02-05-2013 04:37 AM - edited 07-03-2021 11:28 PM
Hello!
We have cisco 1941 as router in office, it's dhcp server, it has only vlan 1 192.168.4.0/24
I've set up 1142 ap for wireless clients
How can i make it give clients ips from dhcp server from vlan 1 ?
Solved! Go to Solution.
02-05-2013 04:47 AM
When using wpa2 you need to use aes. If you use WPA them its TKIP.
Sent from Cisco Technical Support iPhone App
02-05-2013 04:49 AM
Change it to this
encryption vlan 1 mode ciphers aes-ccm
Sent from Cisco Technical Support iPhone App
02-05-2013 04:53 AM
The bvi will get an IP address on Vlan 1 and so will your clients. The config looks fine other than what I told you to change.
Sent from Cisco Technical Support iPhone App
02-05-2013 04:40 AM
If your 1941 is the dhcp, just create an SSID and place it on Vlan 1. That should be it.
Sent from Cisco Technical Support iPhone App
02-05-2013 04:42 AM
You should be able to follow this guide for reference
http://www.cisco.com/en/US/docs/wireless/access_point/1140/autonomous/getting_started/guide/ap1140aut_getstart.html
Sent from Cisco Technical Support iPhone App
02-05-2013 04:45 AM
i did this:
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname 3floor
!
logging rate-limit console 9
enable secret *
!
no aaa new-model
ip domain name office
!
!
dot11 syslog
!
dot11 ssid b1
vlan 1
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii *
!
!
!
username b1_adm privilege 15 secret *
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers tkip
!
broadcast-key vlan 1 change 30
!
!
ssid b1
!
antenna gain 0
channel least-congested 2427 2432 2437 2442 2447 2452 2457 2462
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
antenna gain 0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address dhcp
no ip route-cache
!
ip http server
ip http authentication local
no ip http secure-server
snmp-server community mon_cacti RO
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
logging synchronous
login local
!
end
i've tried to make it to use authentication with wpa 2 key
it it ok?
02-05-2013 04:47 AM
When using wpa2 you need to use aes. If you use WPA them its TKIP.
Sent from Cisco Technical Support iPhone App
02-05-2013 04:49 AM
Change it to this
encryption vlan 1 mode ciphers aes-ccm
Sent from Cisco Technical Support iPhone App
02-05-2013 04:52 AM
thank you, windows clients will authenticate without problems?
do i have to make configuration of gigabit ethernet, i couldn't get it why bvi 1 interface gets ip from dhcp but not gig 0
will this configuration provide ip to clients from 1941 dhcp server?
02-05-2013 04:58 AM
Hi Greg,
Please be aware that AP is not a router..It is a bridge and does not use ip address on Gig0. Any traffic the AP gets on the radio interface (dot0) and physical interface (Gig0) are bridged to the BVI interface and are send to the rest of the network. So only BVI interface will have ip address on an AP.
Yes with the above configuration your wireless clients should gert dhcp ip address from 1941 provided the AP and router can reach each other.
Hope this helps.
Regards
Najaf
Please rate when applicable or helpful !!!
02-05-2013 04:53 AM
The bvi will get an IP address on Vlan 1 and so will your clients. The config looks fine other than what I told you to change.
Sent from Cisco Technical Support iPhone App
02-05-2013 05:05 AM
thank you everyone!)
02-05-2013 05:15 AM
Thanks for supporting the rating system... if you ever decide to use the 5ghz radio, in order to achive up to 300mbps, you need to use a channel width of 40mhz:
https://supportforums.cisco.com/thread/2033758
interface Dot11Radio1
no ip address
no ip route-cache
!
ssid b1
!
antenna gain 0
no dfs band block
speed basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
channel width 40-above
channel dfs
station-role root
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
02-05-2013 07:10 AM
well...now it's in reset state:
floor#show ip interface brief
Interface IP-Address OK? Method Status Protocol
BVI1 192.168.4.243 YES DHCP up up
Dot11Radio0 unassigned YES NVRAM reset down
Dot11Radio1 unassigned YES NVRAM administratively down down
GigabitEthernet0 unassigned YES NVRAM up up
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide