Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
4526
Views
0
Helpful
0
Comments

Multiple Cisco Aironet 1131AG access points and same SSID?

Vinay Sharma
Level 7
Level 7

‎01-31-2013 05:54 AM - edited ‎11-18-2020 03:01 AM

 

 

Scenario

 

User have multiple Cisco Aironet 1131AG devices and all wired on one Cisco L2 switch (2560)  which is connected to L3 switch (3550).

 

We assigned one VLAN for access point in L3 switch which acts as vtp server (L2 switch is vtp client). All AP's will have static ip address and all will have same SSID and no security and will be using multiple channels (ex. 1,6,11).  They will operate in 3 floor building for roaming wireless client.

 

Condition

 

No wireless controller (WLC) is used.

 

Question

 

How to configure AP's all the same with different ip's, can we use L3 switch to create DHCP server for access points VLAN (pool for clients, and the rest for static ip for AP's)?

 

Can one of the AP's be WDS and in the same time local radius server with users without Cisco Secure ACS or similar controller?

 

I followed guide http://www.cisco.com/en/US/docs/wireless/access_point/12.3_2_JA/configuration/guide/s32roamg.html for WDS where the part about Cisco ACS is a problem, so I can use same ap as Local Authenticator as in guide  http://www.cisco.com/en/US/docs/wireless/access_point/12.3_4_JA/configuration/guide/s34local.html#wp1035723.

 

Answer

 

WDS and local RADIUS authentication is only needed if you're using authentication on your wireless connection but in case we don't use security, so this isn't necessary. However it is highly recommend at least using a simple WPA2-PSK to lock down your connection, otherwise you might end up giving free Internet access at best, and at worst you might be giving access to company PCs and servers.

 

If you want to further use an 802.1x or WPA authentication method, then yes, you can use an AP as a RADIUS server and WDS to improve authenticated roaming, but this is far more limited than using a Cisco ACS.

 

As for your other questions, yes, your AP's can all be configured the same except for at least three parameters: IP address, channel, and hostname.  Configure your static IP addresses on the AP's BVI1 interface.  Don't place it on the Radio or Ethernet interfaces, because if either of these interfaces goes down you'll lose the ability to configure the AP, so it's best to use the BVI1 interface.

 

And yes, configuring a DHCP scope for your clients on your L3 switch is a good design, or you could also use your DHCP server on a different subnet by using the IP helper-address command on the L3 interface. 

 

Reference

 

This document was generated from the following discussion: Multiple Cisco Aironet 1131AG access points and same SSID?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents