Cisco AIR-CAP3602I access point conversion
Hello Group,
I have a 3602i access point and have been looking to see if it was possible to load a Mesh AP image on the AP?
Hello,
Agree with George. You can set the ap to mesh by changing its mode to bridge. you can change the mode from gui:
Wireless -> your ap -> ap mode.
HTH
Amjad
Sent from Cisco Technical Support iPad App
Similar Messages
-
Cisco AIR-AP521 Access Point Disconnects Frequently
Dear All,
I have a problem in my environment. My Cisco Access Point AIR-AP521 disconnets every few days and I have to restart the access point to make it work. The System Software Version is 12.4(21a)JA1 and it is acting as a access point. The lastest event logs does not show any critical logs. I am sure that there is no electricity or switch related problem.
Please help me in fixing our this problem.
Tks,
UsmanUpgrade the software to 12.4(21a)JY and see if the issue reoccurs!!
Regards
Surendra -
Configuring Cisco Air 1142N Access point.
Hi Guys
I have been struggling to configure a cisco airnet AIR-LAP1142N-E-K9 access point.
this is not my first time as I have configured similar accesspoints before.
the access point gets an IP from the dhcp server. I can ping the access point over the network.
However, when I type in the ip in the web browser, nothing comes up. there is no proxy issue.
the console(hyperterminal, connected through serial cable) shows the following error message:
%CAPWAP-3-ERRORLOG: COULD NOT RESOLVE CISCO-LWAPP-CONTROLLER
Many thanks
MoHi,
2106/12/25 will support 7.0.xx code. It will also support all existing APs including 3500,1140,1040.
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7_0_116_0.html
I don't think it is EOS atleast does not say on the website :
http://www.cisco.com/en/US/products/ps7206/prod_eol_notices_list.html
Deciding on whether you need a WLC or not is upto your budget and what features you need on your Wireless Infrastructure.. If you have $$ to spend I would recommend going in for 2504. If not you can configure them in standalone and you can always buy a WLC based system in future given you only have 3 APs.
If you need IOS code, you can either approach
1) Your reseller or
2) Cisco SE
3) Call TAC support and ask CIN agent to grant access to CCO code based on what you purchased. Also explain your situation.
Link: http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
You can also follow this thread to upgrade :
https://supportforums.cisco.com/message/3477595#3477595
Thanks..salil -
Replacement for Cisco AIR-AP1120B Access Point.
Since the AIR-AP1120B is no longer available (new) what replaces it?
The 1120 was replaced by the 1130. The 1130 will be replaced by the 1140. You can still purchase the 1130 and 1140 has been available since mid-2009. The main difference for the two is the latter, the 1140, supports 802.11n.
Cisco Aironet 1130AG 802.11 A/B/G Series Access Point
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps6087/product_data_sheet0900aecd801b9058.html
Cisco Aironet 1140 802.11 N Series Access Point
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10092/datasheet_c78-502793.html
If you find my post helpful in any way, please feel free to rate. Thank you. -
Is AIR-OPT60-DHCP available on autonomous AIR-SAP2602I access point?
Hello Wireless Experts,
I was able to order AIR-OPT60-DHCP on controller based AP AIR-CAP2602I-E-K9 using CCW, but this option is not available on autonomous AIR-SAP2602I access points.
Is AIR-OPT60-DHCP available on autonomous AIR-SAP2602I access point?
Thanks.
GeorgeThat is a feature and only used in lightweight access points. The standalone autonomous access points don't use that. Just follow the configuration guide for your access point to get you started.
Sent from Cisco Technical Support iPhone App -
Cisco 1142 Wireless access point intermittently will not authenticate
Hi all,
We have a Cisco 1142 standalone access point, and from time to time I will come into the office and it will not authenticate any users to either our guest or corporate networks. I then have to go in and reboot the access point. After that, it begins to work. Any advice? Here's my configuration below:
Current configuration : 6450 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname cisco-chiap01
logging monitor errors
enable secret 5 $1$fsD8$CU42/3/Up5AAlL4hQWvvg0
aaa new-model
aaa group server radius rad_eap
server 172.17.16.12 auth-port 1645 acct-port 1646
server 172.17.21.10 auth-port 1812 acct-port 1813
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
server 172.17.21.10 auth-port 1812 acct-port 1813
aaa group server radius rad_eap2
server 172.17.16.12 auth-port 1645 acct-port 1646
server 172.17.21.10 auth-port 1812 acct-port 1813
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login eap_methods2 group rad_eap2
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
login on-failure log
login on-success log
dot11 syslog
dot11 vlan-name Admin vlan 100
dot11 vlan-name DevNetwork vlan 20
dot11 vlan-name Guest vlan 150
dot11 vlan-name Network vlan 16
dot11 ssid DevNetwork
vlan 20
authentication open eap eap_methods2
authentication network-eap eap_methods2
authentication key-management wpa version 2
dot11 ssid Guest
vlan 150
authentication open
authentication key-management wpa version 2
guest-mode
mbssid guest-mode
wpa-psk ascii 7 142407060101380B013A3A2670435642
information-element ssidl advertisement
dot11 ssid Network
vlan 16
authentication open eap eap_methods2
authentication network-eap eap_methods2
authentication key-management wpa version 2
username monkeyman privilege 15 secret 5 $1$ZZ7C$rqimu2FNONdfeacMNGAD/.
bridge irb
interface Dot11Radio0
no ip address
ip helper-address 172.17.19.10
no ip route-cache
encryption mode ciphers aes-ccm
encryption vlan 16 mode ciphers aes-ccm
encryption vlan 150 mode ciphers aes-ccm
encryption vlan 20 mode ciphers aes-ccm
ssid DevNetwork
ssid Guest
ssid Network
antenna gain 0
parent timeout 120
speed 5.5 11.0 basic-6.0 9.0 12.0 36.0 48.0 54.0
packet retries 128 drop-packet
channel 2462
station-role root
rts threshold 512
rts retries 128
interface Dot11Radio0.11
encapsulation dot1Q 11
no ip route-cache
interface Dot11Radio0.16
encapsulation dot1Q 16 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
interface Dot11Radio0.150
encapsulation dot1Q 150
no ip route-cache
bridge-group 150
bridge-group 150 subscriber-loop-control
bridge-group 150 block-unknown-source
no bridge-group 150 source-learning
no bridge-group 150 unicast-flooding
bridge-group 150 spanning-disabled
interface Dot11Radio1
no ip address
ip helper-address 172.17.19.10
no ip route-cache
encryption vlan 16 mode ciphers aes-ccm
encryption vlan 150 mode ciphers aes-ccm
encryption vlan 20 mode ciphers aes-ccm
ssid DevNetwork
ssid Guest
ssid Network
antenna gain 0
traffic-metrics aggregate-report
dfs band 3 block
mbssid
parent timeout 120
speed 6.0 12.0 basic-24.0 36.0 48.0 54.0
channel width 40-above
channel dfs
station-role root access-point
interface Dot11Radio1.11
encapsulation dot1Q 11
no ip route-cache
interface Dot11Radio1.16
encapsulation dot1Q 16 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
interface Dot11Radio1.150
encapsulation dot1Q 150
no ip route-cache
bridge-group 150
bridge-group 150 subscriber-loop-control
bridge-group 150 block-unknown-source
no bridge-group 150 source-learning
no bridge-group 150 unicast-flooding
bridge-group 150 spanning-disabled
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
interface GigabitEthernet0.11
encapsulation dot1Q 11
no ip route-cache
interface GigabitEthernet0.16
encapsulation dot1Q 16 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface GigabitEthernet0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
interface GigabitEthernet0.100
encapsulation dot1Q 100
ip address 192.168.100.3 255.255.255.0
no ip route-cache
bridge-group 100
no bridge-group 100 source-learning
bridge-group 100 spanning-disabled
interface GigabitEthernet0.150
encapsulation dot1Q 150
no ip route-cache
bridge-group 150
no bridge-group 150 source-learning
bridge-group 150 spanning-disabled
interface BVI1
ip address 172.17.16.251 255.255.255.0
no ip route-cache
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface GigabitEthernet0
access-list 1 permit 172.17.16.1
access-list 1 remark Admin network access
access-list 1 permit 192.168.100.0 0.0.0.255
radius-server attribute 32 include-in-access-req format %h
radius-server host 172.17.21.10 auth-port 1812 acct-port 1813 key 7 047958071C3561410D4A44
radius-server host 172.17.16.12 auth-port 1645 acct-port 1646 key 7 08045E471A48574446
radius-server host 172.17.21.10 auth-port 1645 acct-port 1646 key 7 1320051B185D56797F
radius-server timeout 15
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
access-class 1 in
endWhen the issue occurs does that affect both 2.4GHz & 5GHz devices ? I would see which band operating devices affected.
I noticed you have set CH11 under Radio 0 statically. I would prefer to configure it as below so AP can change the channel depend on the environment.
int d0
channel least-congested
HTH
Rasika
**** Pls rate all useful responses **** -
IPhone4 and Cisco Aironet 1141 access point - fail using WPAv2 Personal
I cannot get my iPhone4 (latest s/w) to connect to a Cisco Aironet 1141 access point if I specify WPAv2 Personal. It is a single access point without radius etc. I have no problems connecting using "no security", WEP or WPAv1. Is there a problem with the iPhone4 implementation of WPA2 as all my other PCs connect just fine on WPAv2?
With the Aironet 1141 I can switch security between WPAv1 & WPAv2 while keeping all other settings identical. Thus I can clearly demonstrate how the iPhone4 connects when both devices are set to WPAv1 yet will fail to connect when I switch both to WPAv2. As I have said, all other PCs I have connect via WPAv2 without any issues.I cannot get my iPhone4 (latest s/w) to connect to a Cisco Aironet 1141 access point if I specify WPAv2 Personal. It is a single access point without radius etc. I have no problems connecting using "no security", WEP or WPAv1. Is there a problem with the iPhone4 implementation of WPA2 as all my other PCs connect just fine on WPAv2?
With the Aironet 1141 I can switch security between WPAv1 & WPAv2 while keeping all other settings identical. Thus I can clearly demonstrate how the iPhone4 connects when both devices are set to WPAv1 yet will fail to connect when I switch both to WPAv2. As I have said, all other PCs I have connect via WPAv2 without any issues. -
Configuring Cisco Aironet 1100 Access Point. Please help!
Hi all,
I have dozens of Cisco Aironet 1100 access points, each is managing its own wi-fi with DHCP.
I had to disable dhcp on them because they are on a wired subnet where I am using the static IPs and don't want my wired clients to get DHCP addresses, nor someone to be able to plug the wire into own laptop and get on the network.
It's been working fine with one exception - I need to be able to ping my access points from the central site, and I can't.
What IOS command would enable ICMP echo on my access points in this case?
Please help!Hi all,
I have dozens of Cisco Aironet 1100 access points, each is managing its own wi-fi with DHCP.
I had to disable dhcp on them because they are on a wired subnet where I am using the static IPs and don't want my wired clients to get DHCP addresses, nor someone to be able to plug the wire into own laptop and get on the network.
It's been working fine with one exception - I need to be able to ping my access points from the central site, and I can't.
What IOS command would enable ICMP echo on my access points in this case?
Please help! -
AIR-CAP3501I access point not joining the Cisco 2100 Wireless Lan controller.
Hello All,
I am installing a new LAP (AIR-CAP3501I ) through the wireless lan controller (AIR-WLC2112-K9) with software version 7.0. I have an external ADSL modem which will act as the DHCP server for the wireless clients and the LAP.
Please find my network setup as below:
The ISP ADSL modem , WLC and LAP are connected to a unmanaged POE switch. The LAP gets its power through the POE switch. When i connect the LAP and the WLC to the switch along with the ADSL modem, the LAPs are getting the ip address from the ADSL modem, however they are not joining the WLC for further process.
ADSL Modem ip address: 192.168.1.254
Management ip address on the LAP: 192.168.1.1 ( Assigned to port 1, untagged Vlan).
Ap Manager ip address: 192.168.1.1 ( Assigned to the same port i.e port1, Untagged Vlan).
The LAP is getting an IP address from the ADSL modem in the range of the DHCP scope.
I will paste the logs very soon.
Please let me know if i am doing anything wrong oe what will be the issue.
Thanks in advance,
Mohammed AmeenHello All,
Please find the logs for "debug capwap event" from the WLC below:
*spamReceiveTask: Sep 26 19:44:59.196: e8:04:62:0a:3f:10 Join Version: = 117465600
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join resp: CAPWAP Maximum Msg element len = 92
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join Response sent to 192.168.1.156:45510
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 CAPWAP State: Join
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
*apfReceiveTask: Sep 26 19:44:59.198: e8:04:62:0a:3f:10 Register LWAPP event for AP e8:04:62:0a:3f:10 slot 0
*spamReceiveTask: Sep 26 19:44:59.341: e8:04:62:0a:d1:20 DTLS connection not found, creating new connection for 192:168:1:158 (45644) 192:168:1:2 (5246)
*spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 DTLS Session established server (192.168.1.2:5246), client (192.168.1.158:45644)
*spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 Starting wait join timer for AP: 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.121: e8:04:62:0a:d1:20 Join Request from 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join Version: = 117465600
*spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join resp: CAPWAP Maximum Msg element len = 92
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 Join Response sent to 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 CAPWAP State: Join
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
*apfReceiveTask: Sep 26 19:45:00.125: e8:04:62:0a:d1:20 Register LWAPP event for AP e8:04:62:0a:d1:20 slot 0
*spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 Configuration Status from 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 CAPWAP State: Configure
*spamReceiveTask: Sep 26 19:45:00.273: Invalid channel 1 spacified for the AP APf866.f2ab.24b6, slotId = 0
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP info for AP e8:04:62:0a:d1:20 -- static 0, 192.168.1.158/255.255.255.0, gtw 192.168.1.254
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP 192.168.1.158 ===> 192.168.1.158 for AP e8:04:62:0a:d1:20
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Setting MTU to 1485
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Finding DTLS connection to delete for AP (192:168:1:158/45644)
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Disconnecting DTLS Capwap-Ctrl session 0xa06d6a4 for AP (192:168:1:158/45644)
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 CAPWAP State: Dtls tear down
*spamReceiveTask: Sep 26 19:45:00.277: spamProcessGlobalPathMtuUpdate: Changing Global LRAD MTU to 576
*spamReceiveTask: Sep 26 19:45:00.277: e8:04:62:0a:d1:20 DTLS connection closed event receivedserver (192:168:1:2/5246) client 192:168:1:158/45644).
The Acess point joins the Controller for 2-3 seconds and then unjoins again. I am not sure what i am doing wrong here. The access points are getting the IPs from the ADSL modem through the switch, then it talks to the WLC, however it does not join the controller for further process.
Note:
The Managemnet interface and the AP manager interface are assigned to the same port 1 with unassigned Vlan as mention above. -
Regulary disconect at CISCO Wi-Fi access point
We use CISCO access point in out office (AIR-LAP1142N-E-K9). All apple devices which use WI-FI regulary drop connection.
We have addressed this issue to CISCO support with system logs and remote access to device. The found out that Apple devices are sending disconnect command to router, so CISCO support claims that problem is in apple devices compatibility with CISCO AIR-LAP1142N-E-K9.
Did anyone had this issue before? And what would you advice to solve this?hi Max, we are having something similiar yet disssimilar - we use 2 factor authentication using an RSA token
Our issue is that wifi does not resume if you go to sleep mode (lid closed) for like 30 sec to a few minutes and we are forced to re-authenticate. It used to work fine on OSX 10.6.
.... on 10.6, the wifi "resumes" fine after coming out of sleep.
... we lose the connection after going to sleep mode on 10.7 and 10.8 and forced to re-enter RSA credentials....
Did you resolve your issue? -
CISCO 1700 .11AC access points.
Hi ,
A Simple query .
As you all know , the cisco 1700 access points come with two 1GE uplink ports .( Primary and Auxilliary ).
I was under the impression that i can connect both these ports to an uplink switch , to create a LAG.
Is it possible ? or is it strictly an Auxiliary port and can't be actively used at the same time ?There is another reason why this does not require aggregation.
1700 support 11ac wave 1 which is 1.3Gbps over the air data rate. Considering RF efficiency (~40-70% due to management & control overhead) real throughput is much less than 1Gbps. So 1Gbps physical port is not a limitation for 11ac wave 1.
HTH
Rasika
**** Pls rate all useful responses *** -
Controller-based access points conversion
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Q:
I’ve the 1140 AP (LAP) flavor; can I convert it to Standalone access points?
If yes can you please explain how and if you have documentation that will be great.
Thank you all for reading and helping.You can convert the AP from autonomous AP (aAP) to light-weight AP (LWAP) and vice versa. It all boils down to the IOS you run.
If you have a WLC, ollow the proceedure below:
Using a Wireless LAN Controller to Return to a Previous Release
http://www.cisco.com/en/US/docs/wireless/access_point/conversion/lwapp/upgrade/guide/lwapnote.html#wp157689
If you don't have a WLC, follow the proceedure below:
Using a Wireless LAN Controller to Return to a Previous Release
http://www.cisco.com/en/US/docs/wireless/access_point/conversion/lwapp/upgrade/guide/lwapnote.html#wp157689
If you find my post helpful, please do not hesistate to rate. Thank you very much. -
Cisco Security Advisory: Access Point Memory Exhaustion from ARP Attacks
I recieved this Cisco Advisory e-mail today. I have 1200 access points that I upgraded yesterday to 12.3(7)JA2, in which this problem was corrected. In the advisory it states to upgrade to this software release and to make a configuration change on each radio interface. I made this change on Dot11Radio0 interface and it took. I have 2 more interfaces ( Dot11Radio0.2 and Dot11Radio0.75) in which I get an error when I try to make this configuration change. I don't quite understand these interfaces, so I would like to know if I really need to make this change on the other 2 interfaces or is making the change on the 1st one enough. Any information is certainly appreciated. Thanks, Laurie Coles
Since you have subinterfaces configured, you are apparently using
VLANs on your APs. The ARP table is only relevant for the VLAN
with the management IF, that is the native VLAN.
For all other VLANs it's simply bridging, therefore no ARP table,
and therefore this vulnerability doesn't apply here.
So your only concern should be the native VLAN, and unless you
need wireless access for managing your APs the best way for
securing this would be to not configure a SSID for this VLAN.
Then the only access to the AP would be over the Ethernet-IF.
The security advisory is more important for APs configured
without VLANs where wireless clients and the management IF
of the AP are in the same (W)LAN. -
Response times (PING) very high with CAP3602i access point
I have installed an access point CAP3602i in mode HREAP a controller Model 5508 with version 7.4.100.0 but the response times of the connected users are very high.
The less users are connected to the access point is faster surfing the internet and response times are low. But if there are many users connected, increase response times.
I'll be grateful someone comments any experience with this problem.
ThanksWe are talking about 15 users per AP, but that everything is surfing the internet and not so heavy downloads before aps 1141 and had had no such problem response times were normal between 2,3,4 ms
There is performing some function more cap3602i ap causes high response times.
Supposedly CAP3602i I say are better than the 1141, which is why we made the change but we found with surprise that high times.
The SSID was HREAP doubt it has anything to do with the 1141 does not give the issue of high times. -
Multiple Cisco Aironet 1131AG access points and same SSID?
We have multiple Cisco Aironet 1131AG devices, all wired on one Cisco L2 switch(2560) who is connected to L3 switch (3550). We assigned one VLAN for access point in L3 switch who acts as vtp server (L2 switch is vtp client). All ap's will have static ip address and all will have same SSID and no security and they will be using multiple channels (ex. 1,6,11). They will operate in 3 floor building for roaming wireless client. We won't using any wireless controller.
So my question is this: How to configure APs-all the same with different ip's, can we use L3 switch to create dhcp server for access points VLAN (pool for clients, and the rest for static ip for ap's)? Can one of the ap's be WDS and in the same time local radius server with users without Cisco Secure ACS or similar controller or I didn't understand this quite well :-). I followed guide http://www.cisco.com/en/US/docs/wireless/access_point/12.3_2_JA/configuration/guide/s32roamg.html for WDS where the part abou Cisco ACS is a problem, so I can use same ap as Local Authenticator as in guide http://www.cisco.com/en/US/docs/wireless/access_point/12.3_4_JA/configuration/guide/s34local.html#wp1035723.
Many thanks...Well, just so you know, WDS and local RADIUS authentication is only needed if you're using authentication on your wireless connection. You say you're not planning to use security, so this isn't necessary. However, I'd highly recommend at least using a simple WPA2-PSK to lock down your connection, otherwise you might end up giving free Internet access at best, and at worst you might be giving access to company PCs and servers. If you want to further use an 802.1x or WPA authentication method, then yes, you can use an AP as a RADIUS server and WDS to improve authenticated roaming, but this is far more limited than using a Cisco ACS.
As for your other questions, yes, your APs can all be configured the same except for at least three parameters: IP address, channel, and hostname. Configure your static IP addresses on the AP's BVI1 interface. Don't place it on the Radio or Ethernet interfaces, because if either of these interfaces goes down you'll lose the ability to configure the AP, so it's best to use the BVI1 interface.
And yes, configuring a DHCP scope for your clients on your L3 switch is a good design, or you could also use your DHCP server on a different subnet by using the ip helper-address command on the L3 interface. I hope this helps! Let me know if you need help configuring any of this.
Merry Christmas!
Jeff
Maybe you are looking for
-
Hi, I have few questions on alert monitor. 1. If we create an alert and have it as default macro, does it display in interactive planning book without a alert profile assignment? or should we assign an alert profile to see alerts in planning b
-
Receiver Determination Condition and XPATH
Hi Everyone, I have a receiver determination with conditions and can not figure out why one thing is working, and the other isn't. As suggested in the following forum post, XPATH and RECEIVER DETERMINATION, I had to do the following to my XPATH expre
-
RFC Sender - Logon User - What Roles and Authorizations?
Hi, Scenario: RFC Sender --> XI --> JDBC What necessary Roles and Authorizations has to be given for Logon User (in Sender RFC Communication Channel). It has to be moved to production soon. My Client wants to give only Roles and Authorization that ar
-
Auto-classification behaves strange
Hello all, I have following problem. I created index A with query-based taxonomy (auto-classification activated) and it was working perfect. But then I created new index B and imported the taxonomy from index A. Everything seems to be ok but auto-cla
-
I want to use DRM to restrict hierarchy maintenance and split the same into 2 users groups depending upon hierarchy level. Customer hierarchy upto first 5 generations can be managed by one user group where as below 5th generation, the same will be ma