07-02-2021 03:17 AM - edited 07-02-2021 09:38 PM
Hello,
i can`t get acess to the ap, the athofication failed
i had another ap (AP1) they i can connoect with wpa2
at first i post the config from the ap ,witch work well.
! ! Last configuration change at 21:15:37 UTC Tue Mar 2 1993 by Cisco version 15.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname AP1 ! ! logging rate-limit console 9 enable secret 5 $1$jgWC$xBZ5Si1i2fhKIv47fhpve0 ! no aaa new-model no ip source-route no ip cef ! ! ! ! dot11 pause-time 100 dot11 syslog ! dot11 ssid Doerk authentication open authentication key-management wpa version 2 guest-mode wpa-psk ascii 7 08701E1D5D4C53404A ! ! ! no ipv6 cef ! crypto pki trustpoint TP-self-signed-2124842184 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-2124842184 revocation-check none rsakeypair TP-self-signed-2124842184 ! ! crypto pki certificate chain TP-self-signed-2124842184 certificate self-signed 01 nvram:IOS-Self-Sig#1.cer username Cisco privilege 15 password 7 032752180500 ! ! bridge irb ! ! ! interface Dot11Radio0 no ip address ! encryption mode ciphers aes-ccm ! ssid Doerk ! antenna gain 0 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio1 no ip address ! encryption mode ciphers aes-ccm ! ssid Doerk ! antenna gain 128 peakdetect no dfs band block speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. m16. m17. m18. m19. m20. m21. m22. m23. a1ss9 a2ss8 a3ss9 channel dfs station-role root world-mode dot11d country-code DE both bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface GigabitEthernet0 no ip address duplex auto speed auto bridge-group 1 bridge-group 1 spanning-disabled no bridge-group 1 source-learning ! interface GigabitEthernet1 no ip address shutdown duplex auto speed auto bridge-group 1 bridge-group 1 spanning-disabled no bridge-group 1 source-learning ! interface BVI1 mac-address cc16.7ea6.84c8 ip address dhcp client-id GigabitEthernet0 ipv6 address dhcp ipv6 address autoconfig ipv6 enable ! ip forward-protocol nd no ip http server ip http authentication local ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ! ! bridge 1 route ip ! ! ! line con 0 line vty 0 4 login local transport input all ! end
This is the config from the ap, where i can`t get a connection.
! ! Last configuration change at 22:18:19 UTC Tue Mar 2 1993 version 15.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec localtime show-timezone service password-encryption ! hostname ap ! ! logging rate-limit console 9 enable secret 5 $1$d4fN$E8Tbat/RkN0rN0PSsMA8L/ ! no aaa new-model no ip source-route no ip cef ! ! ! ! dot11 pause-time 100 dot11 syslog ! dot11 ssid Doerk_2 authentication open authentication key-management wpa version 2 guest-mode wpa-psk ascii 7 101F5B4A5142445C54446A6B6468737562534756434116191813144E435856191817131215144B1B46471817445346441B4B464F610C0E49594557 ! ! ! no ipv6 cef ! crypto pki trustpoint TP-self-signed-3363792920 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3363792920 revocation-check none rsakeypair TP-self-signed-3363792920 ! ! crypto pki certificate chain TP-self-signed-3363792920 certificate self-signed 01 nvram:IOS-Self-Sig#1.cer username Cisco privilege 15 password 7 106D000A0618 ! ! bridge irb ! ! ! interface Dot11Radio0 no ip address ! encryption mode ciphers aes-ccm ! ssid Doerk_2 ! antenna gain 0 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface Dot11Radio1 no ip address ! encryption mode ciphers aes-ccm ! ssid Doerk_2 ! antenna gain 0 peakdetect no dfs band block channel 5180 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 spanning-disabled bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding ! interface GigabitEthernet0 no ip address duplex auto speed auto bridge-group 1 bridge-group 1 spanning-disabled no bridge-group 1 source-learning ! interface GigabitEthernet1 no ip address shutdown duplex auto speed auto bridge-group 1 bridge-group 1 spanning-disabled no bridge-group 1 source-learning ! interface BVI1 mac-address 00fe.c87f.6818 ip address dhcp client-id GigabitEthernet0 ipv6 address dhcp ipv6 address autoconfig ipv6 enable ! ip forward-protocol nd no ip http server ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ! ! bridge 1 route ip ! ! ! line con 0 line vty 0 4 login local transport input all ! end
i use this commands for the second ap, but i don`t know the comands for the first ap
configure terminal ip default-gateway 192.168.178.1 dot11 ssid Doerk_2 guest-mode authentication open authentication key-management wpa version 2 wpa-psk ascii 12345678 exit interface dot11Radio 0 encryption mode ciphers aes-ccm tkip ssid Doerk_2 channel least-congested no shutdown exit dot11 ssid Doerk_2 guest-mode authentication open authentication key-management wpa version 2 wpa-psk ascii 12345678 exit interface dot11Radio 1 encryption mode ciphers aes-ccm tkip ssid Doerk_2 channel 36 no shutdown dot11 ssid Doerk_2 guest-mode authentication open authentication key-management wpa version 2 wpa-psk ascii 12345678 exit interface dot11Radio 0 encryption mode ciphers aes-ccm tkip ssid Doerk_2 channel least-congested no shutdown exit
Mfg
Dirk
07-07-2021 02:31 AM
the second ap misses the
- ip http authentication local
command which may cause the problem logging into the web-interface ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: