Cisco Aironet 1200 Multiple visible SSID's

I'm trying to get a Cisco Aironet 1200 to show multiple visible SSID's. I have successfully created two, one of which is guest and connects users to VLAN 10 and is unauthenticated, the private one connects onto VLAN 1 and is using WEP (can be changed but needs to be secre). This works fine, but only in Vista/7 where I can connect to hidden SSID's. The XP Zero wlan config cannot see the ssid even if it's added manually. Is it possible to create two visible SSID's with this unit?

Current configuration : 2001 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
enable secret 5 XXXXXXXXXXXXXXXXXX
!
username  XXXXXXXXXXXXXXXXX
ip subnet-zero
!
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption vlan 1 key 1 size 128bit 7 XXXXXXXXXXXXXXXXXXX  4 transmit-key
 encryption vlan 1 mode wep mandatory
 !
 ssid Ashridge Private Wifi
    vlan 1
    authentication open
 !
 ssid Ashridge Public Wifi
    vlan 10
    authentication open
    guest-mode
 !
 speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
 rts threshold 2312
 station-role root
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.10
 encapsulation dot1Q 10
 no ip route-cache
 bridge-group 10
 bridge-group 10 subscriber-loop-control
 bridge-group 10 port-protected
 bridge-group 10 block-unknown-source
 no bridge-group 10 source-learning
 no bridge-group 10 unicast-flooding
 bridge-group 10 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface FastEthernet0.10
 encapsulation dot1Q 10
 no ip route-cache
 bridge-group 10
 no bridge-group 10 source-learning
 bridge-group 10 spanning-disabled
!
interface BVI1
 ip address 172.16.33.230 255.255.224.0
 no ip route-cache
!
ip http server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100
ip radius source-interface BVI1
bridge 1 route ip
!
!
line con 0
line vty 0 4
 login local
line vty 5 15
 login
!
end

ap#
LVL 1
AshridgeTechServicesAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Titan22Commented:
First, you can log into the wireless access point through a web browser
http://172.16.33.230
Then you need your username and password for the WAP and then configure both SSIDs

Here are some different config examples
http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_configuration_examples_list.html

I would upgrade the IOS version to the latest one for that model and use WPA or WPA2 as the encryption instead of WEP.  
0
AshridgeTechServicesAuthor Commented:
I have done all this, but I can only set one of the SSID's as a guest - even via CLI I can only set one of guest (which seems to translate into broadcasting the SSID)
0
Titan22Commented:
Guest mode will only work on one SSID. Take a look:

http://www.cisco.com/en/US/docs/wireless/access_point/12.2_11_JA/configuration/guide/s11ssid.html#wp1034609

This may help with your configuration
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

AshridgeTechServicesAuthor Commented:
That's a problem! Is there anyway to increase compatibilty with XP?  It seems you cannot connect to hidden SSID's using the default XP wireless connector....
0
Titan22Commented:
Use the wireless card software instead.  Is it the Dell Wireless Utility or Intel Wireless Pro software?
0
AshridgeTechServicesAuthor Commented:
We have 100+ laptops mostly using the XP one, and a massive retraining issue to move...
0
Titan22Commented:
Then maybe you should just broadcast all SSIDs.  There are ways to get the SSID if it's not being broadcast and obviously not broadcasting it is causing problems.
0
AshridgeTechServicesAuthor Commented:
That is what my original question is asking! How can I make BOTH broadcast
0
Titan22Commented:
Disable guest-mode and setup a separate SSID and VLAN for visitors.  Leave it open and unsecure so they can connect to it.
0
pulkit1982Commented:
Hello,

You cant have multiple SSIDs to broadcast from an AP.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CanalInsCommented:
You need to enable "Multiple BSSID" I think your wireless drivers are not showing you an SSID that is not broadcasted. I get that hit or miss a lot with Windows wireless management here.

You can absoutley set it up the way you are asking. I use Cisco WAPs and run multiple SSIDs. You can trunk the switchport your WAP is plugged into and then create your VLANs on your WAP and associate SSIDs.

I would suggest enabling "Secure Public Packet Forwarding" on your public SSID. That way you won't put your guests at risk from any random person browsing your guest VLAN and attacking their machine. "Secure Public Packet Forwarding" makes it seem like you are the only one on the network.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.