Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
322
Views
0
Helpful
1
Replies

Hidden SSID on VLAN with Aironet 1121

xrper
Level 1
Level 1

‎12-15-2016 11:48 AM - edited ‎03-08-2019 08:35 AM

Im trying to setup an Aironet with 1 SSID (hidden) with VLAN tag 2 to serve some CCTV cameras and Im tearing my hair out getting it to work.

Clients can connect to the wifi network OK but then cannot access anything on the LAN (they use a static IP address, there is no DHCP server), also despite setting no guest-mode the SSID keeps showing on the list of available networks.

This is the output from show run, can anyone please show me what Im doing wrong here?

Thanks

!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
no logging console
enable secret 5 $1$slaE$/PAsh4WifdGnBjUi.Vxhl/
!
ip subnet-zero
ip domain name wrinehillvilla.local
!
!
no aaa new-model
!
dot11 ssid 7 Bishops Wood CCTV
   vlan 2
   authentication open 
   authentication key-management wpa
   wpa-psk ascii 7 044803031D314D45000D110E
!
!
!
username Cisco password 7 1531021F0725
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption mode ciphers aes-ccm 
 !
 encryption vlan 2 mode ciphers tkip 
 !
 ssid 7 Bishops Wood CCTV
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.2
 encapsulation dot1Q 2
 no ip route-cache
 bridge-group 2
 bridge-group 2 subscriber-loop-control
 bridge-group 2 block-unknown-source
 no bridge-group 2 source-learning
 no bridge-group 2 unicast-flooding
 bridge-group 2 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
!
interface FastEthernet0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface FastEthernet0.2
 encapsulation dot1Q 2
 no ip route-cache
 bridge-group 2
 no bridge-group 2 source-learning
 bridge-group 2 spanning-disabled
!
interface BVI1
 ip address 192.168.253.253 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.253.254
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
control-plane
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
 login local
!
end
Labels:
0 Helpful
1 Reply 1

johnd2310
Level 8
Level 8

‎12-15-2016 04:37 PM

Hi,

Have you checked that the ssid name matches under dot11 ssid and under interface Dot11Radio0? As a test, have you tried with an ssid that does not have spaces?

Have you configured the interface on the switch connected to the access point as a trunk with vlan 2 allowed on the trunk?

Thanks

John

**Please rate posts you find helpful**
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card