04-12-2011 12:38 AM - edited 11-18-2020 02:53 AM
Autonomous AP and Bridge Basic Configuration Template
AP#
Configure terminal
Dot11 ssid <ssid_name>
Authentication open
Guest-mode <--- To broadcast the SSID
AP#
Configure terminal
Ip dhcp excluded-address <---List of IP addresses to be excluded>
Ip dhcp pool <pool name>
Network <network id> <mask>
Default-router <IP address>
Configure terminal
Int dot11radio0 or Intdot11radio1
Ssid <ssid_name> <--- Map the SSID to radio interface
Station-role root
bridge-group
no shut
interface FastEthernet0
bridge-group 1
interface BVI1
ip address <ip address> <mask>
6.
ip default-gateway <ip_address>
If there are multiple vlans(For ex,vlans 1,2,3 in this case), configure one of the vlan to be native depending on your network/switchport config and map it to bridge-group 1
Conf t
interface Dot11Radio0.1
encapsulation dot1Q 1 native
bridge-group 1
interface Dot11Radio0.2
encapsulation dot1Q 2
bridge-group 2
interface Dot11Radio0.3
encapsulation dot1Q 3
bridge-group 3
interface fa0.1
encapsulation dot1Q 1 native
bridge-group 1
interface fa0.2
encapsulation dot1Q 2
bridge-group 2
interface fa0.3
encapsulation dot1Q 2
bridge-group 3
Interface dot11 0
Mbssid
Dot11 ssid <ssid_name>
Mbssid guest-mode
Conf t
Dot11 ssid <ssid1>
Vlan 1
Dot11 ssid <ssid2>
Vlan 2
Conf t
Int dot11 0
Speed range or Speed throughput
Power local max
Or
Powerlocal cck max
Powerlocal ofdm max
Channel <number> or <least-congested>
Conft
ip http server
ip http secure-server
ip http authentication local
Configuration if there are multiplevlans and if SSIDs are mapped to vlans:
Conf t
interface Dot11Radio0
encryption vlan <id> mode wepmandatory
encryption vlan <id> key<slot> size 128bit 0 <encryption key> transmit-key
or
Configuration if there is a single vlans and if SSID is notmapped to vlan explicitly”
Conf t
interface Dot11Radio0
encryptionmode wep mandatory
encryption key <slot> size 40bit 0 <encryption key> transmit-key
Configure terminal
interface dot11Radio 0
encryption vlan <id> modeciphers tkip
(or )
encryption mode ciphers tkip <--- Configuration if SSID is not mapped to vlans explicitly
exit
dot11 ssid <ssid_name>
authentication open
authentication key-management wpa
wpa-psk ascii <Enter pre-shared_key>
Configure terminal
interface dot11Radio 0
encryption vlan <id> mode ciphers aes-ccm
(or)
encryption mode ciphers aes-ccm <--- Configuraton if SSID is not mapped to vlans explicitly
exit
dot11 ssid <ssid_name>
authentication open
authentication key-management wpa version 2
wpa-psk ascii <Enter pre-shared_key>
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk native vlan 1
switchport trunk allowed vlan 1,2,3
Unlike APs, bridges would have a single SSID mapped to native VLAN for bridging. The SSID, Encryption, Authentication on root and non root bridges should match.
dot11 ssid bridging
vlan 1
infrastructure-ssid <--- Use infrastructure-ssid optional ifwireless clients are to be connected too
int dot11 0
station-role root bridge
or
station-role root bridge wireless-clients <--- Bridging and allow client association too
interfaceDot11Radio0.1
encapsulation dot1Q 1 native
bridge-group 1
interfaceDot11Radio0.2
encapsulation dot1Q 2
bridge-group 2
interfaceFastEthernet0.1
encapsulation dot1Q 1 native
bridge-group 1
interfaceFastEthernet0.2
encapsulation dot1Q 2
bridge-group 2
dot11 ssid bridging
vlan 1
infrastructure-ssid
int dot11 0
station-role non-root bridge
(or)
station-role non-root bridge wireless-clients <--- Bridging and allow client association too
interfaceDot11Radio0.1
encapsulation dot1Q 1 native
bridge-group 1
interfaceDot11Radio0.2
encapsulation dot1Q 2
bridge-group 2
interfaceFastEthernet0.1
encapsulation dot1Q 1 native
bridge-group 1
interfaceFastEthernet0.2
encapsulation dot1Q 2
bridge-group 2
- ‘Show dot11 associations all’ to check details of associated clients.
- ‘Show controllers dot11 0’ to check the current channel,current and available power values, number of mbssids.
- ‘Dot11 dot11radio 0 carrier busy and show dot11 carrier busy’ shows the interference percentage for every channel which can be used to select the channel with least interference.
Complete configuration guide of AP
Configuration Examples and TechNotes
Madhuri great information. thanks for sharing and keep it up
Excellent documentation. Pls add a network diagram for completeness.
Thank you for being awesome !
Are you using telnet?
Wireless Bridging Diagram:
AP1 <===> AP2
Not sure if anyone is still monitoring this, but....
There are a few references in this document to bridge-groups 2 & 3, however, I do not see where they are ever applied to an interface (like bridge-group 1 is to Gig0 is in section 4). Can someone explain how the different bridge-groups are implemented and why? I am trying to set up a point to multi-point wireless connection and I'm wondering if I need to configure bridge-groups for each remote building (i.e. bridge-group 2 vlans would be directed to building #2 and bridge-group 3 vlans would be directed to building #3, etc.) I'm just not understanding how the bridge-groups in the configuration example are supposed to function.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: