisco AP to no vlans

Posted on 2008-06-26
5
698 Views
Last Modified: 2013-11-12
Hi Experts,

I initially set up my cisco wireless ap on a network where I have several vlans, the config works great.  I have been asked to ship one of my ap to another site where they do not have vlans and I wanted to make sure my config would work once shipped.  I am including the important part of this config change.  I understand the ip address and pretty normal stuff will change and I have that under control its this part of the config I want to make sure is ok.  

This is my initial config:

dot11 ssid <ssid>
   vlan 90
   authentication open eap eap_methods
   authentication key-management wpa
!

interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 90 mode ciphers tkip
 !
 encryption vlan 75 mode ciphers aes-ccm tkip
 !
 ssid <ssid>
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
 bridge-group 1
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.75
 encapsulation dot1Q 75
 no ip route-cache
!
interface Dot11Radio0.90
 encapsulation dot1Q 90
 no ip route-cache
 bridge-group 90
 bridge-group 90 subscriber-loop-control
 bridge-group 90 block-unknown-source
 no bridge-group 90 source-learning
 no bridge-group 90 unicast-flooding
 bridge-group 90 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0.1
 encapsulation dot1Q 1
 no ip route-cache
!
interface FastEthernet0.40
 encapsulation dot1Q 40 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface FastEthernet0.90
 encapsulation dot1Q 90
 no ip route-cache
 bridge-group 90
 no bridge-group 90 source-learning
 bridge-group 90 spanning-disabled


This is my reconfigured AP with no vlans:

dot11 ssid <ssid>
   vlan 1
   authentication open eap eap_methods
   authentication key-management wpa
!

interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 1 mode ciphers tkip
 !
 ssid <ssid>
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
 bridge-group 1
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.1
 no ip route-cache
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled

Also, since I am not using vlans, can this be put on a normal switchport and not a trunk port?

Thanks,

R
0
Comment
Question by:rhltechie28
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 10

Expert Comment

by:Sorenson
ID: 21875081
Get rid of the subintefaces (.1).. That will still assume you have vlan 1 configured on a switch, and that the AP is connected to a dot1q trunk port.

change it to look like:
==snip===
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 no shut
 !
 ssid xxxxxxx
 !
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
!
interface FastEthernet0
 no ip address
 no ip route-cache
 no shut
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
 hold-queue 160 in
!
!
interface BVI1
 ip address x.x.x.x  x.x.x.x
 no ip route-cache
 no shut
!
==snip===

then you will be able to hang it from a regular switch port (non trunked).

0
 

Author Comment

by:rhltechie28
ID: 21875108
Ah, gotcha.  So the config I sent along would work if I have an ip address on vlan 1 of my switch correct?  I believe I do.  I apologize when I said no vlans, that was obviously the wrong wording.
0
 
LVL 10

Accepted Solution

by:
Sorenson earned 250 total points
ID: 21875304
sure.  if the switch port was a dot1q trunk, and the switch had vlan 1 defined (by default it is there).  it would have been good.  
if you were putting it in a switch that didn't do trunking, or have vlans (for example an unmanged switch), then you would need to remove the sub interfaces.
0
 

Author Comment

by:rhltechie28
ID: 21875375
Thank you for your help.
0
 
LVL 10

Expert Comment

by:Sorenson
ID: 21875394
np -
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question