fireguy1125
asked on
Configuring Cisco Aironet 1130AG
Trying to setup an Aironet 1130AG access point, however clients are unable to connect. using WPA-PSK standalone, it's listed as an option for the clients, prompts them for the password, which is entered, and verified correct. Also changed incase characters were not allowed, such as the "$" but did not help. I think I may have missed a setting. I'm using the web-based setup as I'm not too familiar with commands, but here is my config. please let me know what I missed:
AP#sh run
Building configuration...
Current configuration : 1445 bytes
!
! Last configuration change at 12:48:44 UTC Mon Oct 10 2011 by Cisco
! NVRAM config last updated at 12:48:44 UTC Mon Oct 10 2011 by Cisco
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP
!
enable secret 5 $1$9Nig$GQKu9W76exSrwzxfn4 8Nw.
!
no aaa new-model
!
!
!
dot11 ssid MF186
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid optional
mobility network-id 1
wpa-psk ascii 7 03295E19051607455C1A0D
!
power inline negotiation prestandard source
!
!
username Cisco password 7 01300F175804
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
ssid MF186
!
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 10.1.2.20 255.255.255.0
no ip route-cache
!
ip default-gateway 10.1.2.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodcon
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
end
AP#
AP#sh run
Building configuration...
Current configuration : 1445 bytes
!
! Last configuration change at 12:48:44 UTC Mon Oct 10 2011 by Cisco
! NVRAM config last updated at 12:48:44 UTC Mon Oct 10 2011 by Cisco
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP
!
enable secret 5 $1$9Nig$GQKu9W76exSrwzxfn4
!
no aaa new-model
!
!
!
dot11 ssid MF186
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid optional
mobility network-id 1
wpa-psk ascii 7 03295E19051607455C1A0D
!
power inline negotiation prestandard source
!
!
username Cisco password 7 01300F175804
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
ssid MF186
!
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 10.1.2.20 255.255.255.0
no ip route-cache
!
ip default-gateway 10.1.2.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodcon
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
end
AP#
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Found solution on my own.
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
no logging console
enable secret 5 blah
!
ip subnet-zero
!
!
no aaa new-model
dot11 vlan-name Vlan1 vlan 1
dot11 vlan-name Vlan2 vlan 2
!
dot11 ssid Guest
vlan 1
authentication open
authentication key-management wpa
wpa-psk ascii 7 blah
!
dot11 ssid tsunami
vlan 2
authentication open
authentication key-management wpa
wpa-psk ascii 7 blah
!
dot11 network-map
!
!
username cisco privilege 15 password 7 blah
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip
!
encryption vlan 1 mode ciphers tkip
!
encryption vlan 2 mode ciphers tkip
!
ssid Guest
!
ssid tsunami
!
mbssid
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2427
station-role root
world-mode dot11d country GB indoor
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
!
interface BVI1
ip address dhcp client-id FastEthernet0
no ip route-cache
!
interface BVI2
ip address dhcp client-id FastEthernet0
no ip route-cache
!
ip http server
ip http authentication local
no ip http secure-server
!
!
control-plane
!
bridge 1 protocol vlan-bridge
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
line vty 5 15
login local
!
end
above is config for my cisco AIR-AP1231G-A-K9
interface FastEthernet0/0
no ip address
ip virtual-reassembly
speed auto
!
interface FastEthernet0/0.1
description Vlan_1
encapsulation dot1Q 1 native
ip address 10.0.0.1 255.255.255.0
ip access-group private in
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/0.2
description Vlan_2
encapsulation dot1Q 2
ip address 10.0.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
rate-limit input access-group 103 256000 25000 25000 conform-action transmit exceed-action drop
rate-limit output access-group 104 1024000 50000 50000 conform-action transmit exceed-action drop
access-list 103 permit ip any any
access-list 104 permit ip any any
Above is the config on my 1760 router to limit one of the vlans traffic ( this allows a guest vlan which wont slow down your network)
Greg