cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2509
Views
5
Helpful
31
Replies

Cisco 1300's won't associated.

Michael Klick
Level 1
Level 1

I have one a Root Bridge. Its Software/Hardware is up.

The Non-Root Bridge never show Software/Hardware is up.

If I switch the Non-Root Bridge to AP they come up.

When the Non-Root Bridge boots the log says it is unable to associate.

  1. Triple checked password
  2. Latest version of OS.
  3. Even dedicated Non-Root to look just for this Root Bridge.
  4. Identical settings.

Why won't the interface come up - or is there a way to find WHY it won't associate? Some log?

 

 

31 Replies 31

Michael Klick
Level 1
Level 1

One more question:

With this, how do the Install Root-Bridge and Install Non-Root-Bridge settings work? After I set them what do I do?

Thanks,

 

 

few suggestion here

1. Remove all security settings & see whether those are associated in Open Auth

2. swap the roles (ie, current RB configure as NRB & current NRB as RB & see whether radio comes up)

 

HTH

Rasika

**** Pls rate all useful responses ****

I agree with Ras. Unwrap the complexity first. Also post the config of both please.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

I switched them both to instal mode and all interfaces are up.

I am going attached requested files.

Remove "optional"

infrastructure-ssid optional

 

Remove 
 

dot11 ssid autoinstall
   authentication open 
   guest-mode
   infrastructure-ssid
!

Lets clean that up first 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Ok I did it on both. Association still not happening. I have attached the console log of its attempts.

 

 

I assume these are setup on a desk next to each other and they have antennas attached .. ?

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Repost your latest config on both sides after the changes you did ..

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Right George. I removed any config I did and put one in Bridge Install Mode and the other in Root Bridge install mode.

For the first time they are associating.

Now I would like to secure them, encrypt the traffic and get them out of install mode. Can you show me?

Attached are both show runs and logs from both.

Im concerned because it shows it was dropping in the logs. I think your issue was the infrastructure SSID command. Thats required, not optional.

Do you have plans on doing VLANs across this thing or just a simple layer 2 to pass traffic ? 

 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

BTW - Install mode puts the radio signal strength in the CLI  / LOG .. This is why you see all those readings ..

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

What security did you have in mind ? EAP, PSK ? 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

WPA is what I am thinking. But whatever you think best. WPA with shared key.

WPA2 PSK .. is a simple and secure way ..


You need to config 2 spots ..

1) Under dot11 ssid you need to enter the below.. Add your key .. 

 

dot11 ssid (your ssid)
   authentication open
   authentication key-management wpa version 2
   infrastructure-ssid
   wpa-psk ascii XXXXXXXXX


2) drop into the radio you are using and put " encryption mode ciphers aes-ccm ". This tells the radio to use AES-CCM (WPA2 AES). If you are doing vlans then you need to do each vlan here. If not, then just drop this in under dot11radioX.

interface Dot11Radio1
 no ip address
 !
 encryption mode ciphers aes-ccm 

 

 

Do this to both sides.

 

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
Review Cisco Networking for a $25 gift card