Cisco 1200 Access Points as Bridges - Won't work
I could use some help. I have a pair of Cisco 1200 AP's that I'm trying to use as bridges.
I have selected one as a Root Bridge, the other as Non-Root. The non-root shows the wireless interface down and the log reveals 'no association'.
I have verified NO security, identical SSID's, broadcast SSID, no encryption, no WEP, they are sitting 10 feet apart, same channels, etc. etc.
Can a 1200 access point serve as a bridge?
I went to Security > SSID Manager and selected the only SSID as the infrastructure SSID and it did nothing. If there is another place to toggle 'Infrastructure SSID' on and off other than by assigning one, I'm unaware of it.
Any other ideas?
Thanks.
Similar Messages
-
Hi,
Is it possible to setup an Aironet 1200 in Root AP mode, where it does DHCP for the Wifi clients and NAT. Where the wired interface is equipped with a public IP?If your 1200 has two radios, yes. Otherwise it's either a root or an AP but can't be both (per radio).
-
Problem with Cisco 1240AG Access Points
I have a Cisco 1240AG Access point (P/N ? AIR-LAP1242AG-A-K9).
It has come in the lightweight mode.
I just want to know whether I can put it to the autonomous mode.Hi Indika,
Here is a conversion method (look most of the way down the attached doc);
Reverting the Access Point Back to Autonomous Mode
http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html#wp161272
You can convert an access point from lightweight mode back to autonomous mode by loading a Cisco IOS Release that supports autonomous mode (Cisco IOS release 12.3(7)JA or earlier). If the access point is associated to a controller, you can use the controller to load the Cisco IOS release. If the access point is not associated to a controller, you can load the Cisco IOS release using TFTP.
Using a TFTP Server to Return to a Previous Release
Follow these steps to revert from LWAPP mode to autonomous mode by loading a Cisco IOS release using a TFTP server:
Step 1 The static IP address of the PC on which your TFTP server software runs should be between 10.0.0.2 and 10.0.0.30.
Step 2 Make sure that the PC contains the access point image file (such as c1200-k9w7-tar.122-15.JA.tar for a 1200 series access point) in the TFTP server folder and that the TFTP server is activated.
Step 3 Rename the access point image file in the TFTP server folder to c1200-k9w7-tar.default for a 1200 series access point, c1130-k9w7-tar.default for an 1130 series access point, and c1240-k9w7-tar.default for a 1240 series access point.
Step 4 Connect the PC to the access point using a Category 5 (CAT5) Ethernet cable.
Step 5 Disconnect power from the access point.
Step 6 Press and hold MODE while you reconnect power to the access point.
Step 7 Hold the MODE button until the status LED turns red (approximately 20 to 30 seconds) and then release.
Step 8 Wait until the access point reboots, as indicated by all LEDs turning green followed by the Status LED blinking green.
Step 9 After the access point reboots, reconfigure it using the GUI or the CLI.
From this doc;
http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html#wp161272
Hope this helps!
Rob -
Cisco 1230 access point a radio lightweight mode
Will the cisco 1230 access point work in lighweight mode if it is using a radio?
The 1230 can be upgraded to LWAPP with the A Radio model listed below;
Solution Requirements
Migration from autonomous access point mode to lightweight mode is possible on these Cisco Aironet access point platforms:
All 1130AG access points
All 1240 AG access points
For all IOS-based 1200 series modular access point (1200/1220 Cisco IOS Software Upgrade, 1210 and **1230 AP**) platforms, it depends on the radio:
if 802.11G, MP21G and MP31G are supported
if 802.11A, RM21A and RM22A are supported
The 1200 series access points can be upgraded with any combination of supported radios: G only, A only, or both G and A.
All 1310 AG access points
From this good doc;
http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html
Hope this helps!
Rob -
Extremes (Access Point Mode, Bridged) Constantly Going Offline
I have multiple Extremes (all standalone access point mode, bridged with static IPs) randomly going offline. Each Extreme is connected directly to a main switch. Status lights always remain green however I cannot ping the devices, they do not show up in the Airport Utility and they cease to be accessible/visible via WIFI. Plus, when this happens, I often can STILL connect to devices (e.g. printers) that are plugged into the LAN ports of the "offline" Extremes.
They appear to drop randomly, i.e. not under any particularly heavy load or anything. When I feel them physically, they don't feel unusually warm or anything.
Thoughts? I have already done a hard reset and reconfig on one of the problem devices.Hello Julesomar,
It sounds like your Airport Extreme is having intermitent connectivity issues. You have already done what I would have started with by resetting the device. I recommend next troubleshooting for sources of interference with the following article:
Wi-Fi and Bluetooth: Potential sources of wireless interference
http://support.apple.com/kb/ht1365
Thank you for using Apple Support Communities.
All the very best,
Sterling -
Any new firmware for the Cisco AP541N access points.
Do you know if Cisco has come out with any new firmware for the Cisco AP541N access points.
Latest release is 1.8.0 from Jan 25, 2010:
http://tools.cisco.com/support/downloads/go/ImageList.x?relVer=1.8.0&mdfid=282790482&sftType=Small+Business+Pro+Wireless+Software&optPlat=&nodecount=2&edesignator=null&modelName=Cisco+AP+541N+Wireless+Access+Point&treeMdfId=278875243&treeName=Wireless&modifmdfid=null&imname=&hybrid=null&imst=null&lr=Y -
Cisco 1310 Access Point Rommon Mode
Hello,
So I have a Cisco 1310 Access Point that is in Rommon mode. I have the image on the Access point but I did not use the archive download command to extract it. When I use the
tar -xtract flash://c1310-k9w7-tar[1].124-25d.JA2.tar flash:
command It gets close to the end but doesnt finish saying there isnt enough space. When I try to delete the file using delete flash://
c1310-k9w7-tar[1].124-25d.JA2 it wont allow me saying I do not have permission. I tried the rmdir command as well but had no luck. It wont allow me to use the tags /f /r for forceful and recursive, it doesnt recognize them. Anyone know how to delete a directory in rommon mode on an the 1310 access point?
ThanksThe delete /recursive /force flash:/ is what I use. You might try to delete these files also:
ap:delete flash:private-configap:delete flash:private-multiple-fs
Thanks,
Scott
*****Help out other by using the rating system and marking answered questions as "Answered"***** -
Newbie help with Aironet 1200 access point
Hello everybody,
We "inherited" an Aironet 1200 access point with antenna's throughout our building. This was installed by a company that thought they would make money selling Wi-Fi access but now they have gone bankrupt.
We eliminated their router and installed one of our own, and we have it handing out IP addresses. When I plug it into the Aironet 1200 it works just fine. Users are able to connect wirelessly and access the internet.
I would like to change the SSID however so that it no longer reflects the now defunct companies name.
I cannot determine what IP address is assigned to the access point so I can't figure out how to access the management page.
I tried connecting to the ethernet port via a DB9 to RJ45 cable and hyper terminal. After connecting the cable and powering up the access point I am still unable to connect.
I realize once I get connected I will probably run into password issues, but I'd like to figure out how to get at least that far.
Any ideas?since ur gonna change the ssid and there is a password...
1. reset the ap. before plugging power to ap, press hold the mode button for 3 sec or until the led becomes orange or amber, then release.
2. the ap is reset to default setting with ip address 10.0.0.1
3. either console or gui the ap and change the bvi to ur preferred ip address.
4. configure everything else as you want. -
Configuring N channel on cisco 1252 Access Point
Hi,
Can someone help me for configuring N-Series band on Cisco 1252 Access Point in IOS Mode.
Thanks
TabrezFirstly you need to use WPA2/AES or OPEN authentication.
Cisco 802.11n Design and Deployment Guidelines
http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns348/ns767/white_paper_80211n_design_and_deployment_guidelines.html -
I own a Cisco Wap300 access point . there are a pc, a netbook and a smartphone in my house. I want to connect to these devices my line of fiber internet with Cisco Wap300 access point. My modem brand and model is "ZTE - Zxhn H168N". This modem has 300 Mbps wireless connection speed. Which settings of access point should I use to work my all devices .
I'am using Air 2310 wireless adaptor for Pc
I have a netbook and HTC wildfire S smartphoneAre you referring to this?:
http://www.cisco.com/cisco/web/solutions/small_business/products/wireless/300_series_wireless_access...
or this?:
http://support.linksys.com/en-apac/support/accesspoints/WAP300N
It's good if we identify the device first before we get the ball rolling. -
CISCO Aironet access point - not able to connect by user.
Hi,
I have CISCO Aironet access point C1130 in my network , but not able to connect by users, I can see below logs from access point. please help on this.
Jun 13 17:50:10.686: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:10.686: RADIUS: Retransmit to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:15.678: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:15.678: RADIUS: Retransmit to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:20.544: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:20.544: RADIUS: Retransmit to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:24.832: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:24.832: RADIUS: Retransmit to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:29.741: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:29.741: RADIUS: Fail-over denied to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:29.741: RADIUS: No response from (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:29.741: RADIUS/DECODE: No response from radius-server; parse response; FAIL
Jun 13 17:50:29.741: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response; FAIL
Jun 13 17:50:29.741: dot11_auth_dot1x_parse_aaa_resp: Received server response: FAILOVER_RETRY
Jun 13 17:50:29.742: dot11_auth_dot1x_parse_aaa_resp: found eap pak in server response
Jun 13 17:50:29.742: Client 5864.6c67.3718 failed: EAP reason 0
Jun 13 17:50:29.742: dot11_auth_dot1x_parse_aaa_resp: Failed client 5894.6b37.3518 with aaa_req_status_detail 0
Jun 13 17:50:29.742: dot11_auth_dot1x_run_rfsm: Executing Action(SERVER_WAIT,SERVER_FAIL) for 5894.6b37.3518
Jun 13 17:50:29.742: dot11_auth_dot1x_send_response_to_client: Forwarding server message to client 5894.6b37.3518
Jun 13 17:50:29.742: dot11_auth_dot1x_send_response_to_client: Started timer client_timeout 30 seconds
Jun 13 17:50:29.743: dot11_auth_dot1x_send_client_fail: Authentication failed for 5894.6b37.3518
Jun 13 17:50:29.743: %DOT11-7-AUTH_FAILED: Station 5894.6b37.3518 Authentication failed
Regards,Hi Niham,
You can try few things to troubleshoot this -
1. check the reachability of Radius server from your wlc (ping).
2. verify the IP address of Raduis server configured on wlc.
3. wlc in the Radius server ?
4. Shared Secret must be same on wlc and in raduis server.
Plz do not forget to rate useful post.
Thanks -
Bootup order on Cisco Aironet Access Points
Hello folks
Could you please help me in clarifying the bootup order on Cisco Aironet Access Points
Does the SNMP Agent on the device start before the Startup config is copied to Running Config ?
Because everytime the Cisco Aironet Access Point restart , SNMP trap is generated from Admin down WLAN interfaces (Dot11Radio1/Dot11Radio0) mentioning "Administratively down " .
So my best assumption is that
Access point Restarts - > SNMP Engine starts -> Startup Config is copied to Running config -> Interface is made admin down -> SNMP Trap is sent
Is that correct?
Please help !
AnupThe Clean Access Manager (CAM) manages out-of-band Clean Access Servers (CASs) and switches through the admin network. The trusted interface of the CAS connects to the admin/management network, and the untrusted interface of the CAS connects to the managed client network.
When a client connects to a managed port on a managed switch, the port is set to the authentication VLAN and the traffic to/from the client goes through the Clean Access Server. After the client is authenticated and certified through the Clean Access Server, the port connected to the client is changed to the access VLAN. Once on the access VLAN, traffic to and from certified clients bypasses the Clean Access Server.
In most OOB deployments (except L2 OOB Virtual Gateway where the Default Access VLAN is the Access VLAN in the Port profile), the client needs to acquire a different IP address from the Access VLAN after posture assessment.
For Real-IP/NAT-Gateway setup, the client port is bounced to prompt the client to acquire a new IP address from the admin/access VLAN.
The below URL describe the configuration steps needed to set up your OOB deployment:
â¢Configure Your Switches
â¢Configure OOB Switch Management in the CAM
â¢Configure Access to Authentication VLAN Change Detection
http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/416/CAM/m_oob.html#wp1175744 -
Cisco 2602 Access Point - Support
Dear Team,
Could you please advise, if Cisco 2602 Access Point supports IPS and CleanAir along with Access Point feature or does it need to work as standalone to have these functions enabled ?
Regards,
SIDMight as well add my 2¢
In order to have CleanAir, you need a WLC. In order to do IPS, wireless its called wIPS, you need an MSE and NCS or Prime Infrastructure.
A standalone access point (autonomous) is just a dumb AP and can't perform any of those functions:)
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Silly doubt abt access-points and bridges
hi all i have read cisco doc wherein clients connecting to access-points and also where the cisco access-point is working like a bridge and still clients can connect to it .
then any specific reason why people generally connect clients to access-points.
i mean is there any benefit of either method over the other.
any help and guidance would be really helpful.
regards
sushilIn short, it is preferred to have users connect to access points.... 99% of the time. You can use a wireless bridge (that is associated to an AP) that is connected to a switch/hub to supply network connectivity to wired users off the switch/hub. There are also access points that can be used as a bridge for building point to point connectivity.
Look at the home users with wireless.... it allows then to move from place to place (as long as there is coverage) without having to be wired in. -
Cisco 1242AG Access Point proper configuration
Hello everyone,
Here is the situation:
Recently we decide to create a small WLAN in our business.We choose the Cisco AIR-AP1242AG-E-K9 with 2x2.4GHz 2.2dbi Swivel Dipole Antenna.
For better managability a new routable VLAN (ID:20) added to our Router with IP 192.168.55.1 and SNET 255.255.255.0
Next, I made the followings configurations in the autonomous AP through WEB Console:
Static IP:192.20.10.35, SNET:255.255.254.0, GWY:192.20.10.200
VLAN1 (Native) and VLAN20 (Radio0-802.11g) added into Services.
I set the Encryption Mode to None for VLAN1 and Cipher AES CCMP for VLAN20
Into Server Manager I defined a new RADIUS server 192.20.10.35 (AP IP) and a shared secret and left the default ports for Authentication and Accounting (1645 and 1646). Also, in Default Server Priorities section I set as Priotity 1 both for EAP and MAC authentication the Access Point IP (Radius Server) 192.20.10.35.
In Local RADIUS Server General Set-Up, I add as current network access server (AAA client) the same IP and shared secret like the ones I use during RADIUS server configuration above. Into Enable Authentication Protocols I left checked only the LEAP and MAC. Also, into Individual Users section 2 new users created with text passwords.
Into SSID Manager a new hidden SSID created for interface Radio0-802.11g, associated with VLAN20 and into Client Authentication Settings section I left as accepted Method Open Authentication with MAC authentication and EAP. Also, I left the Use Defaults option both for EAP and MAC Authentication Servers in Server Priorities Section and finally into Client Authenticated Key Management section I choose Mandatory for Key Management and checked the Enable WPA option.
I can ping both the AP and VLAN20 IPs from any PC which is a member of the native VLAN
As wireless clients I use 2 Motorola MC5574 with Windows Mobile 6.1 professional. Both of them have a Jedi WLAN adapter configured with the followings:
IPs:192.168.55.10 and 192.168.55.11
SNET:255.255.255.0
GWY:192.168.55.1
Also, a unique profile has been created on each one of them to be used for AP association-authentication. Each profile has been configured for WPA2 Enterprise with AES and LEAP and the predefined user credentials (those defined into AP for Individual Users)
The problem:
Clients association with AP is always succesful but, Authentication fails and I can't ping from the clients AP IP, VLAN20 IP, neither each other.
What am I missing here? I'm sure that it is somenthing quite simple but although I tried several different setups (i.e. WPA2-PSK, WPA-PSK even with TKIP) I always end up without a proper solution for ping inability.
Thank you in advance for any helpHello Madhuri,
below is the latest run config output from the access point
Building configuration...
Current configuration : 3743 bytes
! Last configuration change at 03:56:04 +0200 Sun Nov 28 2010 by Cisco
! NVRAM config last updated at 03:58:07 +0200 Sun Nov 28 2010 by Cisco
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname RCT_THP_AP1
enable secret 5 $1$26u0$emaUzNvvihCCZeKeooQ8M0
aaa new-model
aaa group server radius rad_eap
server 192.20.10.35 auth-port 1645 acct-port 1646
aaa group server radius rad_mac
server 192.20.10.35 auth-port 1645 acct-port 1646
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
clock timezone +0200 2
ip name-server 192.20.11.2
dot11 ssid RCTHP
vlan 20
authentication open mac-address mac_methods eap eap_methods
authentication key-management wpa
power inline negotiation prestandard source
username Cisco password 7 00271A150754
username 00236867a192 password 7 101E594B56414A5D5B057B7276
username 00236867a192 autocommand exit
username 00236867a19b password 7 091C1E5B4A534F445C0D557329
username 00236867a19b autocommand exit
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 20 mode ciphers aes-ccm
ssid RCTHP
channel 2462
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
no dfs band block
channel dfs
station-role root
interface Dot11Radio1.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface FastEthernet0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
interface BVI1
ip address 192.20.10.35 255.255.254.0
no ip route-cache
ip default-gateway 192.20.10.200
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
snmp-server view dot11view ieee802dot11 included
snmp-server community public view dot11view RO
snmp-server contact IS
radius-server local
no authentication eapfast
nas 192.20.10.35 key 7 03130807055F2C1F
user motomob1 nthash 7 15315B29557B0D767E111074455E332022000F0D0A725C223B300C7A0E760A0371
user motomob2 nthash 7 075E716D6C2F49514636532A5C0B0A067C1567003224335553047F0C710058263E
radius-server attribute 32 include-in-access-req format %h
radius-server host 192.20.10.35 auth-port 1645 acct-port 1646 key 7 120E561B115B0157
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
sntp server 192.20.10.2
sntp broadcast client
end
Regards
Vasilis
Maybe you are looking for
-
Remote site to site VPN user cannot access LAN resources
Users in remote site can get ping response but no http service from local web server where the local web server also has NAT rule allowing access from WAN. In the below config, users in remote 10.10.10.160/27 can ping 10.10.10.30 and 10.10.10.95, but
-
CG02 Date of Last Change to Specification As a Whole
Date of Last Change to Specification As a Whole Specification (CG02) Administration Data (at the specification header) reports Whole Specification changed by and changed on. Performance Assistant (Help) on Whole Specification Changed On reports: Date
-
Why Illustrator CS6 convert CMYK to RGB when I do "Add to switches" in Color menu?
1. Open Color menu and work with color in CMYK. 2. Do "Add to switches" (or "Создать новый образец" in Russian) 3. See that new color was added like RGB not like CMYK. 4. When I open parameters it show me HSB options. 5. I switch it to CMYK and push
-
I want somthing from MSI pleaseeeeeeee!!
I have a K7N2 motherboard and I am very frusterated because my cpu core voltage only goes to 1.80 and the fsb max is 400mhz and the cpu multiplyer only goes to 13. I know my chip and memory can handle much more then this and i was wondering if by any
-
Cannot write email body in OWA with Exchange 2013 SP1 CU6
Hi, I have a problem with Exchange 2013 SP1 with CU6. All of OWA user cannot write in the body of email. They can write the Object and the recipient but they cannot select body and write the body message. We have try with multiple Web brother and des