Cisco Aironet 1242AG Setup
Hi, We have a network on an oil rig offshore using a 1242AG for general internet browsing for those staying on the rig, and it works perfectly. Now we want to expand this and I have a couple of challanges.
1. We would like to add multiple access points but these will all have to be cabled back to a central switch due to signals being blocked preventing one access point seeing another, so not guaranteed to be able to link wirelessly from one access point ot the next. How is this best done, is it possible to setup all access points with the same SSID so users can easily move around and be associated with the best access point, or best to configure as individual access points?
2. Due to having access points available in living quarters, we want to avoid people leaving laptops constantly connected and using up our expensive satellite bandwidth and impacting on the use of others. Is it possible with the 1242AG top setup a timeout period, where any connections are automatically disconnected?
This is all quite new to me so any help or comments on the above would be much appreciated.
Thanks.
1. We would like to add multiple access points but these will all have to be cabled back to a central switch due to signals being blocked preventing one access point seeing another, so not guaranteed to be able to link wirelessly from one access point ot the next. How is this best done, is it possible to setup all access points with the same SSID so users can easily move around and be associated with the best access point, or best to configure as individual access points?
You have two choices: Autonomous or Controller-based. With autonomous, in order for you to "enjoy" roaming, you'd need Cisco WLSE or Wireless LAN Services Engine plus you have to configure and manage each APs. With controller-based you just configure the controller, convert the APs to LWAP (very easy) and off you go. You can start investigating if it's financially sound to invest in a 4402 series wireless LAN controller. If you deploy, say, 10 APs, look for the price of the WLC4402-25 to support up to 25 APs.
2. Due to having access points available in living quarters, we want to avoid people leaving laptops constantly connected and using up our expensive satellite bandwidth and impacting on the use of others. Is it possible with the 1242AG top setup a timeout period, where any connections are automatically disconnected? Not on the AP or WLC but RADIUS can.
Similar Messages
-
Need a Floorstand for a Cisco Aironet 1242AG WAP
Could you please advise us on a good floorstand for a Cisco Aironet 1242AG WAP?
We need to find a floorstand that would provide an effective mounting solution for our Wireless Access Point (Model Cisco Aironet 1242AG, images of the back and front are below). It should be at least 5 ft high (1.5 m) with pins/knobs or something to mount our WAP. Any ideas? Need answer asap.
Thank you for your help!!Is the floor stand to do surveys or is it for a permanently mounting ? These normally are mounted to the celing tile.
-
Minimum safe distance to a Aironet 1242AG
To whom it may concern,
I've been trying to conduct safety studies on RF systems I'm using on a project, one of which is the Cisco Aironet 1242AG. The FCC's OET states that for the 2.45GHz frequency range, an RF exposure of 1mw/(cm^2) is acceptable for non-controlled RF. I ran a few calculations for our Aironet coupled with a high gain antenna (15dBi) and determined the minimum safe distance was 4.2" away from the antenna. However, standard documentation in the Quick Start Guide for the Aironet 1240AG series access point claims the minimum safe distance is 7.9". I'm trying to figure out how that 7.9" figure was arrived at. The high gain antenna in use is omnidirectional with a beam height of + - 8 degrees.
The answer is important to me because we have our antenna mounted near a place where a human could sit. Part of me wonders if 7.9" was arrived at simply because the FCC OET Bulletin 65 Supplement C mentions devices with external omni-antenna being typically mounted 20cm away from where a human could be (pg.19).
Any insight would be great to this.
- jevansI think the line "Proper installation of this radio according to the instructions found in this manual will result in user exposure that is substantially below the FCC recommended limits" clarifies the fact that FCC recommended and cisco recommendation is different taking human safety into account.
-
"Busiest Clients" report template on Cisco Prime & Aironet 1242AG
Yesterday I was trying to schedule a "Busiest Clients" report on our Cisco Prime physical appliance (PRIME-NCS-APL-K9, v2.1.0.0.87).
My goal was to monitor the busiest clients on a couple of old Aironet access-points. These APs have been installed in a branch office of our university that rely on 4 Mb/s SHDSL WAN connectivity and, as you might imagine, some saturation occurs when the classrooms are crowded.
Unfortunately, all the reports were empty ... there was only a "No data matches the specified criteria for the report” warning inside.
The Client Statistics task (Administration>Background Tasks) was enabled and I was able to run this report selecting a different floor area ... after a few tries I've discovered that this error occurs only when the old Aironet 1242AG APs are involved. If I select a floor area populated with the newer 1142 and 2602 models, the report template works as intended.
So, is there a way to fill a "Busiest Clients" report with data fetched from our old Aironet 1242AG APs?
Our WLC is a Cisco Wireless Services Module 2 Controller for Cisco Catalyst 6500 (WS-SVC-WISM2-K9).
(Sorry ... my English is a bit rusty)Hi,
Kindly try to restart the Dameon manager with the command line of the server
1> net stop crmdmgtd
and then start the daemon manager --> net start crmdmgtd (wait for atleast 20-25 minutes before login back to LMS and also see if any file do exist at location CSCOps\Objects\dmgtd\ready folder).
Get the output of pdshow after waiting for 20 minutes and stdout.log and stderr.log from CSCOpx\MDC\tomcat\logs.
Many Thanks,
Gaganjeet -
Aironet 1242ag no longer working after software installation
We killed an aironet 1242AG access point - someone installed the LWAPP software and it
either got corrupted or the software itself changes the way the device functions dramatically. In any
case we want to revert it back to the way it is supposed to be but the web browser interface no longer works and TFTP
doesn't seem to work either - We've tried a factory default reset but that doesn't do anything.
Here's an error we're seeing at boot:
Extracting files...
extracting info (283 bytes)
c1240-k9w7-mx.124-25d.JA/ (directory) 0 (bytes)
c1240-k9w7-mx.124-25d.JA/html/ (directory) 0 (bytes)
c1240-k9w7-mx.124-25d.JA/html/level/ (directory) 0 (bytes)
c1240-k9w7-mx.124-25d.JA/html/level/1/ (directory) 0 (bytes)
ERROR: Problem extracting files from archive.Loading "flash:/c1240-rcvk9w8-mx/c1
I can provide with a full config file if requested.
ThanksIt is doing this -
AP0016.47b2.1e60#debug capwap client no-reload
CAPWAP ignore internal reload debugging is on
AP0016.47b2.1e60#debug capwap console cli
This command is meant only for debugging/troubleshooting
Any configuration change may result in different
behavior from centralized configuration.
CAPWAP console CLI allow/disallow debugging is on
AP0016.47b2.1e60#config t
Enter configuration commands, one per line. End with CNTL/Z.
AP0016.47b2.1e60(config)#int fa 0
AP0016.47b2.1e60(config-if)#ip address 192.168.1.216 255.255.255.0
AP0016.47b2.1e60(config-if)#end
AP0016.47b2.1e60#
*Mar 1 00:06:18.015: %SYS-5-CONFIG_I: Configured from console by console
AP0016.47b2.1e60#
package info:
Version Suffix: k9w7-.124-25d.JA
Image Name: c1240-k9w7-mx.124-25d.JA
Version Directory: c1240-k9w7-mx.124-25d.JA
Ios Image Size: 5007872
Total Image Size: 5755392
Image Feature: WIRELESS LAN
Image Family: C1240
Wireless Switch Management Version: 7.0.94.21
Extracting files...
c1240-k9w7-mx.124-25d.JA/ (directory) 0 (bytes)
c1240-k9w7-mx.124-25d.JA/html/ (directory) 0 (bytes)
c1240-k9w7-mx.124-25d.JA/html/level/ (directory) 0 (bytes)
c1240-k9w7-mx.124-25d.JA/html/level/1/ (directory) 0 (bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/appsui.js (557 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/back.shtml (506 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/cookies.js (5026 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/forms.js (17486 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/sitewide.js (16548 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/config.js (24933 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/stylesheet.css (3214 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/popup_capabilitycodes.shtml.gz (1015 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/filter.js.gz (1801 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/filter_vlan.js.gz (1461 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/filter_mac_ether.js.gz (1710 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/security.js.gz (957 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/vlan.js.gz (955 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ssid.js.gz (4098 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/dot1x.js.gz (982 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/network-if.js.gz (2080 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/stp.js.gz (952 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_assoc.shtml.gz (6087 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_event-log.shtml.gz (4398 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_home.shtml.gz (6949 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_network-if.shtml.gz (4063 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_network-map.shtml.gz (4356 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_services.shtml.gz (4185 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_system-sw.shtml.gz (3382 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_contextmgr.shtml.gz (4187 bytes)
c1240-k9w7-mx.124-25d.JA/html/level/1/images/ (directory) 0 (bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/ap_title_appname.gif (2115 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button.gif (1211 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_1st.gif (1171 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_cbottom.gif (318 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_current.gif (1206 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_endcap.gif (878 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_encap_last.gif (333 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_last.gif (386 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_nth.gif (1177 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_leftnav_dkgreen.gif (869 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_leftnav_green.gif (879 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_leftnav_upright.gif (64 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_leftnav_yellow.gif (881 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/arrowdown_red.gif (108 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/arrowup_green.gif (108 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/corner_ur_7.gif (53 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/dkgreenmask11_up.gif (113 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/dkgreenmask28_upright.gif (110 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/grn_vertlines_bottom.gif (149 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/grn_vertlines_top.gif (141 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/hinav_plus.gif (56 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/left_bkg.gif (146 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/list_data.gif (122 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/logo.gif (29454 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/pixel.gif (49 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_downleft.gif (53 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_help_off.gif (934 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_help_on.gif (934 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_print_off.gif (111 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_print_on.gif (111 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/spacer.gif (49 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/whitemask11_botleft.gif (62 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/whitemask11_upright.gif (61 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_alert.gif (73 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_critical.gif (73 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_debugging.gif (73 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_emergency.gif (73 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_error.gif (73 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_information.gif (73 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_notification.gif (73 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_warning.gif (73 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/check_mark.gif (71 bytes)
c1240-k9w7-mx.124-25d.JA/html/level/15/ (directory) 0 (bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_assoc_adv.shtml.gz (4637 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_event-log_config-options.shtml.gz (6199 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_event-log_notif-options.shtml.gz (3187 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_express-setup.shtml.gz (11588 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_express-security.shtml.gz (13867 bytes)!
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_broadcast-ssid.shtml.gz (1259 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_no-security.shtml.gz (1578 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_eap-security.shtml.gz (1787 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_wep-security.shtml.gz (1593 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_wpa-security.shtml.gz (1849 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_ipaddress.shtml.gz (5075 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_802-11.shtml.gz (6896 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_802-11_b.shtml.gz (6832 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_802-11_c.shtml.gz (25249 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/dBm_mW_translation_table.shtml.gz (1509 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_802-11_d.shtml.gz (4546 bytes)
extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_ethernet.shtml.gz (4888 bytes)
*Mar 1 00:07:20.944: %CAPWAP-5-STATIC_TO_DHCP_IP: Could not discover WLC using static IP. Forcing AP to use DHCP...
*Mar 1 00:07:30.596: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.165, mask 255.255.255.0, hostname AP0016.47b2.1e60
*Mar 1 00:07:30.970: %CAPWAP-3-ERRORLOG: Invalid event 29 & state 4 combination.
*Mar 1 00:07:30.970: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message.
*Mar 1 00:07:30.970: %CAPWAP-3-ERRORLOG: Failed to handle timer message.
*Mar 1 00:07:30.970: %CAPWAP-3-ERRORLOG: Failed to process timer message.
*Mar 1 00:07:30.970: %CAPWAP-3-ERRORLOG: Discovery interval timer expiry handler failed..
Translating "CISCO-CAPWAP-CONTROLLER.xxxx.net"...domain server (xx.xyz.176.zzz)
Translating "CISCO-LWAPP-CONTROLLER.xxxx.net"...domain server (xx.xyz.176.zzz)
*Mar 1 00:07:35.473: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 00:07:36.486: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Mar 1 00:07:36.589: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER.xxxx.net
*Mar 1 00:07:36.690: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-LWAPP-CONTROLLER.xxxx.net [timed out]
Premature end of tar file
ERROR: Problem extracting files from archive.
archive download: takes 32 seconds
AP0016.47b2.1e60# -
Server 2008 R2 RADIUS Server with a Cisco Aironet 1040 Wireless AP
I am trying to get Server 2008 R2 RADIUS Server to work with a Cisco Aironet 1040 Wireless AP. I have installed the RADIUS server by MS standards and performed some searches on Google to configure the Cisco Aironet. I see others using a Wireless LAN Controller, which I do not have. I found this post below:
https://supportforums.cisco.com/discussion/11546056/wlc-2504-radius-2008-r2-server
But I have yet to locate a good step by step document on how to set it up and I have found so many different ways that others have set it up, but none have yet to work. I am having authentication issues that I have know of and I do not see any errors in the Windows Event Viewer and I do not know where the Acess Point stores it logs for any sort of error. Keep in mind this is the first time I am doing this. I do not have a Wireless LAN Controller and all my network / domain services are on individually built servers and not on one single server as I have seen with most of the documentation they all say the same thing by putting the Certificate Services, Domain Services (AD / ADS, etc), and NPS. I do not want that configuration and my setup should not be any different, but something is not right. I know from reading that this is not rocket science, but from someone who has never done it before this is difficult as I keep reading on and so many people do it different ways including what I have been reading according to what Cisco says to configure in the environment. Does anyone know where I can find good step by step documentation along with where I can look for logs on either device? I find that all the documentation I see on Cisco's website and from searching that it is old and outdated and not been updated in a long time so it is hard to determine what works and what does not work. I am stumped here and have been doing this for several weeks now with no luck. Thank you in advance.I did configure the Server 2008 R2 RADIUS Server using this video below:
https://www.youtube.com/watch?v=g-0MM_tK-Tk
I also referenced Technet to make sure it was configured correctly as well. I am still not sure if I am 100% setup correctly on the Windows Server side, but I for sure want to make sure I have the AP side setup correctly. Do you know of a better article for the Windows Server 2008 R2 setup? Does it matter that I do not have all the services installed on the same server? Instead I have them installed on multiple servers.
I have image number c1140-k9w7-tar.124.25d.JA1 on the AP. The part that confused me in that article, which I have seen before was the part about "Setting up access point must be configured in the authentication server as an AAA client." What is the AAA Client? I also am not aware of having Cisco Secure ACS anywhere built into the AP as that part through me off completely. Do I need to skip these steps? Thank you for help on this. -
Cisco Aironet 1131G cannot access BVI
I have configure our Cisco Aironet 1131G with Multiple SSID with VLAN's
The Guest VLAN is working well and no problem,
The issue i have is that I cannot connect to the BVI on the Wireless AP, i have setup to VLAN's
2 = LAN & NATIVE VLAN
999 = GUEST VLAN
this is my config
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname NAFTA_AP_003
logging rate-limit console 9
aaa new-model
aaa group server radius rad_eap
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa group server radius rad_eap2
server 10.1.122.50 auth-port 1645 acct-port 1646
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login eap_methods2 group rad_eap2
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 mbssid
dot11 syslog
dot11 vlan-name GUEST vlan 999
dot11 vlan-name LAN vlan 2
dot11 ssid Nufarm_EXT
vlan GUEST
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 053B0918245E6308015546
dot11 ssid Nufarm_INT
vlan 2
authentication open eap eap_methods2
authentication network-eap eap_methods2 mac-address mac_methods
authentication key-management wpa
username nemesis privilege 15 secret 5 $1$SjHa$TGIGBh.IhLNgflxBreKYf.
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan GUEST mode ciphers aes-ccm tkip
encryption vlan 2 mode ciphers tkip
ssid Nufarm_EXT
ssid Nufarm_INT
channel 2422
station-role root
interface Dot11Radio0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.999
encapsulation dot1Q 999
no ip unreachables
no ip proxy-arp
no ip route-cache
no cdp enable
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
bridge-group 255 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
dfs band 3 block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface FastEthernet0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface FastEthernet0.999
encapsulation dot1Q 999
no ip unreachables
no ip route-cache
no cdp enable
bridge-group 255
no bridge-group 255 source-learning
bridge-group 255 spanning-disabled
interface BVI1
ip address 10.1.2.242 255.255.255.0
no ip route-cache
ip default-gateway 10.1.2.254
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server attribute 32 include-in-access-req format %h
radius-server host 10.1.122.50 auth-port 1645 acct-port 1646 key 7 03516213160B73435E0C2D16110504
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 0 4
endAh, yeah that would do it, makes the swich want the VLAN to be tagged. Nice catch on that!
HTH,
Steve
Please remember to rate helpful posts or to mark the question as answered so that it can be found later. -
Configuring Cisco Aironet 1140 for Radius and setting up a Radius server
guys i need some help setting up my Radius to work with cisco aironet 1140, i am new at this however i was tasked with setting up a Radius server and setting our AP with WPA2- enterprise so users can log into our AP using AD credentials.
When i try to setup on the AP a new SSID i do not see the option for WPA2- enterprise?Here are other links with examples:
https://supportforums.cisco.com/thread/331581
http://targetcisco.blogspot.com/2011/03/cisco-autonomous-access-point.html
http://downloads.avaya.com/css/P8/documents/100041614
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Cisco Aironet 702 - Transmitter Power: error
hi,
I have problem with setup Cisco Aironet 702. I set all properties. Interfaces gigaEthernet and Radio0 are UP. I don't see my SSID in network. On properties for Radio0 I see error in section Transmitter Power. How can I troubleshooting this issue?
Here I uploaded screens from configuration pages
https://onedrive.live.com/?gologin=1&mkt=en-US#cid=0AE7867F90F4DB32&id=AE7867F90F4DB32!257
regards,
Jacekrunning config
Current configuration : 1838 bytes
! Last configuration change at 01:23:01 UTC Mon Mar 1 1993
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname apOpenSpace
logging rate-limit console 9
enable secret 5 $1$AL/C$ZkBchBuZ9hGtztdUacBmO/
no aaa new-model
no ip cef
dot11 syslog
dot11 ssid Artim_Wifi
authentication open
authentication key-management wpa version 2
wpa-psk ascii 7 096D5C1D1008464B525C
dot11 guest
username Cisco password 7 096F471A1A0A
bridge irb
interface Dot11Radio0
no ip address
encryption mode ciphers aes-ccm
ssid Artim_Wifi
antenna gain 0
power local 5
packet retries 64 drop-packet
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio1
no ip address
shutdown
antenna gain 0
peakdetect
no dfs band block
packet retries 64 drop-packet
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface GigabitEthernet0
ip address 10.6.11.54 255.255.255.0
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface BVI1
ip address 10.6.11.54 255.255.255.0
ipv6 address dhcp
ipv6 address autoconfig
ip default-gateway 10.6.11.1
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
login local
transport input all
end -
Dual SSID (with dual VLAN) on Cisco AiroNet 1130
Cisco Community,
I need some major help in figuring out how to change our wireless setup. Currently, we have 2 Cisco AiroNet 1130 WAP's in the office that go directly into the 2 POE ports on our Cisco ASA 5500. These WAP's have 1 SSID and are using WEP for security. After demonstrating the flaws of WEP to my boss, he has agreed that we should use something more secure and I've suggested WPA. We want visitors to our office to be able to hop on our wireless but on a separate guest SSID with WEP.
I'd like the internal SSID to route to the ASA and take the default route to the internet (it will be our new fiber connection once it's installed in a couple weeks). The default route is whichever connection is working since our ASA 5500 will fail over when it detects an outage.
I'd like the guest SSID to route to the ASA and then go over our existing cable connection. This connection will be our backup once the fiber connection is installed. Since we won't be using it very often, but will be paying for it, I advised that we send all guest wireless traffic over this connection since 50/5 is plenty for guests.
I have no idea how to create a VLAN and implement it but I can generally figure things out with a little help. The current SSID (which will be the internal SSID) has no VLAN. We do currently have a few VLANS on our network, one for voice (.42) and one for data (.100) and the default (.0). What device to I create the VLAN on (Cisco 5500?) and how to I setup the WAP? I need very basic instructions to start and I'm also trying to do this without causing downtime if possible.
I've attached a diagram of what it should look like. Red indicates our internal network and Blue indicates the guest network. I can send screenshots as well.
Hope everyone is enjoying their holidays.
Thanks,
CodyCody,
Here is a good doc to follow... it explains multiple ssid's and vlans
https://supportforums.cisco.com/docs/DOC-14496
Sent from Cisco Technical Support iPad App -
Cisco Aironet 1142N at elementary school
Hi. We're having a tough time at a couple of elementary schools that are using a number of Cisco products which we got through a deal with AT&T. I really hope you can give us some guidance. Here's our situation: We have an elementary school equipped with about eight Cisco Aironet 1142N access points. Signals go to 3 stacked switches (Cisco Catalyst 3750 PoE-48) and are managed via a Cisco wireless LAN controller (NME-AIR-WLC12-K9).
We are having significant bandwidth problems. If we get more than 12 laptops (we've got a "mobile Macintosh lab") simultaneously online, the network freezes.We can't even get more than 15 iTouches online simultaneously.
Here's the rest of the setup: our *elementary* school is connected via fiber (probably 10MB) to the *intermediary* school and then to the district office. The district office is connected to the Internet (county depart of Ed is officially the ISP; AT&T is the service provider). The AT&T link may be 6MB.At the *intermediary* school the data traffic for the mobile Macs is handled by an
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-ascii-font-family:Cambria;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Cambria;
mso-hansi-theme-font:minor-latin;}
Apple Xserve workgroup server.
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-ascii-font-family:Cambria;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Cambria;
mso-hansi-theme-font:minor-latin;}
The XServers are for Directory Services only (log in authentication for the MacBook Labs). There is one Open Directory Master at the intermediary school, and an Open Directory Replica at each site. A LightSpeed Total Traffic Control Server does content filtering for us. There are also about 5 Cisco (Windows-based) servers helping manage data at the intermediary school (VOIP and Wifi traffic only).The rest of the traffic (internal, wired ethernet) is handled by the Cisco switches and controllers; for external traffic - after the controllers it goes to the LightSpeed Traffic Control server then out the Cisco FireWall.
Sorry to dump all that on you, but candidly since we installed the Aironets in September we haven't really been able to effectively use the mobile Mac lab. Ideally we'd like to be able to run about 30 laptops simultaneously. They don't have to get video -- just google searches would be a start.
We should also note that at this elementary school, we have 4 wifi networks running different VLANs available through the Aironets. The one that has the most problems is the one I've described above -- it's supposed to be for student access. We have a teacher-only network that does NOT seem to have the same bandwidth constraints as the student network. We also Cisco VOIP phones all over the school, but use of the phones is modest.
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-ascii-font-family:Cambria;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Cambria;
mso-hansi-theme-font:minor-latin;}
What we’d like to know:
1. Is it likely that we have an insufficient number of access points or that that those access points can’t handle? If so, is the problem likely that we need more access points? (and if that's true, why is the teachers' network ok?)
2. Is the problem more likely at the server or switch choke point?
3. Is it likely that the problem involves Student accounts rather than teacher accounts? Why would this be so?
4. What are the best ways to test what’s causing our choke points?
Thank you for your help!!!Thanks all for your comments. Here are some responses as well as our current "plan of action." I'd VERY MUCH welcome any additional suggestions that you have about the test we're going to run (probably next Tue).
1. Channel: the site operates on Channel 1 (2.4 Ghz)
2. Professional site survey: no: AT&T is supposed to do it at some point as they're our ISP. But that hasn't yet happened. No idea when it might.
3. Aggressive load balancing? We don't know as AT&T has that info.
4. 15th client... Once we exceed 15 clients, access for all clients grinds to a halt. The slowdown is a pretty steep curve (not quite a cliff) for 15 clients when we use iPods; it begins at 12 clients or so when we use Macbooks.
5.
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:Cambria;
mso-ascii-font-family:Cambria;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Cambria;
mso-hansi-theme-font:minor-latin;}
Does your WLAN come to a halt or does the wired LAN gets affected too?
When we experience these problems, the teachers’ wireless LAN is unaffected. The only place we’re experiencing the slowdown is on the wireless LAN that’s used by the students. We have a “computer lab” with a wired network of about 30 PCs. (Ethernet CAT 5 to fiber on the way out of the building). This is a separate VLAN from the (student) wireless VLAN. When the student wireless VLAN stalls, it DOES NOT affect either the wired VLAN or teacher network. We do experience slowdowns on the WIRED student VLAN but no where as severe as on the WIRELESS VLAN. (In other words, we can run all 30 wired PCs on the wired LAN).
6. Could inability to get more computers on the network be due to an address limitation in the NAT server?
No. We have a big, big address range.
Here's our current plan: we're going to VERY CAREFULLY chronicle the drop off in usage at several points during the day:
8:00 am (no students)
10:00 am (busy school but probably not much student wifi usage)
noon: we'll run a test with +15 students using laptops and measure the bandwidth using a network speed checker at every point. That way, we figure we'll have a clearer chart of the usage breakdown.
Does anyone have any suggestions of addition things we should monitor during this test? We're going to do it next Tue (2/19).
In addition, if there are any specific questions that we should put to AT&T, I'd love to hear them.
Thank you all!! -
Cisco Aironet ap1141n-e-k9 help configuration
Hi all,
i have just got a brand new aironet access point belonging to 1140 series (1141n-e-k9), it has been a while since i worked last time with cisco devices and i really need few help to configure this AP. (also useful link is appreciated)
I've an existing (wired) network with a dhcp server that provides IPs for the following class: 192.168.1.0/24 (default gw 192.168.1.254)
I would like to configure this new AP with ip 192.168.1.253 on gigabit ethernet while radio interface would have ip 192.168.2.1 and act as a dhcp server for following class: 192.168.2.0/24
Maybe it could be configured in another way but it's important for me to have client connected to ap in a subnet (i.e. 192.168.2.0/24) different from existing one (192.168.1.0/24), is it possible?
I read the manual with the title: "Cisco IOS Software Configuration Guide for Cisco Aironet Access Points" but i really can't figure out how to accomplish this simple(i guess) task.
Any help (links,tips or tricks) would be really appreciated (since my brain is about to blow up )
TIA,
AntonioHi Scott,
thanks for your answer and for links you provided , however i have a problem with that.
is it possible to find a solution for this problem internally to the AP? (sorry if my question would sound stupid)
atm i can't "put my hands" on the device the ap is connected to (it's a customer's requirement, unfortunately) and i don't know either if the switch would be a cisco device, is there a solution (maybe without vlan) to solve my problem?
since ap has an gigabitethernet interface and a radio one, couldn't i setup an ip belonging to class 192.168.1.0 to ethernet and an ip belonging to class 192.168.2.0 to radio dot11 and setup a bridge between this two interfaces?
thanks for your answer and your time,
Antonio -
Cisco Aironet 1200 wireless network very slow
I have a simple wireless network set up, 2 - Cisco Aironet 1200 AIR-AP1220B-A-K9 wireless access points with 2 dBi Diversity Omni directional Ceiling Mount Antennas. They are the only devices connected to a Multitech Routfinder router, the WAN side the router is connected to a dedicated DSL connection. They are powered by AIR-PWRINJ3 power injectors. The WAP get the IP address from the DHCP in the router.
When connecting to the wireless network it runs very very slow, the signal strength is excellent and the connection speed is 54 mbps. But when opening a web browser it takes for ever to load a simple page like msn.com. If I connect the notebook directly to the router it runs very fast. We have tested with several notebooks and have the same problem. When I view the available wireless networks in range the only two that show up are the two Cisco 1200 WAP.
I have done the following with no improvement:
Change the channels from auto to 6 on one and 11 on the other.
Reset to factory defaults.
Update the firmware to c1200-k9w7-tar.123-7.JA2.tar
Replace the 802.11b radios with 802.11g radios AIR-MP21G-A-K9.
Disable the Aironet extensions.
Following is the configuration from one of the access points (before the firmware update):
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname MMA1
aaa new-model
aaa group server radius rad_eap
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
username xxxx privilege 15 password xxxx
username xxx privilege 15 password xxxx
ip subnet-zero
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
ssid MMA1
authentication open
guest-mode
speed basic-1.0 basic-2.0 basic-5.5 basic-11.0
rts threshold 2312
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 192.168.10.100 255.255.255.0
no ip route-cache
ip default-gateway 192.168.10.1
ip http server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100
ip http authentication aaa
bridge 1 route ip
line con 0
line vty 5 15
End
Any suggestions would be greatly appreciated.
Best regards,
RandyThanks for the info.
The documentation say not to switch from auto to full duplex or half duplex when using inline power, well I think it says the AP may reboot. I may have tried half duplex before I upgraded the firmware.
While upgrading I disconnected the AP, used a patch cord to connect it to the router and pluged the power directly into it to make sure the wiring to the AP was not the problem and it did the same thing.
However, when trying to upgrade the firmware it took ~ 45 minuets to upload the image and filed a couple of times retrying. I connected the AP to the notebook directly with a crossover cable and it uploaded in about 45 seconds.
That got me to thinking that there may be a problem with the router so I have replaced it with a Linksys.
In the mean time the DSL went down yesterday so I have not been able to test the new setup.
The cables are T568B
W/O
O/W
W/G
B/W
W/B
G/W
W/B
B/W
Best regards,
Randy -
Question on boot image aironet 1242ag
i am trying to change 5 aironet 1242ag's from LAP to autonomous. i have tftp'ed an image to the device but i am having a problem getting it to load the image, if someone has a minute to discuss i would very much appreciate it.
I can provide details as needed.. thanksConverting a Lightweight Access Point Back to Autonomous Mode
You can convert an access point from lightweight mode back to autonomous mode by loading a Cisco IOS Release that supports autonomous mode (Cisco IOS release 12.3(7)JA or earlier). If the access point is associated to a controller, you can use the controller to load the Cisco IOS release. If the access point is not associated to a controller, you can load the Cisco IOS release using TFTP.
Note In some LWAPP deployments, the LWAPP controller resides between the access points and the rest of the network. In this topology, all traffic must cross over the controller before communication with network resources, such as a TFTP server, can occur. When converting back to non-LWAPP IOS with an access point that is no longer using the LWAPP protocol, traffic does not cross over the controller to reach the TFTP server.
https://learningnetwork.cisco.com/thread/14405 -
AP Aironet 1242ag with AIR-ANT1728 antenna , extend cable
Good day and thx in advance for any help.
I 'm administration an Aironet 1242ag, and we are currently buying an
AIR-ANT1728
as antenna. The standard cable for the antenna is 0.9m long, and It could be insufficient for my needs.
So a few questions:
Can i extend it ?
AIR-CAB050LL-R could fit?
The connectors should be 1 male, 1 female?
Thank you again
FrancescoYou can extend it, but you will have some signal loss depending on the length of cable. These antennas have 'N' connectors and the cable will be fine since it has one female and one male 'N' connector. If this will be mounted outside make sure you use coax seal on the connector.
Sent from Cisco Technical Support iPhone App
Maybe you are looking for
-
Tax report for Spain - Sequential Number
The layout that I have prepared for the Tax report (RFUMSV00, Tx: S_ALR_87100833) shows the column "Sequential number." Thus, I have a relationship without jumping straight to the numbering of all invoices with VAT. The system assigns a "Sequential n
-
Where is the file I just down loaded from Email
where is the file I just downloaded from Email
-
Preview/Debug link not working
I know I seriously messed up. I was able to view files by clicking the "globe button" or pressing F12 to get an idea of how the page would look online and how well the links worked. Then something went south. Some how I set up a testing server...not
-
In my iTunes, I have all my songs that I want on my Nano. They are all in the order that I want but when I download them to my Nano, all my songs go in ABC order. How do I fix this to where I have an artist.....example: 50 Cent and all his music and
-
Changing color settings in BIBeans Tags in JDeveloper
Hai all am new to JDeveloper. i want to change the font,color etc in output on BI Bean Tags... am using a graph in BI Desinger and attached it to my Customized JSP file i can change in my JSP documet but i cant change the colors, fonts of the BEAN di