Solved

SSID Broadcast Problem

Posted on 2012-04-05
2
570 Views
Last Modified: 2013-12-27
Hey Guys,

I have a Cisco 1130AG which I’m having a couple of problems on..

Firstly, When I enable “mbssid” on either Dot11Radio0 or 1 both WLAN1012 and WLAN1013 are viewable/scanable on the wireless clients for a short period and then they disappear. If I set the beacon mode to single it works absolutely fine and broadcasts the SSID.

Secondly, Interface BVI1 is used as the “management” interface. How do I assign this interface to our management vlan 1011 ?? (As you can see I tried to create fa0.1011… but this didn’t work)

version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname LONUATWAP01
!
enable secret 5 $1$jJ9F$O/OE.EkSBD0arMakTAqzX/
!
no aaa new-model
ip domain name blah.com
!
!
!
dot11 ssid WLAN1012
   vlan 1012
   authentication open
   authentication key-management wpa version 2
   guest-mode
   wpa-psk ascii 7 0037060B095E19565E
   information-element ssidl advertisement
!
dot11 ssid WLAN1013
   vlan 1013
   authentication open
   authentication key-management wpa version 2
   wpa-psk ascii 7 053813022C495C5948
   information-element ssidl advertisement
!
power inline negotiation prestandard source
!
!
username Cisco password 7 01300F175804
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption mode ciphers tkip
 !
 encryption vlan 1012 mode ciphers tkip
 !
 encryption vlan 1013 mode ciphers tkip
 !
 ssid WLAN1012
 !
 ssid WLAN1013
 !
 mbssid
 station-role root
 bridge-group 1
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.1012
 encapsulation dot1Q 1012
 no ip route-cache
 bridge-group 12
 bridge-group 12 subscriber-loop-control
 bridge-group 12 block-unknown-source
 no bridge-group 12 source-learning
 no bridge-group 12 unicast-flooding
 bridge-group 12 spanning-disabled
!
interface Dot11Radio0.1013
 encapsulation dot1Q 1013
 no ip route-cache
 bridge-group 13
 bridge-group 13 subscriber-loop-control
 bridge-group 13 block-unknown-source
 no bridge-group 13 source-learning
 no bridge-group 13 unicast-flooding
 bridge-group 13 spanning-disabled
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 shutdown
 !
 encryption mode ciphers tkip
 !
 encryption vlan 1012 mode ciphers tkip
 !
 encryption vlan 1013 mode ciphers tkip
 no dfs band block
 mbssid
 channel dfs
 station-role root
 bridge-group 1
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1.2012
 encapsulation dot1Q 1012
 no ip route-cache
 bridge-group 12
 bridge-group 12 subscriber-loop-control
 bridge-group 12 block-unknown-source
 no bridge-group 12 source-learning
 no bridge-group 12 unicast-flooding
 bridge-group 12 spanning-disabled
!
interface Dot11Radio1.2013
 encapsulation dot1Q 1013
 no ip route-cache
 bridge-group 13
 bridge-group 13 subscriber-loop-control
 bridge-group 13 block-unknown-source
 no bridge-group 13 source-learning
 no bridge-group 13 unicast-flooding
 bridge-group 13 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface FastEthernet0.1011
 encapsulation dot1Q 1011
 ip address 192.168.11.3 255.255.255.0
 no ip route-cache
!
interface FastEthernet0.1012
 encapsulation dot1Q 1012
 ip address 192.168.12.99 255.255.255.0
 no ip route-cache
 bridge-group 12
 no bridge-group 12 source-learning
 bridge-group 12 spanning-disabled
!
interface FastEthernet0.1013
 encapsulation dot1Q 1013
 ip address 192.168.13.99 255.255.255.0
 no ip route-cache
 bridge-group 13
 no bridge-group 13 source-learning
 bridge-group 13 spanning-disabled
!
interface BVI1
 ip address 192.168.11.3 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.11.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
access-list 111 permit tcp any any neq telnet
bridge 1 route ip
!
!
!
line con 0
 access-class 111 in
line vty 0 4
 access-class 111 in
 login local
!
end

LONUATWAP01#

Open in new window

0
Comment
Question by:supportemea
2 Comments
 
LVL 17

Accepted Solution

by:
TimotiSt earned 250 total points
Comment Utility
Why do you need this many IP addresses on an AP? One on the management iface should be enough.
Assign FastEthernet0.1011 to bridge-group 1, instead of FastEthernet0.

Our 1130 configs look like this:

vlan 23 is the user vlan, 31 is the management.

bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 ssid LAPTOP_AREA
 !
 packet retries 128 drop-packet
 channel 2437
 station-role root
!
interface Dot11Radio0.23
 encapsulation dot1Q 23
 no ip route-cache
 bridge-group 23
 bridge-group 23 subscriber-loop-control
 bridge-group 23 port-protected
 bridge-group 23 block-unknown-source
 no bridge-group 23 source-learning
 no bridge-group 23 unicast-flooding
 bridge-group 23 spanning-disabled
!
interface Dot11Radio0.31
 encapsulation dot1Q 31 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 !
 ssid LAPTOP_AREA
 !
 no dfs band block
 packet retries 128 drop-packet
 channel dfs
 station-role root
!         
interface Dot11Radio1.23
 encapsulation dot1Q 23
 no ip route-cache
 bridge-group 23
 bridge-group 23 subscriber-loop-control
 bridge-group 23 port-protected
 bridge-group 23 block-unknown-source
 no bridge-group 23 source-learning
 no bridge-group 23 unicast-flooding
 bridge-group 23 spanning-disabled
!         
interface Dot11Radio1.31
 encapsulation dot1Q 31 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!         
interface FastEthernet0
 no ip address
 no ip route-cache
 speed 100
 full-duplex
 hold-queue 160 in
!         
interface FastEthernet0.23
 encapsulation dot1Q 23
 no ip route-cache
 bridge-group 23
 no bridge-group 23 source-learning
 bridge-group 23 spanning-disabled
!         
interface FastEthernet0.31
 encapsulation dot1Q 31 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!         
interface BVI1
 ip address 172.31.10.54 255.255.255.0
 no ip route-cache

Open in new window


Hope it helps!

Tamas
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 250 total points
Comment Utility
Ok firstly, you set the Management VLAN on an AP by setting the native option on a VLAN.  When you configure the AP, do it in the Web GUI.  In the VLAN settings page just tick the 'Native VLAN' box.  If you do want to do it in the CLI, just add native to the end of the encapsulation dot1q <VLAN> command:

encapsulation dot1q 23 native

Remember to do this on the FastEthernet and Dot11Radio interfaces.  Don't change ANYTHING on the BVI interface apart from the IP address.


Second, the MBSSID option - check this out (it'll explain better than me!)...

http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37ssid.html#wp1050170
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

In this article I will describe how to setup a Cisco WLC 5508 to work with Apple's Bonjour protocol across VLANs.  I will also discuss using screen mirroring and Airplay on an AppleTV v3.  This article covers the wireless network only and requires m…
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now