Cisco Aironet 1242AG Setup

Hi,  We have a network on an oil rig offshore using a 1242AG for general internet browsing for those staying on the rig, and it works perfectly.  Now we want to expand this and I have a couple of challanges.
1. We would like to add multiple access points but these will all have to be cabled back to a central switch due to signals being blocked preventing one access point seeing another, so not guaranteed to be able to link wirelessly from one access point ot the next.  How is this best done, is it possible to setup all access points with the same SSID so users can easily move around and be associated with the best access point, or best to configure as individual access points?
2. Due to having access points available in living quarters, we want to avoid people leaving laptops constantly connected and using up our expensive satellite bandwidth and impacting on the use of others.  Is it possible with the 1242AG top setup a timeout period, where any connections are automatically disconnected?
This is all quite new to me so any help or comments on the above would be much appreciated.
Thanks.

1. We would like to add multiple access points but these will all have to be cabled back to a central switch due to signals being blocked preventing one access point seeing another, so not guaranteed to be able to link wirelessly from one access point ot the next.  How is this best done, is it possible to setup all access points with the same SSID so users can easily move around and be associated with the best access point, or best to configure as individual access points?
You have two choices:  Autonomous or Controller-based.  With autonomous, in order for you to "enjoy" roaming, you'd need Cisco WLSE or Wireless LAN Services Engine plus you have to configure and manage each APs.  With controller-based you just configure the controller, convert the APs to LWAP (very easy) and off you go.  You can start investigating if it's financially sound to invest in a 4402 series wireless LAN controller.  If you deploy, say, 10 APs, look for the price of the WLC4402-25 to support up to 25 APs.
2. Due to having access points available in living quarters, we want to avoid people leaving laptops constantly connected and using up our expensive satellite bandwidth and impacting on the use of others.  Is it possible with the 1242AG top setup a timeout period, where any connections are automatically disconnected? Not on the AP or WLC but RADIUS can.

Similar Messages

  • Need a Floorstand for a Cisco Aironet 1242AG WAP

    Could you please advise us on a good floorstand for a Cisco Aironet 1242AG WAP?
    We need to find a floorstand that would provide an effective mounting solution for our Wireless Access Point (Model Cisco Aironet 1242AG, images of the back and front are below). It should be at least 5 ft high (1.5 m) with pins/knobs or something to mount our WAP. Any ideas? Need answer asap.
    Thank you for your help!!

    Is the floor stand to do surveys or is it for a permanently mounting ? These normally are mounted to the celing tile.

  • Minimum safe distance to a Aironet 1242AG

    To whom it may concern,
    I've been trying to conduct safety studies on RF systems I'm using on a project, one of which is the Cisco Aironet 1242AG. The FCC's OET states that for the 2.45GHz frequency range, an RF exposure of 1mw/(cm^2) is acceptable for non-controlled RF. I ran a few calculations for our Aironet coupled with a high gain antenna (15dBi) and determined the minimum safe distance was 4.2" away from the antenna. However, standard documentation in the Quick Start Guide for the Aironet 1240AG series access point claims the minimum safe distance is 7.9". I'm trying to figure out how that 7.9" figure was arrived at. The high gain antenna in use is omnidirectional with a beam height of + - 8 degrees.
    The answer is important to me because we have our antenna mounted near a place where a human could sit. Part of me wonders if 7.9" was arrived at simply because the FCC OET Bulletin 65 Supplement C mentions devices with external omni-antenna being typically mounted 20cm away from where a human could be (pg.19).
    Any insight would be great to this.
    - jevans

    I think the line "Proper installation of this radio according to the instructions found in this manual will result in user exposure that is substantially below the FCC recommended limits" clarifies the fact that FCC recommended and cisco recommendation is different taking human safety into account.

  • "Busiest Clients" report template on Cisco Prime & Aironet 1242AG

    Yesterday I was trying to schedule a "Busiest Clients" report on our Cisco Prime physical appliance (PRIME-NCS-APL-K9, v2.1.0.0.87).
    My goal was to monitor the busiest clients on a couple of old Aironet access-points. These APs have been installed in a branch office of our university that rely on 4 Mb/s SHDSL WAN connectivity and, as you might imagine, some saturation occurs when the classrooms are crowded.
    Unfortunately, all the reports were empty ... there was only a "No data matches the specified criteria for the report” warning inside.
    The Client Statistics task (Administration>Background Tasks) was enabled and I was able to run this report selecting a different floor area ... after a few tries I've discovered that this error occurs only when the old Aironet 1242AG APs are involved. If I select a floor area populated with the newer 1142 and 2602 models, the report template works as intended.
    So, is there a way to fill a "Busiest Clients" report with data fetched from our old Aironet 1242AG APs?
    Our WLC is a Cisco Wireless Services Module 2 Controller for Cisco Catalyst 6500 (WS-SVC-WISM2-K9).
    (Sorry ... my English is a bit rusty)

    Hi,
    Kindly try to restart the Dameon manager with the command line of the server
    1> net stop crmdmgtd
    and then start the daemon manager --> net start crmdmgtd (wait for atleast 20-25 minutes before login back to LMS and also see if any file do exist at location CSCOps\Objects\dmgtd\ready folder).
    Get the output of pdshow after waiting for 20 minutes and stdout.log and stderr.log from CSCOpx\MDC\tomcat\logs.
    Many Thanks,
    Gaganjeet

  • Aironet 1242ag no longer working after software installation

    We killed an aironet 1242AG access point - someone installed the LWAPP software and it
    either got corrupted or the software itself changes the way the device functions dramatically.  In any
    case we want to revert it back to the way it is supposed to be but the web browser interface no longer works and TFTP
    doesn't seem to work either - We've tried a factory default reset but that doesn't do anything.
    Here's an error we're seeing at boot:
    Extracting files...
    extracting info (283 bytes)
    c1240-k9w7-mx.124-25d.JA/ (directory) 0 (bytes)
    c1240-k9w7-mx.124-25d.JA/html/ (directory) 0 (bytes)
    c1240-k9w7-mx.124-25d.JA/html/level/ (directory) 0 (bytes)
    c1240-k9w7-mx.124-25d.JA/html/level/1/ (directory) 0 (bytes)
    ERROR: Problem extracting files from archive.Loading "flash:/c1240-rcvk9w8-mx/c1
    I can provide with a full config file if requested.
    Thanks

    It is doing this -
    AP0016.47b2.1e60#debug capwap client no-reload
    CAPWAP ignore internal reload debugging is on
    AP0016.47b2.1e60#debug capwap console cli
    This command is meant only for debugging/troubleshooting
    Any configuration change may result in different
    behavior from centralized configuration.
    CAPWAP console CLI allow/disallow debugging is on
    AP0016.47b2.1e60#config t
    Enter configuration commands, one per line.  End with CNTL/Z.
    AP0016.47b2.1e60(config)#int fa 0
    AP0016.47b2.1e60(config-if)#ip address 192.168.1.216 255.255.255.0
    AP0016.47b2.1e60(config-if)#end
    AP0016.47b2.1e60#
    *Mar  1 00:06:18.015: %SYS-5-CONFIG_I: Configured from console by console
    AP0016.47b2.1e60#
        package info:
        Version Suffix: k9w7-.124-25d.JA
        Image Name: c1240-k9w7-mx.124-25d.JA
        Version Directory: c1240-k9w7-mx.124-25d.JA
        Ios Image Size: 5007872
        Total Image Size: 5755392
        Image Feature: WIRELESS LAN
        Image Family: C1240
        Wireless Switch Management Version: 7.0.94.21
    Extracting files...
    c1240-k9w7-mx.124-25d.JA/ (directory) 0 (bytes)
    c1240-k9w7-mx.124-25d.JA/html/ (directory) 0 (bytes)
    c1240-k9w7-mx.124-25d.JA/html/level/ (directory) 0 (bytes)
    c1240-k9w7-mx.124-25d.JA/html/level/1/ (directory) 0 (bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/appsui.js (557 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/back.shtml (506 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/cookies.js (5026 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/forms.js (17486 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/sitewide.js (16548 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/config.js (24933 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/stylesheet.css (3214 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/popup_capabilitycodes.shtml.gz (1015 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/filter.js.gz (1801 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/filter_vlan.js.gz (1461 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/filter_mac_ether.js.gz (1710 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/security.js.gz (957 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/vlan.js.gz (955 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ssid.js.gz (4098 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/dot1x.js.gz (982 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/network-if.js.gz (2080 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/stp.js.gz (952 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_assoc.shtml.gz (6087 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_event-log.shtml.gz (4398 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_home.shtml.gz (6949 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_network-if.shtml.gz (4063 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_network-map.shtml.gz (4356 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_services.shtml.gz (4185 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_system-sw.shtml.gz (3382 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/ap_contextmgr.shtml.gz (4187 bytes)
    c1240-k9w7-mx.124-25d.JA/html/level/1/images/ (directory) 0 (bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/ap_title_appname.gif (2115 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button.gif (1211 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_1st.gif (1171 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_cbottom.gif (318 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_current.gif (1206 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_endcap.gif (878 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_encap_last.gif (333 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_last.gif (386 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_button_nth.gif (1177 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_leftnav_dkgreen.gif (869 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_leftnav_green.gif (879 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_leftnav_upright.gif (64 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/apps_leftnav_yellow.gif (881 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/arrowdown_red.gif (108 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/arrowup_green.gif (108 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/corner_ur_7.gif (53 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/dkgreenmask11_up.gif (113 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/dkgreenmask28_upright.gif (110 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/grn_vertlines_bottom.gif (149 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/grn_vertlines_top.gif (141 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/hinav_plus.gif (56 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/left_bkg.gif (146 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/list_data.gif (122 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/logo.gif (29454 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/pixel.gif (49 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_downleft.gif (53 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_help_off.gif (934 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_help_on.gif (934 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_print_off.gif (111 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/sitewide_print_on.gif (111 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/spacer.gif (49 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/whitemask11_botleft.gif (62 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/whitemask11_upright.gif (61 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_alert.gif (73 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_critical.gif (73 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_debugging.gif (73 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_emergency.gif (73 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_error.gif (73 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_information.gif (73 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_notification.gif (73 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/event_warning.gif (73 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/1/images/check_mark.gif (71 bytes)
    c1240-k9w7-mx.124-25d.JA/html/level/15/ (directory) 0 (bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_assoc_adv.shtml.gz (4637 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_event-log_config-options.shtml.gz (6199 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_event-log_notif-options.shtml.gz (3187 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_express-setup.shtml.gz (11588 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_express-security.shtml.gz (13867 bytes)!
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_broadcast-ssid.shtml.gz (1259 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_no-security.shtml.gz (1578 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_eap-security.shtml.gz (1787 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_wep-security.shtml.gz (1593 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/def_wpa-security.shtml.gz (1849 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_ipaddress.shtml.gz (5075 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_802-11.shtml.gz (6896 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_802-11_b.shtml.gz (6832 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_802-11_c.shtml.gz (25249 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/dBm_mW_translation_table.shtml.gz (1509 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_802-11_d.shtml.gz (4546 bytes)
    extracting c1240-k9w7-mx.124-25d.JA/html/level/15/ap_network-if_ethernet.shtml.gz (4888 bytes)
    *Mar  1 00:07:20.944: %CAPWAP-5-STATIC_TO_DHCP_IP: Could not discover WLC using static IP. Forcing AP to use DHCP...
    *Mar  1 00:07:30.596: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.165, mask 255.255.255.0, hostname AP0016.47b2.1e60
    *Mar  1 00:07:30.970: %CAPWAP-3-ERRORLOG: Invalid event 29 & state 4 combination.
    *Mar  1 00:07:30.970: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message.
    *Mar  1 00:07:30.970: %CAPWAP-3-ERRORLOG: Failed to handle timer message.
    *Mar  1 00:07:30.970: %CAPWAP-3-ERRORLOG: Failed to process timer message.
    *Mar  1 00:07:30.970: %CAPWAP-3-ERRORLOG: Discovery interval timer expiry handler failed..
    Translating "CISCO-CAPWAP-CONTROLLER.xxxx.net"...domain server (xx.xyz.176.zzz)
    Translating "CISCO-LWAPP-CONTROLLER.xxxx.net"...domain server (xx.xyz.176.zzz)
    *Mar  1 00:07:35.473: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *Mar  1 00:07:36.486: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
    *Mar  1 00:07:36.589: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER.xxxx.net
    *Mar  1 00:07:36.690: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-LWAPP-CONTROLLER.xxxx.net [timed out]
    Premature end of tar file
    ERROR: Problem extracting files from archive.
    archive download: takes 32 seconds
    AP0016.47b2.1e60#

  • Server 2008 R2 RADIUS Server with a Cisco Aironet 1040 Wireless AP

    I am trying to get Server 2008 R2 RADIUS Server to work with a Cisco Aironet 1040 Wireless AP. I have installed the RADIUS server by MS standards and performed some searches on Google to configure the Cisco Aironet. I see others using a Wireless LAN Controller, which I do not have. I found this post below:
    https://supportforums.cisco.com/discussion/11546056/wlc-2504-radius-2008-r2-server
    But I have yet to locate a good step by step document on how to set it up and I have found so many different ways that others have set it up, but none have yet to work. I am having authentication issues that I have know of and I do not see any errors in the Windows Event Viewer and I do not know where the Acess Point stores it logs for any sort of error. Keep in mind this is the first time I am doing this. I do not have a Wireless LAN Controller and all my network / domain services are on individually built servers and not on one single server as I have seen with most of the documentation they all say the same thing by putting the Certificate Services, Domain Services (AD / ADS, etc), and NPS. I do not want that configuration and my setup should not be any different, but something is not right. I know from reading that this is not rocket science, but from someone who has never done it before this is difficult as I keep reading on and so many people do it different ways including what I have been reading according to what Cisco says to configure in the environment. Does anyone know where I can find good step by step documentation along with where I can look for logs on either device? I find that all the documentation I see on Cisco's website and from searching that it is old and outdated and not been updated in a long time so it is hard to determine what works and what does not work. I am stumped here and have been doing this for several weeks now with no luck. Thank you in advance.

    I did configure the Server 2008 R2 RADIUS Server using this video below: 
    https://www.youtube.com/watch?v=g-0MM_tK-Tk
    I also referenced Technet to make sure it was configured correctly as well. I am still not sure if I am 100% setup correctly on the Windows Server side, but I for sure want to make sure I have the AP side setup correctly. Do you know of a better article for the Windows Server 2008 R2 setup? Does it matter that I do not have all the services installed on the same server? Instead I have them installed on multiple servers.
    I have image number c1140-k9w7-tar.124.25d.JA1 on the AP. The part that confused me in that article, which I have seen before was the part about "Setting up access point must be configured in the authentication server as an AAA client." What is the AAA Client? I also am not aware of having Cisco Secure ACS anywhere built into the AP as that part through me off completely. Do I need to skip these steps? Thank you for help on this.

  • Cisco Aironet 1131G cannot access BVI

    I have configure our Cisco Aironet 1131G with Multiple SSID with VLAN's
    The Guest VLAN is working well and no problem,
    The issue i have is that I cannot connect to the BVI on the Wireless AP, i have setup to VLAN's
    2 = LAN & NATIVE VLAN
    999 = GUEST VLAN
    this is my config
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname NAFTA_AP_003
    logging rate-limit console 9
    aaa new-model
    aaa group server radius rad_eap
    aaa group server radius rad_mac
    aaa group server radius rad_acct
    aaa group server radius rad_admin
    aaa group server tacacs+ tac_admin
    aaa group server radius rad_pmip
    aaa group server radius dummy
    aaa group server radius rad_eap2
    server 10.1.122.50 auth-port 1645 acct-port 1646
    aaa authentication login default local
    aaa authentication login eap_methods group rad_eap
    aaa authentication login mac_methods local
    aaa authentication login eap_methods2 group rad_eap2
    aaa authorization exec default local
    aaa accounting network acct_methods start-stop group rad_acct
    aaa session-id common
    dot11 mbssid
    dot11 syslog
    dot11 vlan-name GUEST vlan 999
    dot11 vlan-name LAN vlan 2
    dot11 ssid Nufarm_EXT
       vlan GUEST
       authentication open
       authentication key-management wpa
       mbssid guest-mode
       wpa-psk ascii 7 053B0918245E6308015546
    dot11 ssid Nufarm_INT
       vlan 2
       authentication open eap eap_methods2
       authentication network-eap eap_methods2 mac-address mac_methods
       authentication key-management wpa
    username nemesis privilege 15 secret 5 $1$SjHa$TGIGBh.IhLNgflxBreKYf.
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption vlan GUEST mode ciphers aes-ccm tkip
    encryption vlan 2 mode ciphers tkip
    ssid Nufarm_EXT
    ssid Nufarm_INT
    channel 2422
    station-role root
    interface Dot11Radio0.2
    encapsulation dot1Q 2 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio0.999
    encapsulation dot1Q 999
    no ip unreachables
    no ip proxy-arp
    no ip route-cache
    no cdp enable
    bridge-group 255
    bridge-group 255 subscriber-loop-control
    bridge-group 255 block-unknown-source
    no bridge-group 255 source-learning
    no bridge-group 255 unicast-flooding
    bridge-group 255 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    shutdown
    dfs band 3 block
    channel dfs
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    interface FastEthernet0.2
    encapsulation dot1Q 2 native
    no ip route-cache
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface FastEthernet0.999
    encapsulation dot1Q 999
    no ip unreachables
    no ip route-cache
    no cdp enable
    bridge-group 255
    no bridge-group 255 source-learning
    bridge-group 255 spanning-disabled
    interface BVI1
    ip address 10.1.2.242 255.255.255.0
    no ip route-cache
    ip default-gateway 10.1.2.254
    ip http server
    ip http authentication aaa
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    ip radius source-interface BVI1
    radius-server attribute 32 include-in-access-req format %h
    radius-server host 10.1.122.50 auth-port 1645 acct-port 1646 key 7 03516213160B73435E0C2D16110504
    radius-server vsa send accounting
    bridge 1 route ip
    line con 0
    line vty 0 4
    end

    Ah, yeah that would do it, makes the swich want the VLAN to be tagged.  Nice catch on that!
    HTH,
    Steve
    Please remember to rate helpful posts or to mark the question as answered so that it can be found later.

  • Configuring Cisco Aironet 1140 for Radius and setting up a Radius server

    guys i need some help setting up my Radius to work with cisco aironet 1140, i am new at this however i was tasked with setting up a Radius server and setting our AP with WPA2- enterprise so users can log into our AP using AD credentials.
    When i try to setup on the AP a new SSID i do not see the option for WPA2- enterprise?

    Here are other links with examples:
    https://supportforums.cisco.com/thread/331581
    http://targetcisco.blogspot.com/2011/03/cisco-autonomous-access-point.html
    http://downloads.avaya.com/css/P8/documents/100041614
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • Cisco Aironet 702 - Transmitter Power: error

    hi,
      I have problem with setup Cisco Aironet 702. I set all properties. Interfaces gigaEthernet and Radio0 are UP. I don't see my SSID in network. On properties for Radio0 I see error in section Transmitter Power. How can I troubleshooting this issue?
    Here I uploaded screens from configuration pages
    https://onedrive.live.com/?gologin=1&mkt=en-US#cid=0AE7867F90F4DB32&id=AE7867F90F4DB32!257
    regards,
    Jacek

    running config
    Current configuration : 1838 bytes
    ! Last configuration change at 01:23:01 UTC Mon Mar 1 1993
    version 15.2
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname apOpenSpace
    logging rate-limit console 9
    enable secret 5 $1$AL/C$ZkBchBuZ9hGtztdUacBmO/
    no aaa new-model
    no ip cef
    dot11 syslog
    dot11 ssid Artim_Wifi
       authentication open
       authentication key-management wpa version 2
       wpa-psk ascii 7 096D5C1D1008464B525C
    dot11 guest
    username Cisco password 7 096F471A1A0A
    bridge irb
    interface Dot11Radio0
    no ip address
    encryption mode ciphers aes-ccm
    ssid Artim_Wifi
    antenna gain 0
    power local 5
    packet retries 64 drop-packet
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    interface Dot11Radio1
    no ip address
    shutdown
    antenna gain 0
    peakdetect
    no dfs band block
    packet retries 64 drop-packet
    channel dfs
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    interface GigabitEthernet0
    ip address 10.6.11.54 255.255.255.0
    duplex auto
    speed auto
    bridge-group 1
    bridge-group 1 spanning-disabled
    no bridge-group 1 source-learning
    interface BVI1
    ip address 10.6.11.54 255.255.255.0
    ipv6 address dhcp
    ipv6 address autoconfig
    ip default-gateway 10.6.11.1
    ip forward-protocol nd
    ip http server
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    bridge 1 route ip
    line con 0
    line vty 0 4
    login local
    transport input all
    end

  • Dual SSID (with dual VLAN) on Cisco AiroNet 1130

    Cisco Community,
    I need some major help in figuring out how to change our wireless setup. Currently, we have 2 Cisco AiroNet 1130 WAP's in the office that go directly into the 2 POE ports on our Cisco ASA 5500. These WAP's have 1 SSID and are using WEP for security. After demonstrating the flaws of WEP to my boss, he has agreed that we should use something more secure and I've suggested WPA. We want visitors to our office to be able to hop on our wireless but on a separate guest SSID with WEP.
    I'd like the internal SSID to route to the ASA and take the default route to the internet (it will be our new fiber connection once it's installed in a couple weeks). The default route is whichever connection is working since our ASA 5500 will fail over when it detects an outage.
    I'd like the guest SSID to route to the ASA and then go over our existing cable connection. This connection will be our backup once the fiber connection is installed. Since we won't be using it very often, but will be paying for it, I advised that we send all guest wireless traffic over this connection since 50/5 is plenty for guests.
    I have no idea how to create a VLAN and implement it but I can generally figure things out with a little help. The current SSID (which will be the internal SSID) has no VLAN. We do currently have a few VLANS on our network, one for voice (.42) and one for data (.100) and the default (.0). What device to I create the VLAN on (Cisco 5500?) and how to I setup the WAP? I need very basic instructions to start and I'm also trying to do this without causing downtime if possible.
    I've attached a diagram of what it should look like. Red indicates our internal network and Blue indicates the guest network. I can send screenshots as well.
    Hope everyone is enjoying their holidays.
    Thanks,
    Cody

    Cody,
    Here is a good doc to follow... it explains multiple ssid's and vlans
    https://supportforums.cisco.com/docs/DOC-14496
    Sent from Cisco Technical Support iPad App

  • Cisco Aironet 1142N at elementary school

    Hi. We're having a tough time at a couple of elementary schools that are using a number of Cisco products which we got through a deal with AT&T. I really hope you can give us some guidance. Here's our situation: We have an elementary school equipped with about eight Cisco Aironet 1142N access points. Signals go to 3 stacked switches (Cisco Catalyst 3750 PoE-48) and are managed via a Cisco wireless LAN controller (NME-AIR-WLC12-K9).
    We are having significant bandwidth problems. If we get more than 12 laptops (we've got a "mobile Macintosh lab") simultaneously online, the network freezes.We can't even get more than 15 iTouches online simultaneously.
    Here's the rest of the setup: our *elementary* school is connected via fiber (probably 10MB) to the *intermediary* school and then to the district office. The district office is connected to the Internet (county depart of Ed is officially the ISP; AT&T is the service provider).  The AT&T link may be 6MB.At the *intermediary* school the data traffic for the mobile Macs is    handled by an
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:12.0pt;
    font-family:"Times New Roman";
    mso-ascii-font-family:Cambria;
    mso-ascii-theme-font:minor-latin;
    mso-hansi-font-family:Cambria;
    mso-hansi-theme-font:minor-latin;}
    Apple Xserve workgroup server.
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:12.0pt;
    font-family:"Times New Roman";
    mso-ascii-font-family:Cambria;
    mso-ascii-theme-font:minor-latin;
    mso-hansi-font-family:Cambria;
    mso-hansi-theme-font:minor-latin;}
    The XServers are for Directory Services only (log in authentication for the MacBook Labs). There is one Open Directory Master at the intermediary school, and an Open Directory Replica at each site. A LightSpeed Total Traffic Control Server does content filtering for us. There are also about 5 Cisco (Windows-based) servers helping manage data at the intermediary school (VOIP and Wifi traffic only).The rest of the traffic (internal, wired ethernet) is handled by the Cisco switches and controllers; for external traffic - after the controllers it goes to the LightSpeed Traffic Control server then out the Cisco FireWall.
    Sorry to dump all that on you, but candidly since we installed the Aironets in September we haven't really been able to effectively use the mobile Mac lab. Ideally we'd like to be able to run about 30 laptops simultaneously. They don't have to get video -- just google searches would be a start.
    We should also note that at this elementary school, we have 4 wifi networks running different VLANs available through the Aironets. The one that has the most problems is the one I've described above -- it's supposed to be for student access. We have a teacher-only network that does NOT seem to have the same bandwidth constraints as the student network. We also Cisco VOIP phones all over the school, but use of the phones is modest.
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:12.0pt;
    font-family:"Times New Roman";
    mso-ascii-font-family:Cambria;
    mso-ascii-theme-font:minor-latin;
    mso-hansi-font-family:Cambria;
    mso-hansi-theme-font:minor-latin;}
    What we’d like to know:
    1.     Is it likely that we have an insufficient number of access points or that that those access points can’t handle? If so, is the problem likely that we need more access points? (and if that's true, why is the teachers' network ok?)
    2.     Is the problem more likely at the server or switch choke point?
    3.     Is it likely that the problem involves Student accounts rather than teacher accounts? Why would this be so?
    4.     What are the best ways to test what’s causing our choke points?
    Thank you for your help!!!

    Thanks all for your comments. Here are some responses as well as our current "plan of action." I'd VERY MUCH welcome any additional suggestions that you have about the test we're going to run (probably next Tue).
    1. Channel: the site operates on Channel 1 (2.4 Ghz)
    2. Professional site survey: no: AT&T is supposed to do it at some point as they're our ISP. But that hasn't yet happened. No idea when it might.
    3. Aggressive load balancing?  We don't know as AT&T has that info.
    4. 15th client... Once we exceed 15 clients, access for all clients grinds to a halt. The slowdown is a pretty steep curve (not quite a cliff) for 15 clients when we use iPods; it begins at 12 clients or so when we use Macbooks.
    5.   
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin:0in;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:12.0pt;
    font-family:Cambria;
    mso-ascii-font-family:Cambria;
    mso-ascii-theme-font:minor-latin;
    mso-hansi-font-family:Cambria;
    mso-hansi-theme-font:minor-latin;}
    Does your WLAN come to a halt or does the wired LAN gets affected too?
    When we experience these problems, the teachers’ wireless LAN is unaffected. The only place we’re experiencing the slowdown is on the wireless LAN that’s used by the students. We have a “computer lab” with a wired network of about 30 PCs. (Ethernet CAT 5 to fiber on the way out of the building). This is a separate VLAN from the (student) wireless VLAN. When the student wireless VLAN stalls, it DOES NOT affect either the wired VLAN or teacher network. We do experience slowdowns on the WIRED student VLAN but no where as severe as on the WIRELESS VLAN. (In other words, we can run all 30 wired PCs on the wired LAN).
    6. Could inability to get more computers on the network be due to an address limitation in the NAT server?
    No. We have a big, big address range.
    Here's our current plan: we're going to VERY CAREFULLY chronicle the drop off in usage at several points during the day:
    8:00 am (no students)
    10:00 am (busy school but probably not much student wifi usage)
    noon: we'll run a test with +15 students using laptops and measure the bandwidth using a network speed checker at every point. That way, we figure we'll have a clearer chart of the usage breakdown.
    Does anyone have any suggestions of addition things we should monitor during this test? We're going to do it next Tue (2/19).
    In addition, if there are any specific questions that we should put to AT&T, I'd love to hear them.
    Thank you all!!

  • Cisco Aironet ap1141n-e-k9 help configuration

    Hi all,
    i have just got a brand new aironet access point belonging to 1140 series (1141n-e-k9), it has been a while since i worked last time with cisco devices and i really need few help to configure this AP. (also useful link is appreciated)
    I've an existing (wired) network with a dhcp server that provides IPs for the following class: 192.168.1.0/24 (default gw 192.168.1.254)
    I would like to configure this new AP with ip 192.168.1.253 on gigabit ethernet while radio interface would have ip 192.168.2.1 and act as a dhcp server for following class: 192.168.2.0/24
    Maybe it could be configured in another way but it's important for me to have client connected to ap in a subnet (i.e. 192.168.2.0/24) different from existing one (192.168.1.0/24), is it possible?
    I read the manual with the title: "Cisco IOS Software Configuration Guide for Cisco Aironet Access Points" but i really can't figure out how to accomplish this simple(i guess) task.
    Any help (links,tips or tricks) would be really appreciated (since my brain is about to blow up )
    TIA,
    Antonio

    Hi Scott,
    thanks for your answer and for links you provided , however i have a problem with that.
    is it possible to find a solution for this problem internally to the AP? (sorry if my question would sound stupid)
    atm i can't "put my hands" on the device the ap is connected to (it's a customer's requirement, unfortunately) and i don't know either if the switch would be a cisco device, is there a solution (maybe without vlan) to solve my problem?
    since ap has an gigabitethernet interface and a radio one, couldn't i setup an ip belonging to class 192.168.1.0 to ethernet and an ip belonging to class 192.168.2.0 to radio dot11 and setup a bridge between this two interfaces?
    thanks for your answer and your time,
    Antonio

  • Cisco Aironet 1200 wireless network very slow

    I have a simple wireless network set up, 2 - Cisco Aironet 1200 AIR-AP1220B-A-K9 wireless access points with 2 dBi Diversity Omni directional Ceiling Mount Antennas. They are the only devices connected to a Multitech Routfinder router, the WAN side the router is connected to a dedicated DSL connection. They are powered by AIR-PWRINJ3 power injectors. The WAP get the IP address from the DHCP in the router.
    When connecting to the wireless network it runs very very slow, the signal strength is excellent and the connection speed is 54 mbps. But when opening a web browser it takes for ever to load a simple page like msn.com. If I connect the notebook directly to the router it runs very fast. We have tested with several notebooks and have the same problem. When I view the available wireless networks in range the only two that show up are the two Cisco 1200 WAP.
    I have done the following with no improvement:
    Change the channels from auto to 6 on one and 11 on the other.
    Reset to factory defaults.
    Update the firmware to c1200-k9w7-tar.123-7.JA2.tar
    Replace the 802.11b radios with 802.11g radios AIR-MP21G-A-K9.
    Disable the Aironet extensions.
    Following is the configuration from one of the access points (before the firmware update):
    version 12.2
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname MMA1
    aaa new-model
    aaa group server radius rad_eap
    aaa group server radius rad_mac
    aaa group server radius rad_acct
    aaa group server radius rad_admin
    aaa group server tacacs+ tac_admin
    aaa group server radius rad_pmip
    aaa group server radius dummy
    aaa authentication login default local
    aaa authentication login eap_methods group rad_eap
    aaa authentication login mac_methods local
    aaa authorization exec default local
    aaa authorization ipmobile default group rad_pmip
    aaa accounting network acct_methods start-stop group rad_acct
    aaa session-id common
    username xxxx privilege 15 password xxxx
    username xxx privilege 15 password xxxx
    ip subnet-zero
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    ssid MMA1
    authentication open
    guest-mode
    speed basic-1.0 basic-2.0 basic-5.5 basic-11.0
    rts threshold 2312
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface BVI1
    ip address 192.168.10.100 255.255.255.0
    no ip route-cache
    ip default-gateway 192.168.10.1
    ip http server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100
    ip http authentication aaa
    bridge 1 route ip
    line con 0
    line vty 5 15
    End
    Any suggestions would be greatly appreciated.
    Best regards,
    Randy

    Thanks for the info.
    The documentation say not to switch from auto to full duplex or half duplex when using inline power, well I think it says the AP may reboot. I may have tried half duplex before I upgraded the firmware.
    While upgrading I disconnected the AP, used a patch cord to connect it to the router and pluged the power directly into it to make sure the wiring to the AP was not the problem and it did the same thing.
    However, when trying to upgrade the firmware it took ~ 45 minuets to upload the image and filed a couple of times retrying. I connected the AP to the notebook directly with a crossover cable and it uploaded in about 45 seconds.
    That got me to thinking that there may be a problem with the router so I have replaced it with a Linksys.
    In the mean time the DSL went down yesterday so I have not been able to test the new setup.
    The cables are T568B
    W/O
    O/W
    W/G
    B/W
    W/B
    G/W
    W/B
    B/W
    Best regards,
    Randy

  • Question on boot image aironet 1242ag

    i am trying to change 5 aironet 1242ag's from LAP to autonomous.  i have tftp'ed an image to the device but i am having a problem getting it to load the image,  if someone has a minute to discuss i would very much appreciate it.
    I can provide details as needed..  thanks

    Converting a Lightweight Access Point Back to Autonomous Mode
    You can convert an access point from lightweight mode back to autonomous mode by loading a Cisco IOS Release that supports autonomous mode (Cisco IOS release 12.3(7)JA or earlier). If the access point is associated to a controller, you can use the controller to load the Cisco IOS release. If the access point is not associated to a controller, you can load the Cisco IOS release using TFTP.
    Note In some LWAPP deployments, the LWAPP controller resides between the access points and the rest of the network. In this topology, all traffic must cross over the controller before communication with network resources, such as a TFTP server, can occur. When converting back to non-LWAPP IOS with an access point that is no longer using the LWAPP protocol, traffic does not cross over the controller to reach the TFTP server.
    https://learningnetwork.cisco.com/thread/14405

  • AP Aironet 1242ag with AIR-ANT1728 antenna , extend cable

    Good day and thx in advance for any help.
    I 'm administration an Aironet 1242ag, and we are currently buying an
    AIR-ANT1728
    as antenna. The standard cable for the antenna is 0.9m long, and It could be insufficient for my needs.
    So a few questions:
    Can i extend it ?
    AIR-CAB050LL-R could fit?
    The connectors should be 1 male, 1 female?
    Thank you again
    Francesco

    You can extend it, but you will have some signal loss depending on the length of cable. These antennas have 'N' connectors and the cable will be fine since it has one female and one male 'N' connector. If this will be mounted outside make sure you use coax seal on the connector.
    Sent from Cisco Technical Support iPhone App

Maybe you are looking for

  • Tax report for Spain - Sequential Number

    The layout that I have prepared for the Tax report (RFUMSV00, Tx: S_ALR_87100833) shows the column "Sequential number." Thus, I have a relationship without jumping straight to the numbering of all invoices with VAT. The system assigns a "Sequential n

  • Where is the file I just down loaded from Email

    where is the file I just downloaded from Email

  • Preview/Debug link not working

    I know I seriously messed up. I was able to view files by clicking the "globe button" or pressing F12 to get an idea of how the page would look online and how well the links worked. Then something went south. Some how I set up a testing server...not

  • Putting my iTunes music on my Nano...please answer this one...very urgent.

    In my iTunes, I have all my songs that I want on my Nano. They are all in the order that I want but when I download them to my Nano, all my songs go in ABC order. How do I fix this to where I have an artist.....example: 50 Cent and all his music and

  • Changing color settings in BIBeans Tags in JDeveloper

    Hai all am new to JDeveloper. i want to change the font,color etc in output on BI Bean Tags... am using a graph in BI Desinger and attached it to my Customized JSP file i can change in my JSP documet but i cant change the colors, fonts of the BEAN di