Multiple SSIDS with VLAN ACL seperation
Hi,
I have bought a 887W and I'm new to wireless on a router, I need advice about seperating multiple SSIDs with access list.
I have configured 2 SSIDs one for 'trusted' clients and one for 'guest' clients. I want to prevent the 'guest' SSID obtaining access to the other vlan/SSID using an ACL.
Each SSID is associated with a BVI, the BVI has the IP address, then it's linked to a seperated VLAN interface, then each VLAN.
Thanks if you can help...
Dave
Solved my issue, I simply attached the ACLs to the BVI interfaces. Fairly obvious, but I read a Cisco webpage that said this could not be done, although this may have been a temporary bug that has been fixed.
Similar Messages
-
Hi Surendra,
I was just given this task to see how i can configure a second ssid for guest access in our environment.
this is our network setup prior to this request: Internet----Firewall (not ASA)---ce520---C1131AG and CME router is also connecting to the ce520 switch. we only have two vlans: one for voice and two for data.
Presently, there is no vlan configured on the AP because it on broadcasting ont ssid and wireless users gets IP from a windows DHCP server on the LAN. the configuration on the ce520 switch port for the AP and other switches say access vlan is the DATA vlan which automatically becomes the native vlan for all trunk port connecting the AP and other Stiches to the network.
Now with this new requirement, i have made my research and i have configured the AP to broadcast both the production and the guest Vlans. The two vlans are 20-DATA and 60-Guest. I made the DATA vlan on the AP the native vlan since the poe switch is using the DATA vlan as native on the trunk ports. I configured the firewall to serve as DHCP server for the guest ssid and i have added the ip helper-address on the guest vlan interface on all switches while the windows server remains the dhcp server for the production DATA Vlan. I have confirmed that the AP, switches can ping the default gateway of the guest dhcp server which is another interface on the firewall. I can now see and connect to all broadcasted ssids but the problem is I am not getting IP addresses from both the production dhcp server and guest dhcp server when i connected to the ssid one at a time.
My AP config is attached below.
Please tell me what am I doing wrong.
Do i need to redesign the whole network to have a native vlan other nthan the data vlan?
Does the access point need to be aware of the voice vlan?
Do the native Vlan on the AP need to be in Bridge-group 1 or can i leave it in bridge-group 20?
I will greatly appreciate your urgent response.
Thanks in advanced.Hi,
As far as i know we dont set the ip helper address on the radio interface. It should be on the L3 interface of corresposding VLANs i.e.
int vlan 20
ip helper-address 192.168.33.xxx
int vlan 60
ip helper-address 130.20.1.xxx
I'm assuming that your using SVI's (int Vlan 20 and int Vlan 60) rahter than physical interfaces. Also hope you have configured switch port as trunk where this AP is connected.
Modify the AP config as below since you are using data vlan as the native vlan
interface Dot11Radio0.20
encapsulation dot1Q 20 native
interface FastEthernet0.20
encapsulation dot1Q 20 native
Ideally your AP fastethernet configuration should looks like below and not sure how you missed this as this comes by default when you have multiple vlans for multiple ssids.
interface FastEthernet0.20
encapsulation dot1Q 20 native
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
interface FastEthernet0.60
encapsulation dot1Q 60
no ip route-cache
bridge-group 60
no bridge-group 60 source-learning
bridge-group 60 spanning-disabled
Hope this helps.
Regards
Najaf -
Setting up Multiple SSID's & VLAN
I have a Cisco 1230 AP along with a Sonic Wall TZ 210 and a Linksys SFE 2010P switch. On my AP I have created 2 SSID's. and 2 VLAN's. The first SSID is being broadcasted and has WPA encryption on it for our Corporate USers. The Second SSID is a Guest SSID and too is being broadcasted. I can make a laptop connect to the 1st SSID, but for some reason the 2nd SSID nothing will connect to it. The first SSID is associated to VLAN1 and the 2nd SSID is associated to VLAN2. VLAN1 has WPA encryption on it. VLAN2 is setup as Open and no Encryption. Any ideas?
My next question is how to I configure traffic on this AP with the other equipment mentioned? On my sonicwall we have segmented port6 on it to be a different subnet from the corporate subnet. On the Linksys switch I have enable VLANS on port2 and port48 which are on VLAN2. All other ports are on VLAN1. The AP connects to Ports 2 on the linksys switch and port 48 connects to port 6 on the Sonic Wall. When a corporate user connects to SSID1 I want them to be able to connect to the Corporate subnet. When a guest connects to SSID2 I want them to connect to the segmented guest network to only have Internet Access.
Hope this makes sense!
Below is my config on the AP. I am really only familiar with the IOS web interface so if you can explain it using that I'd appreciate it.
AP_WLAN_Bakery
Home Exec Configure
------------------ show version ------------------
Cisco IOS Software, C1200 Software (C1200-K9W7-M), Version 12.3(8)JEB1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Fri 20-Jul-07 20:51 by dchih
ROM: Bootstrap program is C1200 boot loader
BOOTLDR: C1200 Boot Loader (C1200-BOOT-M) Version 12.2(8)JA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
AP_WLAN_Bakery uptime is 1 hour, 40 minutes
System returned to ROM by reload
System restarted at 10:52:05 -0400 Fri Oct 15 2010
System image file is "flash:/c1200-k9w7-mx.123-8.JEB1/c1200-k9w7-mx.123-8.JEB1"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-AP1231G-A-K9 (PowerPC405GP) processor (revision B0) with 15138K/1236K bytes of memory.
Processor board ID FOC0849218B
PowerPC405GP CPU at 196Mhz, revision number 0x0145
Last reset from reload
1 FastEthernet interface
1 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:12:D9:8B:09:93
Part Number : 73-8704-08
PCA Assembly Number : 800-23211-09
PCA Revision Number : A0
PCB Serial Number : FOC0849218B
Top Assembly Part Number : 800-23304-08
Top Assembly Serial Number : FTX0902R2V1
Top Revision Number : A0
Product/Model Number : AIR-AP1231G-A-K9
Configuration register is 0xF
------------------ show running-config ------------------
Building configuration...
Current configuration : 2544 bytes
! Last configuration change at 12:07:29 -0400 Fri Oct 15 2010 by admin
! NVRAM config last updated at 12:07:29 -0400 Fri Oct 15 2010 by admin
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname AP_WLAN_Bakery
clock timezone -0500 -5
clock summer-time -0400 recurring
ip subnet-zero
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
dot11 vlan-name VLAN_Corporate vlan 1
dot11 vlan-name VLAN_Guest vlan 2
dot11 ssid WLAN_Corporate
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 005740565C0C5C5F5C741F
dot11 ssid WLAN_HartKitGuest
vlan 2
authentication open
mbssid guest-mode
username admin privilege 15 password 7 <removed>
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm tkip
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
mbssid
speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
station-role root
no dot11 extension aironet
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface FastEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
interface BVI1
ip address 192.168.2.240 255.255.255.0
no ip route-cache
ip default-gateway 192.168.2.1
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
sntp server 192.168.2.5
sntp broadcast client
end
------------------ show stacks ------------------
Minimum process stacks:
Free/Size Name
4572/5500 soap_flash init
10024/11000 DHCP Autoinstall
5160/5500 Autoinstall
11748/12000 Setup
10552/11000 BootP Resolver
5240/5500 dot11 platform init
8824/12000 Init
5088/5500 RADIUS INITCONFIG
2576/3000 Rom Random Update Process
5144/11000 HTTP CP
3084/5500 Soap Flash Save Variables
Interrupt level stacks:
Level Called Unused/Size Name
4 125707 8056/9000 dot11 radio interrupt
6 9783 8960/9000 NS16550 VECTOR
------------------ show interfaces ------------------
BVI1 is up, line protocol is up
Hardware is BVI, address is 0012.d98b.0993 (bia 0013.1973.8d50)
Internet address is 192.168.2.240/24
MTU 1500 bytes, BW 54000 Kbit, DLY 5000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
5 minute input rate 10000 bits/sec, 9 packets/sec
5 minute output rate 10000 bits/sec, 4 packets/sec
59436 packets input, 8310033 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
31826 packets output, 18823451 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Dot11Radio0 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:15:20, output 00:15:20, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 47
Queueing strategy: fifo
Output queue: 0/30 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
16093 packets input, 1696312 bytes, 0 no buffer
Received 1913 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
8367 packets output, 2930004 bytes, 0 underruns
13 output errors, 0 collisions, 37 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Dot11Radio0.1 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
Dot11Radio0.2 is up, line protocol is up
Hardware is 802.11G Radio, address is 0013.1973.8d50 (bia 0013.1973.8d50)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
FastEthernet0 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s, MII
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/160/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 13000 bits/sec, 10 packets/sec
5 minute output rate 10000 bits/sec, 4 packets/sec
75878 packets input, 12726627 bytes
Received 43517 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
38986 packets output, 19917202 bytes, 0 underruns
0 output errors, 0 collisions, 7 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet0.1 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
FastEthernet0.2 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0012.d98b.0993 (bia 0012.d98b.0993)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
Last clearing of "show interface" counters never
------------------ show controllers ------------------
interface Dot11Radio0
Radio AIR-MP31G, Base Address 0013.1973.8d50, BBlock version 0.00, Software version 6.11.1
Serial number: FOC0901D4S1
Number of supported simultaneous BSSID on Dot11Radio0: 8
Carrier Set: Americas (US )
Uniform Spreading Required: No
Current Frequency: 2412 MHz Channel 1
Allowed Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11)
Listen Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11) 2467(12) 2472(13) 2484(14)
Beacon Flags: 0; Beacons are enabled; Probes are enabled
Current CCK Power: 100 mW
Allowed CCK Power Levels: 1 5 10 20 30 50 100
Current OFDM Power: 30 mW
Allowed OFDM Power Levels: 1 5 10 20 30
Allowed Client Power Levels: 1 5 10 20 30 50 100
ERP settings: short slot time.
Neighbors in non-erp mode:
Current Rates: basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Active Rates: basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Allowed Rates: 1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Best Range Rates: basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Best Throughput Rates: basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
Default Rates: basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
Current Voice Rates: 5.5 6.0 11.0 12.0 24.0 [disabled until voice packet-discard enabled]
Default Voice Rates: 5.5 6.0 11.0 12.0 24.0
Channel / Max Power Table
1 O=15 D=20, 2 O=15 D=20, 3 O=15 D=20, 4 O=15 D=20, 5 O=15 D=20
6 O=15 D=20, 7 O=15 D=20, 8 O=15 D=20, 9 O=15 D=20, 10 O=15 D=20
11 O=15 D=20
Data Rate Sensitivity (rate, SNR dB, Contention dBm)
( 1.0, 1, -98) ( 2.0, 7, -94) ( 5.5, 9, -92) (11.0, 16, -86)
( 6.0, 7, -92) ( 9.0, 14, -87) (12.0, 12, -87) (18.0, 15, -84)
(24.0, 17, -82) (36.0, 24, -76) (48.0, 29, -73) (54.0, 33, -69)
Radio Management (RM) Configuration:
Regular AP RM Mode 1 Temp Setting Disabled
Temp Settings: AP Tx Power 0 AP Tx Channel 0 Client Tx Power 0
Rates:
Saved Settings: AP Tx Power 0 AP Tx Channel 1 Client Tx Power 0
Rates:
MCST RSCs: [0]0x0 [1]0x0 [2]0x0 [3]0x0 [4]0x0
TKIP Cum Stats: STA MIC-L-Errs MIC-R-Errs Replay C-Measure
0000.0000.0000 00000000 00000000 00000000 00000000
AES-CCMP Cum Stats: 00000000 replays discarded
QBSS Load: 0x0
Policing Stats:Rx downgardes 0, Tx downgrades 0
Configured Local Access Class Parameters
Back : cw-min 4 cw-max 10 fixed-slot 7 admission-control Off txop 0
Best : cw-min 4 cw-max 6 fixed-slot 3 admission-control Off txop 0
Video : cw-min 3 cw-max 4 fixed-slot 1 admission-control Off txop 3008
Voice : cw-min 2 cw-max 3 fixed-slot 1 admission-control Off txop 1504
Configured Cell Access Class Parameters
Back : cw-min 4 cw-max 10 fixed-slot 7 admission-control Off txop 0
Best : cw-min 4 cw-max 10 fixed-slot 3 admission-control Off txop 0
Video : cw-min 3 cw-max 4 fixed-slot 2 admission-control Off txop 3008
Voice : cw-min 2 cw-max 3 fixed-slot 2 admission-control Off txop 1504
Transmit queues: Active 0 In Progress 0
---- Active --- In-Progress --------------- Counts --------------
Cnt Quo Bas Max Cnt Quo Bas Sent Discard Fail Retry Multi
Uplink 0 0 0 0 0 0 0 0 0 0 0 0
Voice 0 0 0 0 0 0 0 55 0 0 1 1
Video 0 0 0 0 0 0 0 0 0 0 0 0
Best 0 3 70 3 0 3 24 7937 0 0 127 12
Mcast 0 0 0 0 0 0 0 329 0 0 0 0
Mcast 0 0 0 0 0 0 0 30 0 0 0 0
Back 0 0 0 0 0 0 0 329 0 0 0 0
BSSIDS Index Flags State Next Held Defer NonDefer Clients Tsf Dtim Txq
8D50 0 20 0 0 0 0 0 0 200 2 0
8D51 1 20 0 0 0 0 0 0 150 2 1
UP ClientQAged AcQAged PacketAged Drop Retry/Thresh Timeout CQMax
7 0 0 0 3/100 0/500 35 4
6 0 0 0 3/100 0/500 35 4
5 0 0 0 3/100 0/500 35 4
4 0 0 0 3/100 0/500 35 4
3 0 0 0 3/100 0/500 35 4
2 0 0 0 3/100 0/500 35 4
1 0 0 0 3/100 0/500 35 4
Driver TX blocks: in use 0, high 10, at reset 0, fail 0, reclaim 0
Clients: 8021x auth in prog 0 allowed 0
Vlan BSSID Clients PSP Pri Encr Key0 Key1 Key2 Key3 SSIDs
0 8D50 0 0 0 0 234 x128
1n 8D50 0 0 0 0 234 x128 WLAN_Corporate
2 8D51 1 0 0 0 0 WLAN_HartKitGuest
0 0 flags 3
1 1 flags 3
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
0 0 flags 0
17 0 flags 0
18 0 flags 0
Registers: io E8000000 mem 80000000 aux A0000000
0000 FF50 0000 0000 0021 0000 0000 0000
0001 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000 0000 0000
0500 0007 0000 0000 0808 09E8 0000 0504
0000 0000 0000 0000 0424 0059 E2ED 2D9D
00000000 00000200 20000200 FFFFFFFF F7FFFFFF 00000000 00000000 00200000
FFFFFFE2 00000FFF 72ED14BD 4A040401 00000000 00000000 00008000 00008080
00000000 00000000 00000000 00000000 00008F78 000012DC 00000000 0000C0EA
Radio running: temp 0 C tx_power 100 bb_code 0x0
rssi_threshold 0x0 gain offset 0
Antenna: external , gain 20 (platform 0, domain class A)
PCI sys_id: 0xA506 subsys_id 0x5100 (0x5101)
Unicast ciphers 0x1 mcast ciphers 0x1
Rid Ring:
A0000970: 009C8000 20ED1EA0 * n
Rx Ring:
A0000950: 893E0002 20ED3478 v, 893E0002 20EDEE60 v
A0000960: 893E0002 20EE4B54 v, 893E0002 20EDB068 * v
Tx Ring:
A0000800: 06108000 20ECFCE4 n, 009A8000 20ECD764 n
A0000810: 00AE8000 20ECF064 n, 010C8000 20ECD124 n
A0000820: 010C8000 20ECCE04 n, 010C8000 20ECE0C4 n
A0000830: 010C8000 20ECED44 n, 00668000 20ECB174 n
A0000840: 006A8000 20ECCA64 n, 010C8000 20ECDDA4 n
A0000850: 010C8000 20ECF6A4 n, 01848000 20ECF9C4 n
A0000860: 022A8000 20ECCE04 n, 01848000 20ECF9C4 n
A0000870: 06158000 20ED113C n, 01848000 20ECE3E4 n
A0000880: 022A8000 20ECF064 * n, 01188000 20ECD124 n
A0000890: 05688000 20ED0A74 n, 057C8000 20ED03AC n
A00008A0: 010C8000 20ECED44 n, 010C8000 20ECDDA4 n
A00008B0: 010C8000 20ECF6A4 n, 010C8000 20ECF9C4 n
A00008C0: 00748000 20ECB054 n, 05FC8000 20ED1804 n
TxDn Ring:
A0000930: 802C0000 20ED26A0 v, 802C0000 20ED2778 v
A0000940: 802C0000 20ED2850 * v, 802C0000 20ED2928 v
Multicast counters:
Internal MC counts:
28 (28) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0) 0 (0)
Log Buffer:
PowerPC405GP Ethernet unit 0
PHY Hardware is Intel LXT971 rev. 2 (id_register: 0x13, 0x78E2)
rx_intr: 0 tx_intr: 0 mac_err_isr: 0 phy_link_isr:0
Current station address 0012.d98b.0993, default address 0012.d98b.0993
MAL register dump:
malcr 0x0007C082 0x180
malesr 0x00000000 0x181
malier 0x0000000F 0x182
maltxcasr 0x80000000 0x184
maltxcarr 0x80000000 0x185
maltxeobisr 0x00000000 0x186
maltxdeir 0x00000000 0x187
malrxcasr 0x80000000 0x190
malrxcarr 0x80000000 0x191
malrxeobisr 0x00000000 0x192
malrxdeir 0x00000000 0x193
maltxctp0r 0x00EE6120 0x1A0
malrxctp0r 0x00EE6020 0x1C0
malrcbs0 0x00000060 0x1E0
EMAC register dump:
emacmr0 0x18000000 0x00
emacmr1 0xA1788000 0x04
emactmr0 0x00000000 0x08
emactmr1 0x380F0000 0x0C
emacrmr 0x7D180000 0x10
emacisr 0x00000002 0x14
emacier 0x00000001 0x18
emaciah 0x00000012 0x1C
emacial 0xD98B0993 0x20
emacptr 0x0000FFFF 0x2C
emaclsah 0x00000040 0x50
emaclsal 0x2B637E9B 0x54
emacipgr 0x00000004 0x58
emacstacr 0x47808011 0x5C
emactrtr 0x18000000 0x60
emacrwmr 0x0F002000 0x64
emacoctx 0x0132EA47 0x68
emacocrx 0x00C72D8B 0x6C
UIC register dump:
uicsr 0x00001FA3 0xC0
uicer 0x803F0048 0xC2
uicmsr 0x00000000 0xC6
PHY register dump:
3100 782D 0013 78E2 01E1 41E1 0007 2001 0000 0000 0000 0000 0000 0000 0000 0000
0384 4780 0032 0000 0422 0000 0000 0000 0000 0000 08C8 0000 0000 0000 0000
RX ring with 16 entries at 0xEE6020, Buffer size 1528
Rxhead = 0xEE6048 (5), Rxp = 0xB67360 (5)
00 pak=0x0B6D644 buf=0x0EF2BDC status=9C00 pak_size=0
01 pak=0x0B6CCA8 buf=0x0EF17A8 status=9C00 pak_size=0
02 pak=0x0B68C98 buf=0x0EE90F8 status=9C00 pak_size=0
03 pak=0x0B6BCA4 buf=0x0EEF5FC status=9C00 pak_size=0
04 pak=0x0B6DFE0 buf=0x0EF4010 status=9C00 pak_size=0
05 pak=0x0B6CFDC buf=0x0EF1E64 status=9C00 pak_size=0
06 pak=0x0B6C640 buf=0x0EF0A30 status=9C00 pak_size=0
07 pak=0x0B682FC buf=0x0EE7CC4 status=9C00 pak_size=0
08 pak=0x0B6E648 buf=0x0EF4D88 status=9C00 pak_size=0
09 pak=0x0B6E97C buf=0x0EF5444 status=9C00 pak_size=0
10 pak=0x0B6ECB0 buf=0x0EF5B00 status=9C00 pak_size=0
11 pak=0x0B6ACA0 buf=0x0EED450 status=9C00 pak_size=0
12 pak=0x0B68630 buf=0x0EE8380 status=9C00 pak_size=0
13 pak=0x0B6D310 buf=0x0EF2520 status=9C00 pak_size=0
14 pak=0x0B6C974 buf=0x0EF10EC status=9C00 pak_size=0
15 pak=0x0B6B63C buf=0x0EEE884 status=DC00 pak_size=0
TX ring with 8 entries at 0xEE6120, tx_count = 0
tx_head = 0xEE6148 (5), head_txp = 0xB673BC (5)
tx_tail = 0xEE6148 (5), tail_txp = 0xB673BC (5)
00 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
01 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
02 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
03 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
04 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
05 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
06 pak=0x0000000 buf=0x0000000 status=1400 pak_size=0
07 pak=0x0000000 buf=0x0000000 status=5400 pak_size=0
0 missed datagrams, 0 overruns
0 transmitter underruns, 0 excessive collisions
0 single collisions, 0 multiple collisions
0 dma memory errors, 0 CRC errors
0 alignment errors, 0 runts, 0 giants
emac/mal specific errors:
0 rx in range, 0 rx out range
0 mal_rx_serr, 0 mal_tx_serr
0 mal_rx_de, 0 mal_tx_de
0 emac_int
0 mal_err_isr
0 SQE errors, 0 tx CRC errors
0 output queue fail
------------------ show data-corruption ------------------
No data inconsistency errors have been recorded.
------------------ show file systems ------------------
File Systems:
Size(b) Free(b) Type Flags Prefixes
* 7741440 2734080 flash rw flash:
- - opaque rw bs:
7741440 2734080 unknown rw zflash:
- - opaque rw archive:
- - opaque rw system:
32768 29138 nvram rw nvram:
- - network rw tftp:
- - opaque rw null:
- - opaque ro xmodem:
- - opaque ro ymodem:
- - network rw rcp:
- - network rw ftp:
- - network rw http:
- - network rw scp:
- - network rw https:
------------------ show flash: ------------------
Directory of flash:/
2 -rwx 1048 Oct 15 2010 12:07:29 -04:00 private-multiple-fs
5 drwx 512 Oct 15 2010 10:36:30 -04:00 c1200-k9w7-mx.123-8.JEB1
4 -rwx 716 Feb 28 2002 19:06:22 -05:00 env_vars
146 -rwx 2549 Oct 15 2010 12:07:29 -04:00 config.txt
148 -rwx 5 Oct 15 2010 12:07:29 -04:00 private-config
7741440 bytes total (2734080 bytes free)
------------------ dir nvram: ------------------
Directory of nvram:/
30 -rw- 2549 <no date> startup-config
31 ---- 5 <no date> private-config
1 -rw- 0 <no date> ifIndex-table
32768 bytes total (29138 bytes free)
------------------ show memory statistics ------------------
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor A4AB84 4709500 2431436 2278064 1920552 2125904
I/O ECB000 1265664 468008 797656 727168 779580
------------------ show process memory ------------------
Total: 5975164, Used: 2899444, Free: 3075720
PID TTY Allocated Freed Holding Getbufs Retbufs Process
0 0 3373064 827724 1898920 0 0 *Init*
0 0 11804 7372856 11804 0 0 *Sched*
0 0 66125428 65999528 293168 434276 0 *Dead*
1 0 0 0 6416 0 0 Chunk Manager
2 0 188 188 3916 0 0 Load Meter
3 0 448120 443220 18392 0 0 HTTP CP
4 0 19548 0 25964 0 0 Check heaps
5 0 86364 207192 37368 49920 137052 Pool Manager
6 0 0 0 6416 0 0 AAA_SERVER_DEADT
7 0 188 188 6416 0 0 Timers
8 0 188 188 6416 0 0 AAA high-capacit
9 0 488 0 6904 0 0 SNTP
10 0 76 0 6492 0 0 ARP Input
11 0 3232 540 9108 0 0 Entity MIB API
12 0 0 0 6416 0 0 HC Counter Timer
13 0 188 188 6416 0 0 GraphIt
14 0 0 0 6416 0 0 Net Input
15 0 0 0 6416 0 0 Critical Bkgnd
16 0 19648 136 12180 0 0 Net Background
17 0 188 188 11916 0 0 Logger
18 0 188 188 6416 0 0 TTY Background
19 0 0 0 9916 0 0 Per-Second Jobs
20 0 188 188 6416 0 0 Compute load avg
21 0 0 0 6416 0 0 Per-minute Jobs
22 0 125880 59144 52956 0 0 Dot11 driver
23 0 188 188 6416 0 0 Dot11 driver log
24 0 0 0 6416 0 0 Voice Metrics Ta
25 0 0 0 6416 0 0 SOAP LED Process
26 0 188 188 6416 0 0 AAA Server
27 0 0 0 6416 0 0 AAA ACCT Proc
28 0 0 0 6416 0 0 ACCT Periodic Pr
29 0 2343100 10891400 16904 0 7173144 IP Input
30 0 0 0 6416 0 0 ICMP event handl
31 0 188 188 6416 0 0 AAA Dictionary R
32 0 47124 44272 9200 0 0 CDP Protocol
33 0 0 0 6416 0 0 linktest
34 0 964 964 9916 0 0 Dot11 aaa proces
35 0 0 0 9916 0 0 pmkid
36 0 188 6404 6416 0 0 Dot11 Mgmt & Ass
37 0 1636 1224 6644 0 0 AiroIAPP Protoco
38 0 188 188 6416 0 0 Triggered events
39 0 188 188 9916 0 0 Dot11 auth Dot1x
40 0 0 0 6416 0 0 Dot11 Mac Auth
41 0 1276 0 7692 0 0 Dot11CACprocess
42 0 0 1285716 11916 0 0 TCP Timer
43 0 0 0 11916 0 0 TCP Protocols
44 0 0 0 6416 0 0 Socket Timers
45 0 41144 11308 23364 0 0 DHCPD Receive
46 0 58666708 40499364 31400 6957504 101520 HTTP CORE
47 0 1072 188 12800 0 0 Soap Upgrade fet
48 0 10608 188 16836 0 0 DDP
49 0 344168 1754412 6416 0 0 LOCAL AAA
50 0 188 188 6416 0 0 AAA Cached Serve
51 0 188 188 6416 0 0 ENABLE AAA
52 0 188 188 6416 0 0 LINE AAA
54 0 2056 188 8284 0 0 TPLUS
55 0 604 188 9332 0 0 Crypto WUI
56 0 0 0 6416 0 0 EM Background Pr
57 0 188 308 6416 0 0 Soap Consoleless
58 0 72384 66968 14332 0 0 Crypto CA
59 0 0 0 8916 0 0 Crypto PKI-CRL
60 0 0 0 8916 0 0 Crypto SSL
61 0 2056 15044 6416 0 0 AAA SEND STOP EV
62 0 188 188 6416 0 0 Dot11 LBS Proc
63 0 0 0 6416 0 0 Syslog Traps
65 0 0 0 6416 0 0 DHCPD Timer
66 0 76 484 9992 0 0 DHCP Client
67 0 636960 188 22156 421308 0 HyBridge Input P
68 0 344 188 6588 0 0 Tbridge Monitor
69 0 344 188 6572 0 0 Spanning Tree
70 0 156 0 6628 0 0 DHCPD Database
2897284 Total
------------------ show process cpu ------------------
CPU utilization for five seconds: 16%/0%; one minute: 4%; five minutes: 1%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 0 1 0 0.00% 0.00% 0.00% 0 Chunk Manager
2 4 1196 3 0.00% 0.00% 0.00% 0 Load Meter
3 369 40 9225 0.00% 0.00% 0.00% 0 HTTP CP
4 764 611 1250 0.00% 0.00% 0.00% 0 Check heaps
5 9 44 204 0.00% 0.00% 0.00% 0 Pool Manager
6 0 1 0 0.00% 0.00% 0.00% 0 AAA_SERVER_DEADT
7 0 2 0 0.00% 0.00% 0.00% 0 Timers
8 0 9 0 0.00% 0.00% 0.00% 0 AAA high-capacit
9 8 158 50 0.00% 0.00% 0.00% 0 SNTP
10 1034 5268 196 0.00% 0.02% 0.00% 0 ARP Input
11 2 2 1000 0.00% 0.00% 0.00% 0 Entity MIB API
12 2 1494 1 0.00% 0.00% 0.00% 0 HC Counter Timer
13 2 5973 0 0.00% 0.00% 0.00% 0 GraphIt
14 0 11 0 0.00% 0.00% 0.00% 0 Net Input
15 0 1 0 0.00% 0.00% 0.00% 0 Critical Bkgnd
16 34 1906 17 0.00% 0.00% 0.00% 0 Net Background
17 4 101 39 0.00% 0.00% 0.00% 0 Logger
18 24 5969 4 0.00% 0.00% 0.00% 0 TTY Background
19 5 5998 0 0.00% 0.00% 0.00% 0 Per-Second Jobs
20 0 1196 0 0.00% 0.00% 0.00% 0 Compute load avg
21 433 127 3409 0.00% 0.00% 0.00% 0 Per-minute Jobs
22 587 181376 3 0.00% 0.00% 0.00% 0 Dot11 driver
23 0 2 0 0.00% 0.00% 0.00% 0 Dot11 driver log
24 2 1200 1 0.00% 0.00% 0.00% 0 Voice Metrics Ta
25 44 39944 1 0.00% 0.00% 0.00% 0 SOAP LED Process
26 238 3309 71 0.00% 0.00% 0.00% 0 AAA Server
27 0 1 0 0.00% 0.00% 0.00% 0 AAA ACCT Proc
28 0 1 0 0.00% 0.00% 0.00% 0 ACCT Periodic Pr
29 10607 39208 270 0.31% 0.16% 0.09% 0 IP Input
30 0 1 0 0.00% 0.00% 0.00% 0 ICMP event handl
31 0 2 0 0.00% 0.00% 0.00% 0 AAA Dictionary R
32 96 999 96 0.00% 0.00% 0.00% 0 CDP Protocol
33 2 5997 0 0.00% 0.00% 0.00% 0 linktest
34 14 115 121 0.00% 0.00% 0.00% 0 Dot11 aaa proces
35 1 100 10 0.00% 0.00% 0.00% 0 pmkid
36 116 2261 51 0.00% 0.00% 0.00% 0 Dot11 Mgmt & Ass
37 18 7228 2 0.00% 0.00% 0.00% 0 AiroIAPP Protoco
38 0 2 0 0.00% 0.00% 0.00% 0 Triggered events
39 0 2 0 0.00% 0.00% 0.00% 0 Dot11 auth Dot1x
40 0 1 0 0.00% 0.00% 0.00% 0 Dot11 Mac Auth
41 2 1200 1 0.00% 0.00% 0.00% 0 Dot11CACprocess
42 59 2009 29 0.00% 0.00% 0.00% 0 TCP Timer
43 0 1 0 0.00% 0.00% 0.00% 0 TCP Protocols
44 0 1 0 0.00% 0.00% 0.00% 0 Socket Timers
45 14 54 259 0.00% 0.00% 0.00% 0 DHCPD Receive
46 48468 30304 1599 9.35% 1.66% 0.36% 0 HTTP CORE
47 0 2 0 0.00% 0.00% 0.00% 0 Soap Upgrade fet
48 0 2 0 0.00% 0.00% 0.00% 0 DDP
49 707 3309 213 0.00% 0.02% 0.00% 0 LOCAL AAA
50 1 2 500 0.00% 0.00% 0.00% 0 AAA Cached Serve
51 0 2 0 0.00% 0.00% 0.00% 0 ENABLE AAA
52 0 2 0 0.00% 0.00% 0.00% 0 LINE AAA
54 0 2 0 0.00% 0.00% 0.00% 0 TPLUS
55 0 3 0 0.00% 0.00% 0.00% 0 Crypto WUI
56 0 1 0 0.00% 0.00% 0.00% 0 EM Background Pr
57 1 3 333 0.00% 0.00% 0.00% 0 Soap Consoleless
58 6 4 1500 0.00% 0.00% 0.00% 0 Crypto CA
59 0 1 0 0.00% 0.00% 0.00% 0 Crypto PKI-CRL
60 0 1 0 0.00% 0.00% 0.00% 0 Crypto SSL
61 3 16 187 0.00% 0.00% 0.00% 0 AAA SEND STOP EV
62 0 2 0 0.00% 0.00% 0.00% 0 Dot11 LBS Proc
63 0 1 0 0.00% 0.00% 0.00% 0 Syslog Traps
65 0 50 0 0.00% 0.00% 0.00% 0 DHCPD Timer
66 8 6027 1 0.00% 0.00% 0.00% 0 DHCP Client
67 8349 84826 98 0.55% 0.17% 0.10% 0 HyBridge Input P
68 14 6744 2 0.00% 0.00% 0.00% 0 Tbridge Monitor
69 0 2 0 0.00% 0.00% 0.00% 0 Spanning Tree
70 0 1690 0 0.00% 0.00% 0.00% 0 DHCPD Database
------------------ show process cpu history ------------------
AP_WLAN_Bakery 12:32:06 PM Friday Oct 15 2010 -0400
1133333
667777766666
100
90
80
70
60
50
40 *****
30 *****
20 *******
10 ************
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per second (last 60 seconds)
7 37 78 7 8
11 121961 87 1 3 1 1
100
90 *
80 ** *
70 * * ** * *
60 * * ** * *
50 * * ** * *
40 * ** ** * *
30 * ** ** * *
20 * ** #* * *
10 #*## ## # #
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per minute (last 60 minutes)
* = maximum CPU% # = average CPU%
8
8
100
90 *
80 *
70 *
60 *
50 *
40 *
30 *
20 *
10 *
0....5....1....1....2....2....3....3....4....4....5....5....6....6....7.
0 5 0 5 0 5 0 5 0 5 0 5 0
CPU% per hour (last 72 hours)
* = maximum CPU% # = average CPU%
------------------ show dot11 associations all-client ------------------
------------------ show wlccp ap mobility traffic ------------------
------------------ show wlccp ap mobility forwarding ------------------
------------------ show inventory ------------------
NAME: "AP1210", DESCR: "Cisco Aironet 1200 Series Access Point"
PID: ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ, VID: ÿÿÿ, SN: FTX0902R2V1
------------------ Mempool statistics ------------------
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor A4AB84 4709500 2431000 2278500 1920552 2125904
I/O ECB000 1265664 468008 797656 727168 779580
------------------ show memory summary -----------------
Processor memory
Alloc PC Size Blocks Bytes What
0x4790 0000000080 0000000001 0000000080 ACL Header
0x47A4 0000000024 0000000001 0000000024 Init
0x9FD4 0000000036 0000000001 0000000036 Init
0x9FFC 0000000040 0000000001 0000000040 Init
0xA018 0000000024 0000000001 0000000024 Init
0xA040 0000000036 0000000001 0000000036 Init
0xA134 0000000060 0000000001 0000000060 Init
0xF9D0 0000000024 0000000001 0000000024 HTTP CP
0xFAF8 0000000024 0000000001 0000000024 HTTP CP
0xFB6C 0000000076 0000000001 0000000076 HTTP CP
0xFC04 0000000024 0000000001 0000000024 HTTP CP
0xFC60 0000000028 0000000001 0000000028 HTTP CP
0xFD58 0000000024 0000000001 0000000024 Init
0xFDC4 0000000024 0000000001 0000000024 Init
0xFF2C 0000000036 0000000001 0000000036 HTTP CP
0xFF2C 0000000044 0000000001 0000000044 HTTP CP
0x11034 0000000024 0000000001 0000000024 Init
0x15750 0000004096 0000000001 0000004096 Init
0x1DD08 0000000120 0000000001 0000000120 Ion New Block
0x1F474 0000000024 0000000001 0000000024 LOGIN UNC PW
0x1F474 0000000056 0000000001 0000000056 LOGIN PWC (Free Blocks)
0x1F610 0000000080 0000000001 0000000080 local_aaa_authen2 (Free Blocks)
0x24F64 0000004784 0000000001 0000004784 (coalesced) (Free Blocks)
0x24F64 0000013956 0000000001 0000013956 (coalesced) (Free Blocks)
0x264F4 0000000512 0000000001 0000000512 Init
0x2CDF8 0000004312 0000000001 0000004312 TTY data
0x2E994 0000001500 0000000001 0000001500 String-DB entries
0x2E9BC 0000001500 0000000001 0000001500 String-DB owners
0x2E9E4 0000000776 0000000001 0000000776 String-DB handles
0x2E9FC 0000001024 0000000001 0000001024 String DB Hash Table
0x2F154 0000000024 0000000002 0000000048 SDB String
0x2F714 0000000176 0000000001 0000000176 SDB Owner info
0x2FF28 0000004312 0000000006 0000025872 TTY data
0x336E8 0000002000 0000000001 0000002000 TTY Input Buf
0x33720 0000000512 0000000001 0000000512 TTY Output Buf
0x3E6C0 0000000052 0000000003 0000000156 MAC ADDR subblock
0x40DA8 0000003000 0000000002 0000006000 keepalive sb chunk
0x42490 0000065536 0000000001 0000065536 Parseinfo Blocks
0x424B8 0000000364 0000000001 0000000364 tokenQ node
0x424E0 0000000432 0000000001 0000000432 Chain Cache Nodes
0x42508 0000032768 0000000001 0000032768 Parse Nodes
0x46E18 0000000120 0000000001 0000000120 Init
0x47028 0000000060 0000000001 0000000060 Init
0x47458 0000000024 0000000034 0000000816 Init
0x4755C 0000010000 0000000001 0000010000 Parser Linkage
0x47938 0000000056 0000000053 0000002968 Parser Mode
0x47938 0000000108 0000000001 0000000108 Parser Mode
0x479A4 0000000024 0000000054 0000001296 Parser Mode Q1
0x479C8 0000000024 0000000054 0000001296 Parser Mode Q2
0x49FA8 0000000432 0000000001 0000000432 Chain Cache No
0x4A070 0000000432 0000000009 0000003888 Chain Cache No
0x4A070 0000000432 0000000001 0000000432 Chain Cache No (Free Blocks)
0x4A070 0000000548 0000000001 0000000548 (coalesced) (Free Blocks)
0x4A160 0000000432 0000000001 0000000432 Chain Cache No
0x4FCD4 0000000256 0000000001 0000000256 HTTP CP
0x548F4 0000000032 0000000016 0000000512 Parser Alias
0x54924 0000000024 0000000016 0000000384 Init
0x5C338 0000004616 0000000001 0000004616 (coalesced) (Free Blocks)
0x5D464 0000000024 0000000001 0000000024 HTTP CP
0x5D4E4 0000000024 0000000001 0000000024 HTTP CP
0x65394 0000000024 0000000008 0000000192 Cond Debug definition
0x698F0 0000000068 0000000003 0000000204 GraphIt Data
0x6990C 0000001316 0000000003 0000003948 Graphit Client
0x69920 0000000024 0000000002 0000000048 Init
0x69920 0000000032 0000000001 0000000032 Init
0x73254 0000000164 0000000002 0000000328 Init
0x73278 0000000164 0000000002 0000000328 Init
0x7329C 0000000164 0000000002 0000000328 Init
0x7B12C 0000000164 0000000001 0000000164 Init
0x7B150 0000000164 0000000001 0000000164 Init
0x7B174 0000000164 0000000001 0000000164 Init
0x83E48 0000000060 0000000001 0000000060 HTTP CP
0x842C0 0000000044 0000000001 0000000044 HTTP CP
0x86C40 0000032772 0000000001 0000032772 Init
0x8AD2C 0000000024 0000000002 0000000048 AAA Secrettype
0x8AD64 0000000024 0000000002 0000000048 AAA Secrettype encrypt
0x8ADD0 0000000024 0000000002 0000000048 AAA_Secrettype pw
0x8B254 0000000192 0000000002 0000000384 AAA SG HEAD
0x8B294 0000000024 0000000002 0000000048 AAA SG NAME
0x8BFA8 0000000060 0000000001 0000000060 AAA MI SG NAME
0x8D1AC 0000003200 0000000001 0000003200 AAA attr list handle IDs
0x8DBA8 0000001024 0000000001 0000001024 AAA attr list handle IDs
0x9AE18 0000004096 0000000001 0000004096 AAA Unique Id Hash Table
0x9AED8 0000065536 0000000001 0000065536 AAA DB Chunk
0x9EFE8 0000020000 0000000001 0000020000 AAA Acct DB chunk
0xA0EA0 0000016336 0000000001 0000016336 AAA Acct Rec chunk
0xAFBC4 0000002048 0000000001 0000002048 AAA SG ID table
0xAFE78 0000001024 0000000003 0000003072 AAA SG ID table
0xB3D68 0000000032 0000000001 0000000032 Init
0xB4388 0000000024 0000000001 0000000024 AAA nvgend sg elt
0xB4388 0000000052 0000000001 0000000052 AAA nvgend sg elt
0xB43C0 0000000132 0000000002 0000000264 AAA Public Server Group
0xB4400 0000000028 0000000002 0000000056 AAA Public Server Group wrapper
0xB4448 0000000024 0000000002 0000000048 AAA pub SG servers
0xB44CC 0000000024 0000000002 0000000048 AAA pub SG wrap name
0xB4510 0000000024 0000000002 0000000048 AAA pub SG name
0xBC014 0000000776 0000000275 0000213400 *Free Packet Header*
0xBC014 0000000788 0000000001 0000000788 *Free Packet Header*
0xBC014 0000000804 0000000001 0000000804 *Free Packet Header*
0xBC014 0000000828 0000000001 0000000828 *Free Packet Header*
0xBC014 0000001408 0000000001 0000001408 (coalesced) (Free Blocks)
0xBC014 0000008480 0000000001 0000008480 (coalesced) (Free Blocks)
0xBCA88 0000000776 0000000003 0000002328 *In-use Packet Header*
0xC1274 0000004000 0000000001 0000004000 Packet Elements
0xC3B00 0000000184 0000000001 0000000184 IRB/CRB rxtypes
0xC3EE4 0000004712 0000000005 0000023560 *Hardware IDB*
0xC3EFC 0000001400 0000000005 0000007000 *Software IDB*
0xC4440 0000000024 0000000003 0000000072 HTTP CP
0xC4440 0000000076 0000000001 0000000076 HTTP CP
0xC4494 0000000024 0000000003 0000000072 HTTP CP
0xC4494 0000000080 0000000001 0000000080 HTTP CP
0xC4580 0000000184 0000000004 0000000736 IRB/CRB rxtypes
0xC4948 0000000048 0000000001 0000000048 HTTP CP
0xC4948 0000000052 0000000001 0000000052 HTTP CP
0xC4CB8 0000001400 0000000004 0000005600 *Software IDB*
0xC5864 0000000024 0000000004 0000000096 Init
0xC58E0 0000000024 0000000004 0000000096 Init
0xC8118 0000000032 0000000004 0000000128 IP Input
0xED1F0 0000035292 0000000001 0000035292 IDB List Element Chunks
0xFF3C0 0000000024 0000000059 0000001416 Init
0xFF7C4 0000000104 0000000008 0000000832 Init
0xFF7D4 0000000024 0000000006 0000000144 Init
0xFF7D4 0000000076 0000000001 0000000076 Init
0xFF7D4 0000000080 0000000001 0000000080 Init
0xFF8F4 0000000024 0000000001 0000000024 Init
0xFF9A4 0000000024 0000000007 0000000168 Init
0x102F38 0000010000 0000000001 0000010000 AAA chunk
0x103140 0000004616 0000000001 0000004616 AAA Acct AVLnode chunk
0x107F7C 0000000100 0000000001 0000000100 AAA MLIST
0x1081E8 0000000092 0000000001 0000000092 AAA MLIST
0x108A7C 0000001024 0000000002 0000002048 AAA mlist ID table
0x118430 0000001500 0000000007 0000010500 List Elements
0x119688 0000001500 0000000001 0000001500 List Elements
0x1196C8 0000005000 0000000001 0000005000 List Headers
0x11D7D4 0000001032 0000000001 0000001032 Process Array
0x11F5B0 0000000640 0000000068 0000043520 Process
0x11F5B0 0000000856 0000000001 0000000856 (coalesced) (Free Blocks)
0x1213A8 0000001500 0000000001 0000001500 Watched Semaph
0x1219A4 0000000144 0000000064 0000009216 Process Events
0x1219A4 0000000160 0000000002 0000000320 Process Events
0x1219A4 0000000172 0000000001 0000000172 Process Events
0x1219A4 0000000200 0000000001 0000000200 Process Events
0x1219A4 0000000208 0000000001 0000000208 Process Events
0x1219A4 0000000256 0000000001 0000000256 (coalesced) (Free Blocks)
0x1219A4 0000000432 0000000001 0000000432 (coalesced) (Free Blocks)
0x1219A4 0000000556 0000000001 0000000556 (coalesced) (Free Blocks)
0x123C24 0000001500 0000000001 0000001500 messages
0x123C50 0000001500 0000000001 0000001500 Watched messages
0x123C7C 0000010000 0000000001 0000010000 Watched Queue
0x123CA4 0000005000 0000000001 0000005000 Watched Boolean
0x123CCC 0000005000 0000000001 0000005000 Watched Bitfield
0x123CF4 0000001500 0000000001 0000001500 Watched Semaphore
0x123D18 0000005000 0000000001 0000005000 Watcher Info
0x123D40 0000000500 0000000001 0000000500 Watched Message Queue
0x123D68 0000001500 0000000001 0000001500 Watcher Message Queue
0x123D90 0000003000 0000000001 0000003000 Read/Write Locks
0x126050 0000002000 0000000001 0000002000 Reg Function 12
0x126078 0000001500 0000000001 0000001500 Reg Function iList
0x1260A0 0000001500 0000000001 0000001500 Reg Function Caselist
0x126118 0000002000 0000000005 0000010000 Reg Function 1
0x12657C 0000002000 0000000001 0000002000 Reg Function 1
0x129F50 0000000024 0000000002 0000000048 *Sched*
0x129F50 0000000032 0000000001 0000000032 *Sched*
0x129F50 0000000044 0000000008 0000000352 *Sched*
0x12A228 0000000256 0000000001 0000000256 Init
0x12C5F8 0000003000 0000000001 0000003000 CCA CCB chunks
0x12CDBC 0000000048 0000000008 0000000384 CCA Component
0x12CE24 0000000024 0000000007 0000000168 CCA Notification Flags
0x12CE24 0000000048 0000000001 0000000048 CCA Notification Flags
0x12CE84 0000003000 0000000008 0000024000 Keepalive
0x12CFF4 0000000024 0000000003 0000000072 CCA UserType
0x12D0A8 0000003000 0000000001 0000003000 CCA CLA chunks
0x1301C0 0000000024 0000000001 0000000024 TW Wheels
0x130200 0000016384 0000000003 0000049152 TW Buckets
0x13AA18 0000000112 0000000006 0000000672 Process Signals
0x13B01C 0000003000 0000000001 0000003000 Process Stack
0x13B01C 0000005500 0000000049 0000269500 Process Stack
0x13B01C 0000008000 0000000004 0000032000 Process Stack
0x13B01C 0000009000 0000000006 0000054000 Process Stack
0x13B01C 0000011000 0000000009 0000099000 Scheduler Stack
0x13B01C 0000018000 0000000001 0000018000 Interrupt Stack
0x13B01C 0002125900 0000000001 0002125900 (coalesced) (Free Blocks)
0x14F6BC 0000020000 0000000001 0000020000 Managed Chunk Queue Elements
0x151870 0000000068 0000000001 0000000068 (fragment) (Free Blocks)
0x1559A8 0000000296 0000000008 0000002368 Pool Info
0x155F84 0000000032 0000000001 0000000032 Pool Cache
0x15AF2C 0000000264 0000000001 0000000264 CLASSMAP_MODULE
0x15B7B0 0000000104 0000000001 0000000104 CLASSMAP_MODULE
0x15B8D0 0000000136 0000000001 0000000136 CLASSMAP_MODULE
0x15B8F0 0000000024 0000000001 0000000024 CLASSMAP_MODULE
0x15BA20 0000000024 0000000001 0000000024 CLASSMAP_MODULE
0x1826A8 0000000256 0000000001 0000000256 Init
0x182B78 0000000256 0000000001 0000000256 Init
0x1875C0 0000000776 0000000002 0000001552 *In-use Packet Header*
0x188DF4 0000000288 0000000003 0000000864 SNTP
0x188DF4 0000000332 0000000001 0000000332 DDP
0x1904D0 0000000776 0000000001 0000000776 *In-use Packet Header*
0x193CB8 0000001184 0000000005 0000005920 TCP CB
0x193CB8 0000000728 0000000001 0000000728 (fragment) (Free Blocks)
0x1A86AC 0000003000 0000000001 0000003000 IP Addresses
0x1AE490 0000000024 0000000004 0000000096 HTTP CP
0x1AE490 0000000032 0000000001 0000000032 Dot11 driver
0x1AE490 0000000048 0000000001 0000000048 AiroIAPP Protocol
0x1AE490 0000000068 0000000001 0000000068 HTTP CP
0x1CDDA0 0000000280 0000000004 0000001120 Init
0x1CDDAC 0000000068 0000000004 0000000272 Init
0x1EB928 0000005000 0000000001 0000005000 ip localpool
0x1EFFC4 0000000024 0000000001 0000000024 Init
0x1F9E40 0000001652 0000000003 0000004956 HTTP CORE
0x1F9EC8 0000000128 0000000003 0000000384 DHCPD Receive
0x1FBF20 0000000172 0000000002 0000000344 DHCPD Receive
0x1FBF20 0000000232 0000000001 0000000232 HTTP CORE
0x1FBF20 0000000500 0000000001 0000000500 (coalesced) (Free Blocks)
0x1FF2DC 0000000040 0000000001 0000000040 DHCPD Receive
0x206B78 0000000024 0000000003 0000000072 Init
0x206BA8 0000000024 0000000003 0000000072 Init
0x20BE88 0000001500 0000000001 0000001500 Syslogd Messages chunk
0x20FEF0 0000000024 0000000001 0000000024 Init
0x221B18 0000010000 0000000001 0000010000 Time Range Entry Chunks
0x221B40 0000003000 0000000001 0000003000 Time Range Item Chunks
0x221B68 0000001500 0000000001 0000001500 Time Range User Chunks
0x2221E4 0000000036 0000000016 0000000576 Init
0x222214 0000000040 0000000016 0000000640 Init
0x2233CCHi,
if you remove "encryption mode ciphers aes-ccm tkip" from the radio interface does it help?
it should remain like this:
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 1 mode ciphers aes-ccm tkip
ssid WLAN_Corporate
ssid WLAN_HartKitGuest
HTH,
Tiago
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it. -
Using multiple SSID with AP 1100 (standalone mode).
Hi, need to configure 2 SSID on the same 1100 AP: open authentication and WPA2. It's possible to configure these 2 SSID without configuring VLAN's ?
On CCO I've read the following:
http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item09186a008009483e.shtml
Q. How many service set identifiers (SSIDs) can you have per VLAN?
A. You can have only one SSID per VLAN. The use of multiple SSIDs over a single VLAN is not supported with Aironet APs.
It's also true with the latest IOS release ?Hi Roberto,
Hopefully the attached docs will answer your question:
Cisco Aironet 1100 Series
Using VLANs with Cisco Aironet Wireless Equipment
Deprecated versions of Cisco Aironet software permit binding multiple SSIDs to one VLAN. Current versions do not.
http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml#
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.2(15)JA
Configuring Multiple SSIDs
vlan vlan-id
(Optional) Assign the SSID to a VLAN on your network. Client devices that associate using the SSID are grouped into this VLAN. You can assign only one SSID to a VLAN.
http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_guide_chapter09186a00802085c4.html
Hope this helps!
Rob
Please remember to rate helpful posts....... -
Multiple SSID with different Login Web authority pages
Our current setup is one Anchor control and then several WLC’s, I want to know if I can have multiple SSID and use different Web Auth pages form them, so I can have a SSID that requires a password to Authentication access and another SSID that requires pass through Authentication but they would have different web authentication pages and go to different pages once Authenticated.
Is this possible to ?Hi,
If you are running WLC software 4.2 and above then u can do this on per WLAN basis.. here is the link which tells on how to do it..
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008067489f.shtml#A1
Lemme know if this answered ur question and please dont forget to rate the usefull posts!!
Regards
Surendra -
WLC 5760 multiple SSIDs with MAC filtering
Dear All,
I am implementing a wireless network with 5760 WLCs. The client requires a few SSIDs with MAC-based authentication. So I created different MAC filters using the commands "aaa authorization network MAC_FILTER01 local", "aaa authorization network MAC_FILTER02 local" etc
These filters are bound to different SSIDs using the commands "mac-filtering MAC_FILTER01" "mac-filtering MAC_FILTER02" etc. and users are added to their required MAC filters using the commands "username <mac-address> mac aaa attribute list MAC_FILTER01", "username <mac-address> mac aaa attribute list MAC_FILTER02" etc.
Now I am facing a serious issue - users belonging to any one MAC filter can connect to the all SSIDs. It seems like the MAC addresses added to the controller under different filter names are going to a common database, thereby providing access to users to all SSIDs irrespective of their MAC filter.
Is it a limitation of local database of 5760? Has anyone faced the same issue? How can I implement independent MAC filters bound to different SSIDs?
Thanks,
Arun JohnHi Arun,
this feature currently does not exist on the 5760. it is due to release in one of the MR's of 3.6
-Joseph -
Multiple SSIDs with Multiple (split) VLANs & GW ---- for shopping mall
Hi Experts,
I suppose to sell the shared infrastructure service. Now I'm holding a couple of 8500 (HA). With almost 450 APs.
I'm designing my actual WiFi service for this "Shopping Mall" to retails.
Each of retail shop should own his AP inside their own shop. The AP should ONLY broadcast his own SSID such "Starbucks-WIFI". Each shop sholud not be able to hook into the other shops network.
Problem are
If I have 100-500 customers/retail shops. Can I achieve my goal with a ginven WLC8500?
How many SSID can be actived at once?
How many AP group can be configured and turned on at once?
What would be the actual topology which is the best practice for? --- IMO, shop broadcast their own SSID >> access switch dedicated VLAN >> VRF (64VRF max @ CAT4500) or dedicated GW at Firewall >> dedicated internet link.
I found some relevant post but it not explitict to my env. Wireless Max SSID on WLC and AP | Getting Started with Wireless ...
Cheer & Br,
Nipat.pHow many SSID can be actived at once?
Go to WLAN > Advanced > AP Groups.
All APs fall into the default-group. Each AP can advertise a maximum of 16 SSIDs. If you are smart, you can create a number of AP Groups and individual APs can be assigned to a specific AP Group. One of the main selling point with AP Groups is the ability to assign specific SSIDs. So if you create an AP Group called Starsbuck and in the AP Group you assign only the Starsbuck SSID and then assign only one AP then this AP will ONLY advertise the specified SSID.
Good news is the 8500 can support up to 6K AP Groups (read THIS). -
Trying to setup 1131 in autonomous mode with multiple ssids and vlans
hi there,
I'm trying to setup an aironet 1131 in autonomous mode with a WLAN for each VLAN.
I can connect to the SSID "BLUGstaff" but I don't pick up a DHCP address and when I set a static IP I can't anything on the vlan so I can only assume I have made an error.
I have attached the config for the access point.
The switch port the access point connects to has the following config...
interface FastEthernet1/0/3
description ## Access Point ##
switchport trunk encapsulation dot1q
switchport trunk native vlan 121
switchport trunk allowed vlan 1,121-124
switchport mode trunk
spanning-tree portfast
end
Can anyone explain what I've done wrong? Thanks in advance for any help,
HuwHello Huw,
as i see in your confirguartion.
native VLAN is 121. so you have to correct following in your AP configuration
1) interface Dot11Radio0.121
encapsulation dot1Q 121 native
bridge-group 121 ->>>>>>>>>>>>>>>> change this to brige-group 1 , native always tied to bridge group 1
2)
interface FastEthernet0.121
encapsulation dot1Q 121
add also under this sub interface
bridge-group 1
please let me know how it goes.
Kind regards
Talal
==========
please rate answers that you find useful , and mark as answered - when it is :-) - so others can find it easily -
Can the RV180W have multiple SSIDs with different security configurations?
I am trying to configure the RV180W with a guest network and regular wireless network. The regular wireless network is just a bridge to the wired network, using WPA2-Pers for authentication. I built and enabled another wireless SSID, using a different VLAN and no authentication. I can get both SSIDs to function at the same time if I turn off security. Once I turn on Security, the regular one no longer functions.
It is actually all in the manual:
SEE: PDF MANUAL
Page 63 of PDF and onwards
Do note that you need to assign multiple VLAN per SSID. Check the manual it is there :D
and based on the manual you need to enable multiple VLAN support: See page 34 of the manual: Configuring Virtual LAN (VLAN) Membership
Don't forget to rate and mark as answer helpful posts! :) -
Multiple SSIDs with WDS, custom DHCP addresses, & Web interface
I just bought an Aiport Extreme Base station along with an Aiport Express. So far, everything is great, but I had a few of things I would like configure a certain way, and I am having a little problem.
Just to let you know, I am using the base station as the main router/firewall (with my cable modem). I am using the express basically as a wireless bridge (via WDS).
The way Apple takes care of things with WDS, is by assiging the same SSID to both the base station and express for seamless roaming. However, I would like them both to have their own SSID. I cannot seem to get this working, and I know that some other vendors allow this (Buffalo, Linksys).
The other issue is regarding DHCP on the LAN side. I want to for example hand out IP addresses 192.168.2.50-60 to my internal clients, and I want the base station to have an address of 192.168.2.1 and the express to have 192.168.2.5. It seems this also I am having problems with. It seems like the base station is very rigid on what options I have in this regard.
Lastly, I wondered if there is any other way to administer these guys (like a web browser). Sometimes I need to remotely make changes to the router, and don’t really want to install another app just for this purpose (especially at work, or some other remote location).
Thanks
Mac Mini 1.25 GHz Mac OS X (10.4.3) 1 Gig of RAMThe way Apple takes care of things with WDS, is by
assiging the same SSID to both the base station
and
express for seamless roaming. However, I would
like
them both to have their own SSID.
I don't know why you'd want that but if you are
extending the range of your wireless network with WDS
it isn't possible with Airports.
The other issue is regarding DHCP on the LAN side.
I
want to for example hand out IP addresses
192.168.2.50-60 to my internal clients, and I want
the base station to have an address of 192.168.2.1
and the express to have 192.168.2.5. It seems this
also I am having problems with.
You can set the DHCP range and then assign static
IP's to anything that conforms to that network as
long as it won't conflict with something
automatically assigned by DHCP. As a router NAT must
be enabled so if you want a unique range of numbers
only DHCP is used which won't work in your case.
In other words set the range at 192.168.1.1 and that
is the address of the base station. That can be used
for the statically IP'd device's router and DNS
entries as well like this:
Device 1 IP 192.168.1.101
Device 1 subnet 255.255.255.0
Device 1 router 192.168.1.1
Device 1 DNS 192.168.1.1
Device 2 IP 192.168.1.102
Device 2 subnet 255.255.255.0
Device 2 router 192.168.1.1
Device 2 DNS 192.168.1.1
etc...
Lastly, I wondered if there is any other way to
administer these guys (like a web browser).
Not that I'm aware of. Airport Admin Utility is all
there is. I have seen a java utility but it wasn't
very friendly.
Thanks for the answers. Despite these minor limitations, so far the Apple hardware is some of the best 802.11 stuff I have used (except for maybe a Cisco 1200). -
Using multiple SSIDs with same name but different PSKs
I have a central WLC 2504 controller that is being used for remote site FlexConnect 1141 APs. They all advertise three different SSIDs. One SSID is a global SSID that is the same at every office. One is a hidden SSID using 802.1x machine auth.
The one I am trying to get working is the local office guest network. These SSIDs are all the same at each office but should have different PSKs. They are local to the office, therefore would only ever be applied to a specific FlexConnect group.
I understand why in theory this is generally not a good idea but given these are for remote sites I'd like it to be possible. I always get this message though:
"WLAN with duplicate SSID and L2 security policy found"
Is there a way around this? New WLC code that allows it maybe?I was able to configure three (more I think possible) WLANs with same SSID name and all are WPA2-AES-PSK on the same WLC and all are enabled at hte same time.
Note that you can not have any of those broadcasting on same AP group. Each WLAN can be only broadcasted on a separate AP group. For your sites, It will probably need you to define an AP group for each site to broadcast different WLANs on different sites.
You can do that if all your WLANs have an ID of 17 or higher. (the reason is, WLANs of 1-16 are by default broadcasted on the default AP group. and because those can not be on the same AP group - including the default one - then you can't have them with WLAN IDs 1-16. i.e on same - default - AP group)
HTH
Amjad
rating useful replies is more useful than saying "Thank you" -
Is it possible to do multiple ssids and encryptions on an autonomous AP without vlans?
I got a customer who just has autonomous APs. They are upgrading from 1210s to 1262s. They are currently running a config that is wide open with no authentication or encryption and using a VPN tunnel on the wireless clients for security. They want to switch to using WPA2/PSK with the new APs. They have existing clients that have to continue to work during the upgrade to the new APs. They run 3 shifts so it is a 24 hr operation with no downtime. What I was thinking would be to configure the 1262 with multiple SSIDs, one with their existing settings and one with the new. Then I could swap the APs one at a time and it would only impact service for a short period of time while I was mounting the new AP. Then once all the new APs are installed I could transition the clients over to the new SSID and encryption then disable the old SSID once all the clients are switched over. I've done this before with a WLC but not with an autonomous APs. The only config examples I can find uses VLANs. This customer is not using VLANs. Is there anyway to use multiple SSIDs with different encryption on a single radio on an autonomous 1262 without VLANs?
The site has about 30 APs and 100 clients. Yes I know a controller would be preferred for a site of this size but that is a question for sales and why they didn't see them a controller. I just get stuck with what they sell them.
thanksHi Don,
Im afraid on the autonmous platform you can not map multiple WLANS to a single vlan.
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection." -
WAP200 and .1x/radius authentication with multiple SSIDs
Apparently it's not possible to define more than a single radius server when using multiple SSIDs with WAP200. Unfortunately WAP200 doesn't add the name of the SSID as a radius attribute, so it's not possible to make distinction whether the user is trying to log in to SSID A or B. Does anyone have any ideas or workarounds for this limitation? Of course the best solution would be if Cisco/Linksys fixed the firmware so that the SSID of the logging in user would be sent to the radius server as an extra attribute or appended to the client mac address.
Security option for an SSID can be unique and can be configured when you configure a SSID or under VLAN . Note that each vlan is uniquely mapped to induvidual SSID.
-
1242AG Bridge, VLAN and Multiple SSIDs
I have two buildings that I'm trying to configure a bridge in between them using 2 1242AG APs.
Building A
PCOFFICE SSID on VLAN 200 Radio G
ROOT_1 SSID on Native VLAN 1 Radio A
Root Bridge
Building B
FDAPC SSID on Native VLAN 1 Radio G
ROOT_1 SSID on Native VLAN 1 Radio A
We are using directional antenna. I know they are lined up properly because I have them both down and in front of me. I'm getting an error on the Building B AP that says "
No SSID with VLAN configured. Dot11Radio1 not started." and I'm unable to get this to work. The bridge was working before I added the VLAN and encryption/WPA information for the PCOFFICE and FDAPC SSIDs
Any assistance would be amazing. Thanks! Please see attached files for configurations. I know the switch is configured properly because I had this working before and forgot to save the damn configuration off the devices. I'm not having to do it over from scratch.That did not work.
I've managed to fix the ROOT_1 and FDAPC... now I'm having an issue where I can attempt to connect to the PCOFFICE SSID but I'm unable to get a DHCP address from the server.
Here is the config for the AP with PCOFFICE on it and the switch.
SWITCH
interface GigabitEthernet3/2
switchport trunk allowed vlan 1,200
switchport mode trunk
interface Vlan1
ip address 192.168.3.4 255.255.255.0
interface Vlan200
ip address 192.168.30.2 255.255.255.0
ip helper-address 192.168.3.98
ip default-network 192.168.3.0
ip route 0.0.0.0 0.0.0.0 192.168.3.1
no ip http server
ACCESS POINT
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname AP1_ROOT_AP
enable secret 5 REMOVED
ip subnet-zero
no aaa new-model
dot11 vlan-name VLAN1 vlan 1
dot11 vlan-name pcCopper vlan 200
dot11 ssid PCOFFICE
vlan 200
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 REMOVED
dot11 ssid ROOT_1
vlan 1
authentication open
authentication key-management wpa
infrastructure-ssid optional
wpa-psk ascii 7 REMOVED
dot11 network-map
dot11 arp-cache optional
power inline negotiation prestandard source
username Cisco password 7 REMOVED
username admin privilege 15 password 7 REMOVED
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers tkip
encryption vlan 200 mode ciphers tkip
ssid PCOFFICE
speed basic-2.0 5.5 11.0 12.0 18.0 24.0 36.0 48.0 54.0
no power client local
power client 17
power local cck 17
power local ofdm 17
channel 2462
station-role root access-point
antenna receive right
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 port-protected
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.200
encapsulation dot1Q 200
no ip route-cache
bridge-group 200
bridge-group 200 subscriber-loop-control
bridge-group 200 block-unknown-source
no bridge-group 200 source-learning
no bridge-group 200 unicast-flooding
bridge-group 200 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
encryption mode ciphers tkip
encryption vlan 1 mode ciphers tkip
ssid ROOT_1
dfs band 3 block
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
no power client local
power client 11
power local 11
channel 5180
station-role root bridge
antenna receive right
antenna transmit right
interface Dot11Radio1.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
hold-queue 160 in
interface FastEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
interface FastEthernet0.200
encapsulation dot1Q 200
no ip route-cache
bridge-group 200
bridge-group 200 spanning-disabled
interface BVI1
ip address 192.168.3.241 255.255.255.0
no ip route-cache
ip default-gateway 192.168.3.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
control-plane
bridge 1 route ip
line con 0
line vty 0 4
login local -
Configuring ssid and vlans on autonomous access point ?
here is an a demonstration of how to configure vlans and ssid on a auto-ap , what i dont understand is when i configure the ssid under (interface dot11radio0) and the vlan under that command , why do i need to configure sub-interfaces for the "fastethernet" and the "dot11radio0" if i already configured it under the "interface dot11radio0" , why do i need the "encapsulation dotq x" ? and what is bridge-group ?
If you want to use multiple SSID with multiple vlan, then you have to configure subinterfaces on Radio interfaces (in both Radio 0 & Radio 1 if you want to use both 2.4GHz & 5GHz band) & Ethernet interfaces.
AP simply bridge wireless traffic to wired interface using these sub-interfaces. To specify which radio sub-interface traffic to map to ethernet sub-interface, a Bridge-Group number (1-255) is used.
Bridge-Group 1 always used for native vlan traffic & usually used for AP management.
HTH
Rasika
**** Pls rate all useful responses ****
Maybe you are looking for
-
Why does the screen on my iPad mini start jumping--larger, smaller--can't close apps. I reboot and still it happens. Any suggestions?
-
I am updating my iPad from first generation to fifth. I can access my app store info with no problem, but I cannot access iCloud. It has an account name that is greyed out and it's an account name of a service we no longer subscribe to. I keep gettin
-
In a program zsalesdom while exporting data from alv grid to excel , its exporting only one last column . what is the solution so that all columns be transported . plz help . thanks. ranjana
-
Mail 7.1- Reduce window size in a new email
I'm having problems reducing the window size when writing a new email. Mail 7.1 does not let me reduce the window size once I introduce a email address. Thank you for your help.
-
Unbilled Revenue Reporting - without saving simulation billing documents
Hi, I would like to know if anyone has ever run unbilled revenue reporting successfully from BI without saving the simulation billing documents that are generated from the Mass Simulation Run? Can the information be exported to BI without saving thes