Root-bridge non-root bridge security

Using AP1231, I have a point-to-point configuration with the option "without wireless clients". I have enabled WPA2-PSK/AES-CCMP to the infrastructureSSID/nativeVLAN.
Does this security automatically apply to the other SSID/VLAN I have configured? Or do I need to configure additional security on the other SSID/VLAN? Please advise. Thanks!

From your diagram, AP3 is the root bridge because it is connected to ISP, so AP2 will be a repeater, but 1242 can't work both as repeater and AP. So the diagram won't work. you have 3 alternative options:
1. not let AP2 to connect wireless clients, only configure AP2 as a repeater.
2. If AP1 can connect to AP3 directly, then configure AP3 as root-bridge with wireless clients, configure both AP1 and AP2 as non-root bridge withe wireless clients.
3. If AP1 can't connect to AP3 directly, you need to add an additional AP4 to have back-to-back connection with AP2, configure AP1 and AP4 as non-root bridge with wireless clients, configure AP2 and AP3 as root-bridge with wireless clients; ap1 peered with AP2, AP4 peered with AP3, AP2 and AP4 are interconnected by ethernet port.

Similar Messages

  • NON-ROOT TO NON-ROOT ASSOCIATION??

    Hi,
    I have one AIR-AP1242AG-A-K9, and two AIR-AP1242AG-N-K9. I have already configure them to work as bridge.
    Root Bridge with  wireless-clients  ----------->     1   AIR-AP1242AG-N-K9
    Non-Root Bridge1 with  wireless-clients  --->      1   AIR-AP1242AG-N-K9
    Non-Root Bridge2 with  wireless-clients ---->      1   AIR-AP1242AG-A-K9
    I notice after reseting the root bridge or one of the non-root bridges that  when I type the command "sh DOt11 associations"  the results shows that there is an associatiation between the 2 Non-Root bridge. When this happend the connection of the clients associated to this APs is very unstable.
    as far as I know the association is just between Root and Non-Root bridges.
    I don´t know why this happend.
    In order to avoid this I disable in one of the non-root bridge (AIR-AP1242AG-A-K9) the option "Force Infrastructure Device to associate only...."
    Cisco's Docs show an example of config when there is one root bridge and one non-root bridge but in my scenario I have 2 non-root bridge and one root bridge.
    I would like to know if the config for my scenario must be  different from the simple scenario (1 root and 1 non-root).
    I hope any of you can help me.
    Regards

    Hi Scott,
    Thanks for your recommendations.
    The mac-address authentication option you recommend is the option shown as "Root Parent MAC 1" ,"Root Parent MAC 2 ....." on Setting---> Network interface???
    For root bridge , I should write down the MAC addres of the non-root bridge1  on Root Parent MAC 1 field and  on the field of Root Parent MAC 2, the  MAC of  the non-root bridge2 ?? ,  am I right?
    and for the non-root bridges I should just set on Root Parent MAC 1 just the MAC address of the root bridge???
    Regards,

  • 1242 as Root and Non Root

    Hi Everyone,
    I am setting up pair of 1242 APs as Root and Non-Root bridge, i am not able to find the Install Mode on the 1242 AP while setting the Non Root for Best signal.
    any help will be appreciated.
    HM

    Hi HM,
    AFAIK, we do not have the INSATALL mode on the 1242 AP if we are using it as ROOT and NONROOT.. this is available only on 1310 bridge or 1410 bridges.. not on 1242AP..
    lemme know if this answered your question..
    Regards
    Surendra
    ====
    Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull

  • Wireless Root Bridge - Non Root Bridge

    I've been reading a lot about bridge configuration for wireless AP but i cannot make it work the following scenario:
    PC -- ethernet port --> Non-Root-Bridge -----------> Root Bridge ---------> Switch
    vlan111                     native 18 - vlan111           native 18 - vlan111      vlan native 18,111
    Its pinging fine between switch and Non-Root. But when i put vlan111 on Non-Root the two AP's stop responding to the network.
    What am i doing wrong? Plz i need some help!! I have two 1242.
    ------------------------ Root Config ----------------------
    dot11 syslog
    dot11 vlan-name JGS111 vlan 111
    dot11 vlan-name JGS18 vlan 18
    dot11 ssid WGB
       vlan 18
       authentication open
       guest-mode
       infrastructure-ssid
    username Cisco password 7 047802150C2E
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    ssid WGB
    station-role root bridge
    infrastructure-client
    interface Dot11Radio0.18
    encapsulation dot1Q 18 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface Dot11Radio0.111
    encapsulation dot1Q 111
    no ip route-cache
    bridge-group 111
    bridge-group 111 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    shutdown
    dfs band 3 block
    channel dfs
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    interface FastEthernet0.18
    encapsulation dot1Q 18 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface FastEthernet0.111
    encapsulation dot1Q 111
    no ip route-cache
    bridge-group 111
    bridge-group 111 spanning-disabled
    interface BVI1
    ip address 10.1.8.50 255.255.255.0
    no ip route-cache
    ip default-gateway 10.1.8.254
    ip http server
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    bridge 1 route ip
    ------------- Non-Root-Bridge -------------
    ot11 syslog
    dot11 vlan-name JGS111 vlan 111
    dot11 vlan-name JGS18 vlan 18
    dot11 ssid WGB
       vlan 18
       authentication open
       guest-mode
       infrastructure-ssid
    username Cisco password 7 14341B180F0B
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    ssid WGB
    station-role non-root bridge
    infrastructure-client
    interface Dot11Radio0.18
    encapsulation dot1Q 18 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface Dot11Radio0.111
    encapsulation dot1Q 111
    no ip route-cache
    bridge-group 111
    bridge-group 111 spanning-disabled
    interface Dot11Radio1
    no ip address
    no ip route-cache
    shutdown
    dfs band 3 block
    channel dfs
    station-role root
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    duplex auto
    speed auto
    interface FastEthernet0.18
    encapsulation dot1Q 18 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface FastEthernet0.111
    encapsulation dot1Q 111
    no ip route-cache
    bridge-group 111
    bridge-group 111 spanning-disabled
    interface BVI1
    ip address 10.1.8.51 255.255.255.0
    no ip route-cache
    ip default-gateway 10.1.8.254
    ip http server
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    bridge 1 route ip

    Try this:
    interface Dot11Radio0.18
    encapsulation dot1Q 18 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    bridge-group 1 spanning-disabled
    interface Dot11Radio0.111
    encapsulation dot1Q 111
    no ip route-cache
    bridge-group 111
    bridge-group 111 subscriber-loop-control
    bridge-group 111 block-unknown-source
    no bridge-group 111 source-learning
    no bridge-group 111 unicast-flooding
    bridge-group 111 spanning-disabled
    interface FastEthernet0.18
    encapsulation dot1Q 10 native
    no ip route-cache
    bridge-group 1
    no bridge-group 1 source-learning
    bridge-group 1 spanning-disabled
    interface FastEthernet0.111
    encapsulation dot1Q 111
    no ip route-cache
    bridge-group 111
    no bridge-group 111 source-learning
    bridge-group 111 spanning-disabled
    Make sure your switchort is setup similar
    interface GigabitEthernet0/7
    description 1242 AP Bridge
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 18
    switchport trunk allowed vlans 18,111
    switchport mode trunk
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • Network Design - Root and Non root bridges

    Hi,
    We have a network set-up as the below image. Where the switches have STP enable to handle the muliple paths for the data to flow.
    What I would like to know is should the 2 bridges plugged into the same switch e.g Switch A (Bridge A and Bridge B) both be root bridges and (Bridge C and Bridge D) both be non root.
    Or should for example, Bridge A be a root and Bridge C a non root and Bridge B a non root and Bridge D the root?
    Similarly with the rest of the other bridges E, F, G and H
    Thanks

    Disclaimer
    The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.
    Liability Disclaimer
    In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.
    Posting
    Ah, I think I understand.  So the wireless bridges are "transparent" to the rest of the network.  They just convert wired to wireless and back again.
    If I have that right, we can ignore them and just consider your switches.
    In that case, it appears you have two L2 loops, those formed by the dual paths between switches A and B and between switches C and D.  From a topology standpoint, it doesn't seem to matter what switch you select as root and secondary root.  However, as switches B and C are the interior switches, I would suggest those as your root and secondary root switches.

  • 1242 Root or Non-Root Bridge

    Greetings,
    I have a small network that uses 1242 APs for clients machines. Our wired WAN link can be unreliable, so I would like to configure one of the 1242s as a bridge and connect it to one of the many wireless networks we have in our neighborhood.
    I understand the 1242 APs can also operate in a bridge mode that could allow us to connect our network to one of these other wireless LANs. A couple of questions:
    -Does the remote WLAN have to be a compatible cisco device in order for the 1242 to be able to bridge successfully?
    -Which 'Role in Radio Network' do I choose for our 1242?
    -How do I see what the SSIDs of the remote WLANS are and enter the relevant passwords (WEP, WPA, 802.1x, or WPA2)
    -If this is not possible, what is the right device to use to connect our LAN to a remote WLAN without being able to control the hardware at 'both' ends of the bridge.
    TIA

    Can you please provide me with a network topology of what it is you would like to achieve. If you want the radio interfaces to associate to one another, then it is recommended to have them on the same channel, but for roaming instances, it is recommended that you have then at least 5 channels apart on the g radio so as to avoid any interference.
    The 802.11A radios on the APs would be configured as bridges (one as
    a "root" and the other two as "non-root") and the 802.11G radios
    would service clients. Only one of the APs would require wired
    connectivity in this scenario, as long as all of the APs are
    communicating to each other on the 802.11A side. An important
    consideration is that the 802.11A radios that are configured as "non-
    root bridges" need only to communicate with the 802.11A radio that is
    configured as the "root bridge". It is not necessary for the "non-
    root bridges" to see each other. However, it is imperative that the
    802.11A radio that is configured as the "root bridge" be able to
    communicate with BOTH of the 802.11A "non-root" bridges. Therefore,
    the antennas you choose for the devices is important.

  • Can you change smcwebserver login from root to non-root user

    I've tried digging in various place and haven't found any luck with this. Is it possible to change that default login from the system root to another user?

    Not sure about the first part.
    But i think you can fix the timing on the reader using this patch.
    http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-67245
    Have a try not sure whether it will fix your problem.

  • Cannot Associate 1532 Bridges in Non-Root role

    Hello,
    Can someone please tell me what I am missing and why I cannot bring up 2 bridges in "Root" and "Non-Root" roles?
    I have similarly configured bridges in a Root / Non-Root role several times before with older AP's and never had any issues... although it was always just 1 SSID, 1 Vlan, and no subinterfaces...
    The only way I was able to get these 2 bridges to associate was to put the Non-Root bridge into a Workgroup Bridge role and then *BANG* everything worked perfectly.  I tried getting rid of the authentication and tried using the Parent command but neither helped.  Prior to entering Station Role Workgroup Bridge, the only message I would receive was showing on the Non-Root side and all it said was:
    *Mar  1 07:27:13.867 GMT: %DOT11-4-CANT_ASSOC: Interface Dot11Radio0, cannot associate: No Response
    *Mar  1 07:27:28.891 GMT: %DOT11-4-CANT_ASSOC: Interface Dot11Radio0, cannot associate: Rcvd response from 544a.0005.8030 channel 3 2815
    What am I missing or what have I incorrectly configured on my Non-Root config?
    Bridges are both 1532i with the Autonomous Image 15.2(4)JB5
    Attached are the configs prior to changing the Non-Root AP to a station role of Workgroup Bridge.
    Thanks!

    Hi,
    This should work with multiple sub-interfaces.
    Few more suggestions
    1. Remove this from your BRIDGE SSID & check
    mobility network-id 1
    This is only require when you configure L3 roaming & WDS in place.
    http://www.cisco.com/c/en/us/support/docs/wireless/aironet-1200-series/8103-ap-faq.html
    2. Try to set WPA version 2 & only AES encryption.
    Also try to Associate your Bridges using Open Auth first (as shown in my blog post initial section) & then try to add security.
    HTH
    Rasika
    **** Pls rate all useful responses ****

  • 1300 Root-Bridge and Non-Root Bridge setup

    I have two 1300s that I am trying to set up as Root Bridge and Non-Root Bridge, however, everytime i specify one of them as a Non-Root bridge, the radio0 interface becomes disabled. The only option that i am able to pick that enables the radio0 interface is "Access Point", which is what am trying to avoid it being.
    Can anybody help me figure out how to go about this

    A non-root's radio will show as disabled if it cannot find the root AP to associate to. Make sure you have "infrastructure-ssid" configured under the SSID on both the root and non-root bridges. Also depending on code versions you may have to configure the distance command under the radio interface on the root.

  • 1230AG non-root bridge not associating

    Hello everyone,
    I am new at setting up root and non-root bridges. I am trying to set-up three 1230ag devices.
    One as the root and the othe two as non-root, I copied the config txt from the root and
    copied that into the two I am going to use for the non-root. That way the ssid's are the
    same. When I set the role to non-root the radio is not enabled and I get a message saying
    Interface Dot11Radio0,cannot associate:No Response
    Does any know what I am doing wrong, and how to fix it
    Thanks

    The radio interface will go down in response to being configured as a non-root bridge, so that much is working.  But there must be a configuration error if it won't associate.  Can you post the configs so we can review them?
    Are the bridges mounted, or are they on your desk?

  • Cisco Aironet 1250 - How to bridge two AP's and get Non-root to talk to Root AP

    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Table Normal";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-priority:99;
    mso-style-qformat:yes;
    mso-style-parent:"";
    mso-padding-alt:0in 5.4pt 0in 5.4pt;
    mso-para-margin-top:0in;
    mso-para-margin-right:0in;
    mso-para-margin-bottom:10.0pt;
    mso-para-margin-left:0in;
    line-height:115%;
    mso-pagination:widow-orphan;
    font-size:11.0pt;
    font-family:"Calibri","sans-serif";
    mso-ascii-font-family:Calibri;
    mso-ascii-theme-font:minor-latin;
    mso-hansi-font-family:Calibri;
    mso-hansi-theme-font:minor-latin;
    mso-bidi-font-family:Arial;
    mso-bidi-theme-font:minor-bidi;}
          I have two buidlings acroos the street from each other.  I have two Cisco Aironet 1250 wireless AP's with the first one going in the main building with network backbone.  The Second AP goes across the street with the other wired network segment.  Both AP's have long range antenas 2.4 GHZ on top of each building.  I have configured the 1st one as the Root Bridge.  The one across the street is configured as non-root bridge.  I have both AP's configured with the same WEP key and also with the same SSID name with both set to broadcast it.   I am still unsure and confused as to how I get the non-root bridge to talk to and use the root bridge to get on the main network.
            1- It’s main to use the Root parent Mac address.
            2-  Is there another config that I am missing to get the signal? 
    Note: I still not getting any signal from the root although distance between root and non-root is 330m
    My root antenna is AIR-ANT24120 and non-root antenna is AIR-ANT1949 and attached files is my configuration files
    Thank you.

    1.  How are the AIR-ANT24120 and the AIR-ANT1949 installed?
    the AIR-ANT24120 is connected virtically on tower far 11m from the earth and AIR-ANT1949 is connected horizontally on tower far 10m from the earth
    2.  What is the distance between both APs?
    350 m
    3.  Do you have clear line-of-sight between the two?
    there is one tanker in the middle between them but it's far 7m from the earth
    4.  Is the two APs properly aligned?
    i think yes and changed the aligned many times without any news (I don't have any tools for alignment)
    5.  Which point are the antennas connected to?  Primary, Secondary or middle?
    I tried in the primary and secondary but never tried the middle antenna
    Thanks

  • Clients no received ip address from Non-root APs

    I have 3 AP,  one roor and Non-root. The Root AP is connected to ADSL modem which provide DHCP.
    the clients form root AP received IP without problem, but whe I try to associate to  non-root AP I can not receive ip from DHCP.
    What it could be the reason???
    I hope any of you can help me...
    regards
    ROOT#sh cdp nei
    Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                      S - Switch, H - Host, I - IGMP, r - Repeater
    Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
    NON-ROOT1        Vi-Dot11 0         177          T I      AIR-AP124 Vi-Dot11 0
    NON-ROOT2        Vi-Dot11 1         145          T I      AIR-AP124 Vi-Dot11 0
    ROOT#
    ROOT#
    ROOT#sh dot11 associations
    802.11 Client Stations on Dot11Radio0:
    SSID [enlace] :
    MAC Address    IP address      Device        Name            Parent         Stat
    e
    0021.00d6.6459 169.254.32.107  Br-client     -               003a.9924.2ba0 Asso
    c
    0025.9cab.3073 0.0.0.0         Br-client     -               003a.9933.e070 Asso
    c
    003a.9924.2ba0 192.168.1.249   bridge        NON-ROOT2       self           Asso
    c
    003a.9933.e070 192.168.1.251   bridge        NON-ROOT1       self           Asso
    c
    58b0.3568.372c 169.254.68.25   Br-client     -               003a.9924.2ba0 Asso
    c
    c417.fe02.645f 192.168.1.64    Br-client     -               003a.9924.2ba0 Asso
    c
    d8a2.5e49.5a83 0.0.0.0         Br-client     -               003a.9924.2ba0 Asso
    c
    ROOT#
    ROOT#sh ver
    Cisco IOS Software, C1240 Software (C1240-K9W7-M), Version 12.4(21a)JA1, RELEASE
    SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2009 by Cisco Systems, Inc.
    Compiled Wed 16-Sep-09 19:06 by prod_rel_team

    Hi Surendra,
    I set static IP on interface BVI1 on non-root1 and non-root2, also root-bridge I can ping to both of them, in fact I access  to them via web and telnet.
    I also set ip helper-address on interface Dot11Radio0 in all APs root and non-root..
    My mind is about to crash...I don´t know what else to try.
    thanks for your time.

  • B1400 non-root does not display/monitor temperature

    I have root and non-root B1410 bridges. The root bridges will show temperatures in the GUI. The non-root do not. They show a WARNING: No Reading temperature monitoring is at 'INITIALIZE' state. What does this mean? I have not been able to find any reference. Other than root/non-root parms, I see nothing that is different in these configurations. They are in remote locations and temperature reporting is needed.

    Thanks for the response. After some digging I found this BUG.
    It says fixed in 12.3(8)JA
    BUT I CANNOT FIND 12.3(8)JA for the 1400....
    BUG ID: CSCsb63034
    Bug Details
    Headline show env No Reading Temperature monitoring is at INITIALIZE non-root
    Product br1410
    Feature OTHERS Duplicate of
    Severity 3 Severity help Status Verified Status help
    First Found-in Version 12.3(4)JA First Fixed-in Version 12.3(8)JA Version help
    Release Notes
    Symptom:
    Non-root bridge running 12.3.4.JA & greater 'show env' output sometimes shows:
    Environmental Statistics
    Environmental status as of 09:47:18 S Aug 8 2005
    Data is 55 second(s) old, refresh in 5 second(s)
    WARNING: No Reading temperature monitoring is at 'INITIALIZE' state.
    No Reading temperature is at 0 (C)
    Workaround:
    None but this appears to be cosmetic.
    -pat

  • Bridge 350 root and no root security ?

    Hi,
    i have 2 point to point bridge 350,
    and only wep is active,
    i know how to make radius with AP 1100 and client (pcmcia)
    I want to know how i can secure my point to point connection. root --> no root
    Is possible to set root on radius serveur and to set the no root for authentification on the root ?
    Please help me.....

    Dear Sir
    http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/350brdgs/brscg/br350ch8.htm#1053765
    Above url shows how to configure bridge link for leap .
    I hope this helps .
    On Non root you can enter username and password which will be authenitcated by ACS on on root side
    On 350 bridge runs vxworks so we do not have radius
    build in .
    Regards

  • Changing native VLAN on non-root bridges

    I have quite a few 1310 Bridges setup in point to multipoint configuration with a root bridge with a sector antenna at the campus network and remote sites connecting in. I have multiple VLANs trunked onto one SSID, this allows for having multiple vlans in use at the remote site. The problem is I want to configure some remote site bridges with a different native vlan than the standard allowing me to plug the client directly into the injector and eliminate the need for a vlan aware switch. I have tried to configure the the "encapsulation dot1q VLAN# native" but this swaps the bridge group on the subinterface to a bridge-group 1 .
    ! Last configuration change at 01:23:08 UTC Tue Sep 15 2009 by Cisco
    ! NVRAM config last updated at 01:23:09 UTC Tue Sep 15 2009 by Cisco
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    no aaa new-model
    dot11 ssid Cisco-24
    vlan 1
    authentication open
    authentication key-management wpa
    guest-mode
    infrastructure-ssid optional
    wpa-psk ascii test
    bridge irb
    interface Dot11Radio0
    no ip address
    no ip route-cache
    encryption mode ciphers aes-ccm tkip
    encryption vlan 1 mode ciphers aes-ccm tkip
    encryption vlan 901 mode ciphers aes-ccm tkip
    encryption vlan 902 mode ciphers aes-ccm tkip
    encryption vlan 904 mode ciphers aes-ccm tkip
    ssid Cisco-24
    speed basic-1.0 basic-2.0 basic-5.5 basic-11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0
    station-role non-root bridge
    interface Dot11Radio0.1
    encapsulation dot1Q 1 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface Dot11Radio0.901
    encapsulation dot1Q 901
    no ip route-cache
    bridge-group 255
    bridge-group 255 spanning-disabled
    interface Dot11Radio0.902
    encapsulation dot1Q 902
    no ip route-cache
    bridge-group 254
    bridge-group 254 spanning-disabled
    interface Dot11Radio0.904
    encapsulation dot1Q 904
    no ip route-cache
    bridge-group 253
    bridge-group 253 spanning-disabled
    interface FastEthernet0
    no ip address
    no ip route-cache
    hold-queue 80 in
    interface FastEthernet0.1
    encapsulation dot1Q 1 native
    no ip route-cache
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface FastEthernet0.901
    encapsulation dot1Q 901
    no ip route-cache
    bridge-group 255
    bridge-group 255 spanning-disabled
    interface FastEthernet0.902
    encapsulation dot1Q 902
    no ip route-cache
    bridge-group 254
    bridge-group 254 spanning-disabled
    interface FastEthernet0.904
    encapsulation dot1Q 904
    no ip route-cache
    bridge-group 253
    bridge-group 253 spanning-disabled
    interface BVI1
    ip address 10.0.0.100 255.255.255.0
    no ip route-cache
    ip default-gateway 10.0.0.1
    ip http server
    no ip http secure-server
    ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
    snmp-server community misdept RO
    bridge 1 route ip
    line con 0
    line vty 0 4
    login local
    end

    Correct. As soon as you change it to 100, you will lose access to the devices since vlan 1 is used for management.  To shorten the down time, you can create vlan 100 and all the SVIs on all switches ahead of time and than change it form 1 to 100 in a maintenance window.
    HTH

Maybe you are looking for

  • Is there a way to fix particular percent of slice area to each level value

    Is there a way to fix particular percent of slice area to each level value in a flash pie Chart? I need a pie chart for Distribution of Escalations by Status; here I have following status Record in my table 5 record for Status: Reopen 2 record for St

  • Mail doesn't recognize password after upgrading to Mountain Lion

    After updgrading to Mountain Lion: The gmail account in Mail began to ask for its password. it is preseent [in dots]; when i click to continue, dialog box indicates it doesn't recognize it. i had time to to go over details in a gmail help page with d

  • Process Flow - Pass paramters between activities

    Need to pass argument from one mapping/component to next piece. What is the way. Process Flow Editor does not seem to show OUT paramters. Pasting from a previous post Hi, I have a requirement to pass output parameter from a Mapping as input to anothe

  • Help please with dull screen after waterlogging"

    My 8520 went in the hand wash and had good soak! Took out battery, dried all in airing cupboard with rice. First of all on reboot scrool wouldnt work after 3 weeks it is alive again but screen so dim I cannot see..also water marks inside screen Any a

  • PREL 4 and Win 7 64bit

    I'm using Premiere Elements 4 (and Photoshop Elements6) with Vista.  I'm doing a clean install of Windows 7 (hopefully 64 bit).  Will these programs work with Win 7-64?  32?  If not, what version(s) will?  Thanks much.  (I couldn't find an answer by