Cisco 1200 Access Points as Bridges - Won't work

I could use some help. I have a pair of Cisco 1200 AP's that I'm trying to use as bridges.
I have selected one as a Root Bridge, the other as Non-Root. The non-root shows the wireless interface down and the log reveals 'no association'.
I have verified NO security, identical SSID's, broadcast SSID, no encryption, no WEP, they are sitting 10 feet apart, same channels, etc. etc.
Can a 1200 access point serve as a bridge?

I went to Security > SSID Manager and selected the only SSID as the infrastructure SSID and it did nothing. If there is another place to toggle 'Infrastructure SSID' on and off other than by assigning one, I'm unaware of it.
Any other ideas?

Similar Messages

  • Cisco 1200 Access Points

    Is it possible to setup an Aironet 1200 in Root AP mode, where it does DHCP for the Wifi clients and NAT. Where the wired interface is equipped with a public IP?

    If your 1200 has two radios, yes.  Otherwise it's either a root or an AP but can't be both (per radio).

  • Problem with Cisco 1240AG Access Points

    I have a Cisco 1240AG Access point (P/N ? AIR-LAP1242AG-A-K9).
    It has come in the lightweight mode.
    I just want to know whether I can put it to the autonomous mode.

    Hi Indika,
    Here is a conversion method (look most of the way down the attached doc);
    Reverting the Access Point Back to Autonomous Mode
    You can convert an access point from lightweight mode back to autonomous mode by loading a Cisco IOS Release that supports autonomous mode (Cisco IOS release 12.3(7)JA or earlier). If the access point is associated to a controller, you can use the controller to load the Cisco IOS release. If the access point is not associated to a controller, you can load the Cisco IOS release using TFTP.
    Using a TFTP Server to Return to a Previous Release
    Follow these steps to revert from LWAPP mode to autonomous mode by loading a Cisco IOS release using a TFTP server:
    Step 1 The static IP address of the PC on which your TFTP server software runs should be between and
    Step 2 Make sure that the PC contains the access point image file (such as c1200-k9w7-tar.122-15.JA.tar for a 1200 series access point) in the TFTP server folder and that the TFTP server is activated.
    Step 3 Rename the access point image file in the TFTP server folder to c1200-k9w7-tar.default for a 1200 series access point, c1130-k9w7-tar.default for an 1130 series access point, and c1240-k9w7-tar.default for a 1240 series access point.
    Step 4 Connect the PC to the access point using a Category 5 (CAT5) Ethernet cable.
    Step 5 Disconnect power from the access point.
    Step 6 Press and hold MODE while you reconnect power to the access point.
    Step 7 Hold the MODE button until the status LED turns red (approximately 20 to 30 seconds) and then release.
    Step 8 Wait until the access point reboots, as indicated by all LEDs turning green followed by the Status LED blinking green.
    Step 9 After the access point reboots, reconfigure it using the GUI or the CLI.
    From this doc;
    Hope this helps!

  • Cisco 1230 access point a radio lightweight mode

    Will the cisco 1230 access point work in lighweight mode if it is using a radio?

    The 1230 can be upgraded to LWAPP with the A Radio model listed below;
    Solution Requirements
    Migration from autonomous access point mode to lightweight mode is possible on these Cisco Aironet access point platforms:
    All 1130AG access points
    All 1240 AG access points
    For all IOS-based 1200 series modular access point (1200/1220 Cisco IOS Software Upgrade, 1210 and **1230 AP**) platforms, it depends on the radio:
    if 802.11G, MP21G and MP31G are supported
    if 802.11A, RM21A and RM22A are supported
    The 1200 series access points can be upgraded with any combination of supported radios: G only, A only, or both G and A.
    All 1310 AG access points
    From this good doc;
    Hope this helps!

  • Extremes (Access Point Mode, Bridged) Constantly Going Offline

    I have multiple Extremes (all standalone access point mode, bridged with static IPs) randomly going offline. Each Extreme is connected directly to a main switch. Status lights always remain green however I cannot ping the devices, they do not show up in the Airport Utility and they cease to be accessible/visible via WIFI. Plus, when this happens, I often can STILL connect to devices (e.g. printers) that are plugged into the LAN ports of the "offline" Extremes.
    They appear to drop randomly, i.e. not under any particularly heavy load or anything. When I feel them physically, they don't feel unusually warm or anything.
    Thoughts? I have already done a hard reset and reconfig on one of the problem devices.

    Hello Julesomar,
    It sounds like your Airport Extreme is having intermitent connectivity issues. You have already done what I would have started with by resetting the device. I recommend next troubleshooting for sources of interference with the following article:
    Wi-Fi and Bluetooth: Potential sources of wireless interference
    Thank you for using Apple Support Communities.
    All the very best,

  • Any new firmware for the Cisco AP541N access points.

    Do you know if Cisco has come out with any new firmware for the Cisco AP541N access points.

    Latest release is 1.8.0 from Jan 25, 2010:

  • Cisco 1310 Access Point Rommon Mode

    So I have a Cisco 1310 Access Point that is in Rommon mode. I have the image on the Access point but I did not use the archive download command to extract it. When I use the
    tar -xtract flash://c1310-k9w7-tar[1].124-25d.JA2.tar flash:
    command It gets close to the end but doesnt finish saying there isnt enough space. When I try to delete the file using delete flash://
    c1310-k9w7-tar[1].124-25d.JA2 it wont allow me saying I do not have permission. I tried the rmdir command as well but had no luck. It wont allow me to use the tags /f /r for forceful and recursive, it doesnt recognize them. Anyone know how to delete a directory in rommon mode on an the 1310 access point?

    The delete /recursive /force flash:/ is what I use.  You might try to delete these files also:
    ap:delete flash:private-configap:delete flash:private-multiple-fs
    *****Help out other by using the rating system and marking answered questions as "Answered"*****

  • Newbie help with Aironet 1200 access point

    Hello everybody,
    We "inherited" an Aironet 1200 access point with antenna's throughout our building. This was installed by a company that thought they would make money selling Wi-Fi access but now they have gone bankrupt.
    We eliminated their router and installed one of our own, and we have it handing out IP addresses. When I plug it into the Aironet 1200 it works just fine. Users are able to connect wirelessly and access the internet.
    I would like to change the SSID however so that it no longer reflects the now defunct companies name.
    I cannot determine what IP address is assigned to the access point so I can't figure out how to access the management page.
    I tried connecting to the ethernet port via a DB9 to RJ45 cable and hyper terminal. After connecting the cable and powering up the access point I am still unable to connect.
    I realize once I get connected I will probably run into password issues, but I'd like to figure out how to get at least that far.
    Any ideas?

    since ur gonna change the ssid and there is a password...
    1. reset the ap. before plugging power to ap, press hold the mode button for 3 sec or until the led becomes orange or amber, then release.
    2. the ap is reset to default setting with ip address
    3. either console or gui the ap and change the bvi to ur preferred ip address.
    4. configure everything else as you want.

  • Configuring N channel on cisco 1252 Access Point

    Can someone help me for configuring N-Series band on Cisco 1252 Access Point in IOS Mode.

    Firstly you need to use WPA2/AES or OPEN authentication.
    Cisco 802.11n Design and Deployment Guidelines

  • Cisco Wap300 access point

    I own a Cisco Wap300 access point . there are a pc, a netbook and a smartphone in my house. I want to connect to these devices my line of fiber internet with Cisco Wap300 access point. My modem brand and model is "ZTE - Zxhn H168N". This modem has 300 Mbps wireless connection speed. Which settings of access point should I use to work my all devices .
    I'am using Air 2310 wireless adaptor for Pc
    I have a netbook and HTC wildfire S smartphone

    Are you referring to this?:
    or this?:
    It's good if we identify the device first before we get the ball rolling.

  • CISCO Aironet access point - not able to connect by user.

    I have CISCO Aironet access point C1130 in my network , but not able to connect by users, I can see below logs from access point. please help on this.
    Jun 13 17:50:10.686: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000         
    Jun 13 17:50:10.686: RADIUS: Retransmit to (,1646) for id 1645/247         
    Jun 13 17:50:15.678: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000         
    Jun 13 17:50:15.678: RADIUS: Retransmit to (,1646) for id 1645/247         
    Jun 13 17:50:20.544: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000         
    Jun 13 17:50:20.544: RADIUS: Retransmit to (,1646) for id 1645/247         
    Jun 13 17:50:24.832: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000         
    Jun 13 17:50:24.832: RADIUS: Retransmit to (,1646) for id 1645/247         
    Jun 13 17:50:29.741: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000         
    Jun 13 17:50:29.741: RADIUS: Fail-over denied to  (,1646) for id 1645/247         
    Jun 13 17:50:29.741: RADIUS: No response from (,1646) for id 1645/247         
    Jun 13 17:50:29.741: RADIUS/DECODE: No response from radius-server; parse response; FAIL         
    Jun 13 17:50:29.741: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response; FAIL         
    Jun 13 17:50:29.741: dot11_auth_dot1x_parse_aaa_resp: Received server response: FAILOVER_RETRY         
    Jun 13 17:50:29.742: dot11_auth_dot1x_parse_aaa_resp: found eap pak in server response         
    Jun 13 17:50:29.742: Client 5864.6c67.3718 failed: EAP reason 0         
    Jun 13 17:50:29.742: dot11_auth_dot1x_parse_aaa_resp: Failed client 5894.6b37.3518 with aaa_req_status_detail 0         
    Jun 13 17:50:29.742: dot11_auth_dot1x_run_rfsm: Executing Action(SERVER_WAIT,SERVER_FAIL) for 5894.6b37.3518         
    Jun 13 17:50:29.742: dot11_auth_dot1x_send_response_to_client: Forwarding server message to client 5894.6b37.3518         
    Jun 13 17:50:29.742: dot11_auth_dot1x_send_response_to_client: Started timer client_timeout 30 seconds         
    Jun 13 17:50:29.743: dot11_auth_dot1x_send_client_fail: Authentication failed for 5894.6b37.3518         
    Jun 13 17:50:29.743: %DOT11-7-AUTH_FAILED: Station 5894.6b37.3518 Authentication failed

    Hi Niham,
    You can try few things to troubleshoot this -
    1. check the reachability of Radius server from your wlc (ping).
    2. verify the IP address of Raduis server configured on wlc.
    3. wlc in the Radius server ?
    4. Shared Secret must be same on wlc and in raduis server.
    Plz do not forget to rate useful post.

  • Bootup order on Cisco Aironet Access Points

    Hello folks 
    Could you please help me in clarifying the bootup order on Cisco Aironet Access Points 
    Does the SNMP Agent on the device start before the Startup config is copied to Running Config ?
    Because everytime the Cisco Aironet Access Point restart , SNMP trap  is generated from Admin down WLAN interfaces (Dot11Radio1/Dot11Radio0) mentioning "Administratively down " . 
    So my best assumption is that 
    Access point Restarts - > SNMP Engine starts -> Startup Config is copied to Running config -> Interface is made admin down -> SNMP Trap is sent 
    Is that correct?
    Please help !

    The Clean Access Manager (CAM) manages out-of-band Clean Access Servers (CASs) and switches through the admin network. The trusted interface of the CAS connects to the admin/management network, and the untrusted interface of the CAS connects to the managed client network.
    When a client connects to a managed port on a managed switch, the port is set to the authentication VLAN and the traffic to/from the client goes through the Clean Access Server. After the client is authenticated and certified through the Clean Access Server, the port connected to the client is changed to the access VLAN. Once on the access VLAN, traffic to and from certified clients bypasses the Clean Access Server.
    In most OOB deployments (except L2 OOB Virtual Gateway where the Default Access VLAN is the Access VLAN in the Port profile), the client needs to acquire a different IP address from the Access VLAN after posture assessment.
    For Real-IP/NAT-Gateway setup, the client port is bounced to prompt the client to acquire a new IP address from the admin/access VLAN.
    The below URL describe the configuration steps needed to set up your OOB deployment:
    •Configure Your Switches
    •Configure OOB Switch Management in the CAM
    •Configure Access to Authentication VLAN Change Detection

  • Cisco 2602 Access Point - Support

    Dear Team,
    Could you please advise, if Cisco 2602 Access Point supports IPS and CleanAir along with Access Point feature or does it need to work as standalone to have these functions enabled ?

    Might as well add my 2¢
    In order to have CleanAir, you need a WLC.  In order to do IPS, wireless its called wIPS, you need an MSE and NCS or Prime Infrastructure.
    A standalone access point (autonomous) is just a dumb AP and can't perform any of those functions:)
    Help out other by using the rating system and marking answered questions as "Answered"

  • Silly doubt abt access-points and bridges

    hi all i have read cisco doc wherein clients connecting to access-points and also where the cisco access-point is working like a bridge and still clients can connect to it .
    then any specific reason why people generally connect clients to access-points.
    i mean is there any benefit of either method over the other.
    any help and guidance would be really helpful.

    In short, it is preferred to have users connect to access points.... 99% of the time. You can use a wireless bridge (that is associated to an AP) that is connected to a switch/hub to supply network connectivity to wired users off the switch/hub. There are also access points that can be used as a bridge for building point to point connectivity.
    Look at the home users with wireless.... it allows then to move from place to place (as long as there is coverage) without having to be wired in.

  • Cisco 1242AG Access Point proper configuration

    Hello everyone,
    Here is the situation:
    Recently we decide to create a small WLAN in our business.We choose the Cisco AIR-AP1242AG-E-K9 with 2x2.4GHz 2.2dbi Swivel Dipole Antenna.
    For better managability a new routable VLAN (ID:20) added to our Router with IP and SNET
    Next, I made the followings configurations in the autonomous AP through WEB Console:
    Static IP:, SNET:, GWY:
    VLAN1 (Native) and VLAN20 (Radio0-802.11g) added into Services.
    I set the Encryption Mode to None for VLAN1 and Cipher AES CCMP for VLAN20
    Into Server Manager I defined a new RADIUS server (AP IP) and a shared secret and left the default ports for Authentication and Accounting (1645 and 1646). Also, in Default Server Priorities section I set as Priotity 1 both for EAP and MAC authentication the Access Point IP (Radius Server)
    In Local RADIUS Server General Set-Up, I add as current network access server (AAA client) the same IP and shared secret like the ones I use during RADIUS server configuration above. Into Enable Authentication Protocols I left checked only the LEAP and MAC. Also, into Individual Users section 2 new users created with text passwords.
    Into SSID Manager a new hidden SSID created for interface Radio0-802.11g, associated with VLAN20 and into Client Authentication Settings section I left as accepted Method Open Authentication with MAC authentication and EAP. Also, I left the Use Defaults option both for EAP and MAC Authentication Servers in Server Priorities Section and finally into Client Authenticated Key Management section I choose Mandatory for Key Management and checked the Enable WPA option.
    I can ping both the AP and VLAN20 IPs from any PC which is a member of the native VLAN
    As wireless clients I use 2 Motorola MC5574 with Windows Mobile 6.1 professional. Both of them have a Jedi WLAN adapter configured with the followings:
    IPs: and
    Also, a unique profile has been created on each one of them to be used for AP association-authentication. Each profile has been configured for WPA2 Enterprise with AES and LEAP and the predefined user credentials (those defined into AP for Individual Users)
    The problem:
    Clients association with AP is always succesful but, Authentication fails and I can't ping from the clients AP IP,  VLAN20 IP, neither each other.
    What am I missing here? I'm sure that it is somenthing quite simple but although I tried several different setups (i.e. WPA2-PSK, WPA-PSK even with TKIP) I always end up without a proper solution for ping inability.
    Thank you in advance for any help

    Hello Madhuri,
    below is the latest run config output from the access point
    Building configuration...
    Current configuration : 3743 bytes
    ! Last configuration change at 03:56:04 +0200 Sun Nov 28 2010 by Cisco
    ! NVRAM config last updated at 03:58:07 +0200 Sun Nov 28 2010 by Cisco
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname RCT_THP_AP1
    enable secret 5 $1$26u0$emaUzNvvihCCZeKeooQ8M0
    aaa new-model
    aaa group server radius rad_eap
    server auth-port 1645 acct-port 1646
    aaa group server radius rad_mac
    server auth-port 1645 acct-port 1646
    aaa group server radius rad_acct
    aaa group server radius rad_admin
    aaa group server tacacs+ tac_admin
    aaa group server radius rad_pmip
    aaa group server radius dummy
    aaa authentication login eap_methods group rad_eap
    aaa authentication login mac_methods local
    aaa authorization exec default local
    aaa accounting network acct_methods start-stop group rad_acct
    aaa session-id common
    clock timezone +0200 2
    ip name-server
    dot11 ssid RCTHP
       vlan 20
       authentication open mac-address mac_methods eap eap_methods
       authentication key-management wpa
    power inline negotiation prestandard source
    username Cisco password 7 00271A150754
    username 00236867a192 password 7 101E594B56414A5D5B057B7276
    username 00236867a192 autocommand exit
    username 00236867a19b password 7 091C1E5B4A534F445C0D557329
    username 00236867a19b autocommand exit
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption vlan 20 mode ciphers aes-ccm
    ssid RCTHP
    channel 2462
    station-role root
    bridge-group 1
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio0.20
    encapsulation dot1Q 20
    no ip route-cache
    bridge-group 20
    bridge-group 20 subscriber-loop-control
    bridge-group 20 block-unknown-source
    no bridge-group 20 source-learning
    no bridge-group 20 unicast-flooding
    bridge-group 20 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    no dfs band block
    channel dfs
    station-role root
    interface Dot11Radio1.1
    encapsulation dot1Q 1 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    interface FastEthernet0.1
    encapsulation dot1Q 1 native
    no ip route-cache
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface FastEthernet0.20
    encapsulation dot1Q 20
    no ip route-cache
    bridge-group 20
    no bridge-group 20 source-learning
    bridge-group 20 spanning-disabled
    interface BVI1
    ip address
    no ip route-cache
    ip default-gateway
    ip http server
    no ip http secure-server
    ip http help-path
    ip radius source-interface BVI1
    snmp-server view dot11view ieee802dot11 included
    snmp-server community public view dot11view RO
    snmp-server contact IS
    radius-server local
      no authentication eapfast
      nas key 7 03130807055F2C1F
      user motomob1 nthash 7 15315B29557B0D767E111074455E332022000F0D0A725C223B300C7A0E760A0371
      user motomob2 nthash 7 075E716D6C2F49514636532A5C0B0A067C1567003224335553047F0C710058263E
    radius-server attribute 32 include-in-access-req format %h
    radius-server host auth-port 1645 acct-port 1646 key 7 120E561B115B0157
    radius-server vsa send accounting
    bridge 1 route ip
    line con 0
    line vty 0 4
    sntp server
    sntp broadcast client

Maybe you are looking for