Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
674
Views
0
Helpful
1
Replies

Can`t get acess to ap aironet 2702i wpa2

Dirk Meyer
Level 1
Level 1

‎07-02-2021 03:17 AM - edited ‎07-02-2021 09:38 PM

Hello,

 i can`t get acess to the ap, the athofication failed

i  had another ap (AP1) they i can connoect with wpa2

at first i post the config from the ap ,witch work well.

!
! Last configuration change at 21:15:37 UTC Tue Mar 2 1993 by Cisco
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP1
!
!
logging rate-limit console 9
enable secret 5 $1$jgWC$xBZ5Si1i2fhKIv47fhpve0
!
no aaa new-model
no ip source-route
no ip cef
!
!
!
!
dot11 pause-time 100
dot11 syslog
!
dot11 ssid Doerk
   authentication open 
   authentication key-management wpa version 2
   guest-mode
   wpa-psk ascii 7 08701E1D5D4C53404A
!
!
!
no ipv6 cef
!
crypto pki trustpoint TP-self-signed-2124842184
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2124842184
 revocation-check none
 rsakeypair TP-self-signed-2124842184
!
!
crypto pki certificate chain TP-self-signed-2124842184
 certificate self-signed 01 nvram:IOS-Self-Sig#1.cer
username Cisco privilege 15 password 7 032752180500
!
!
bridge irb
!
!
!
interface Dot11Radio0
 no ip address
 !
 encryption mode ciphers aes-ccm 
 !
 ssid Doerk
 !
 antenna gain 0
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 !
 encryption mode ciphers aes-ccm 
 !
 ssid Doerk
 !
 antenna gain 128
 peakdetect
 no dfs band block
 speed  basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. m16. m17. m18. m19. m20. m21. m22. m23. a1ss9 a2ss8 a3ss9
 channel dfs
 station-role root
 world-mode dot11d country-code DE both
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
 no ip address
 duplex auto
 speed auto
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface GigabitEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface BVI1
 mac-address cc16.7ea6.84c8
 ip address dhcp client-id GigabitEthernet0
 ipv6 address dhcp
 ipv6 address autoconfig
 ipv6 enable
!
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
 login local
 transport input all
!
end

This is the config from the ap, where i can`t get a connection.

!
! Last configuration change at 22:18:19 UTC Tue Mar 2 1993
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname ap
!
!
logging rate-limit console 9
enable secret 5 $1$d4fN$E8Tbat/RkN0rN0PSsMA8L/
!
no aaa new-model
no ip source-route
no ip cef
!
!
!
!
dot11 pause-time 100
dot11 syslog
!
dot11 ssid Doerk_2
   authentication open 
   authentication key-management wpa version 2
   guest-mode
   wpa-psk ascii 7 101F5B4A5142445C54446A6B6468737562534756434116191813144E435856191817131215144B1B46471817445346441B4B464F610C0E49594557
!
!
!
no ipv6 cef
!
crypto pki trustpoint TP-self-signed-3363792920
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3363792920
 revocation-check none
 rsakeypair TP-self-signed-3363792920
!
!
crypto pki certificate chain TP-self-signed-3363792920
 certificate self-signed 01 nvram:IOS-Self-Sig#1.cer
username Cisco privilege 15 password 7 106D000A0618
!
!
bridge irb
!
!
!
interface Dot11Radio0
 no ip address
 !
 encryption mode ciphers aes-ccm 
 !
 ssid Doerk_2
 !
 antenna gain 0
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 !
 encryption mode ciphers aes-ccm 
 !
 ssid Doerk_2
 !
 antenna gain 0
 peakdetect
 no dfs band block
 channel 5180
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
 no ip address
 duplex auto
 speed auto
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface GigabitEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface BVI1
 mac-address 00fe.c87f.6818
 ip address dhcp client-id GigabitEthernet0
 ipv6 address dhcp
 ipv6 address autoconfig
 ipv6 enable
!
ip forward-protocol nd
no ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
 login local
 transport input all
!
end

i use this commands for the second ap, but i don`t know the comands for the first ap

configure terminal

ip default-gateway 192.168.178.1       



dot11 ssid Doerk_2
guest-mode                     
authentication open            
authentication key-management wpa version 2      
wpa-psk ascii 12345678        
exit



interface dot11Radio 0                 
encryption mode ciphers aes-ccm tkip      
ssid Doerk_2
channel least-congested             
no shutdown                         
exit



dot11 ssid Doerk_2
guest-mode                     
authentication open            
authentication key-management wpa version 2      
wpa-psk ascii 12345678                                                  
exit



interface dot11Radio 1                
encryption mode ciphers aes-ccm tkip      
ssid Doerk_2
channel  36                        
no shutdown                        


dot11 ssid Doerk_2
guest-mode                     
authentication open            
authentication key-management wpa version 2      
wpa-psk ascii 12345678        
exit



interface dot11Radio 0                 
encryption mode ciphers aes-ccm tkip      
ssid Doerk_2
channel least-congested             
no shutdown                         
exit

 Mfg

Dirk

Labels:
0 Helpful
1 Reply 1

pieterh
VIP
VIP

‎07-07-2021 02:31 AM

the second ap misses the

-  ip http authentication local

command which may cause the problem logging into the web-interface ?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card