10-11-2004 08:45 AM - edited 07-04-2021 10:03 AM
2 Sites - 500 yards line of site apart. A Cisco 1700 series router at each site with T1 connection back to main office and one open WIC interface.
Bought 2 1300 Aironet Devices to establish site-to-site connectivity between the 2 sites so if T1 line ever fails at either site, traffic can route over wireless link back to main office.
The only wireless connection I want to establish to the Wireless Bridge is the other Bridge - so what mode should I put them in? Also, should the bridges be in their own subnet or vlan?
10-11-2004 12:49 PM
You have to put the wireless bridges in another VLAN/IP subnet. 1310 and 1410 wireless bridges are layer 2 devices. They do not run an IP routing protocol. You can use spanning tree protocol to block the bridges in normal circumstances; however, it is no elegant.
I will put the 2 1310 bridges into a separate VLAN. Adjust the IP routing protocol metric; so that the T1 line is more preferrable.
As far as limiting the device associating to the root bridge, you have to use LEAP or MAC authentication. As bridge is a superset of AP, all AP function is provided by 1310 bridges. The only way to provide limited access is through authentication.
As MAC is easily hacked, I suggest you to use LEAP.
10-18-2004 02:09 PM
Dixho,
I have been having problems with LEAP on the non-root bridge.
I even have a TAC CASE# 600613147.
From the looks of it the radius server responds correctly with a user authenticated response when I do a " test aaa ...." command.
The root and the non-root bridge are all connected in one subnet. The non-root's default gateway is the root's router. The same situation as above except the primary route is the wifi bridge and the T1 is the backup.
With WEP or Open I have a connection so that takes out the antenna, wireless medium, and cable issues out of the picture.
Looks like there might be issues with the non-root on the radius level.
I am trying to get a handle on this radius debugs both from the bridge and from the radius server. If you have time I can send you the logs and see what your opinion is on the matter. Every time I look at your comments you always get a star so that says something about your ability to get the answer across. Thanks in advance! :-) Ed
10-20-2004 04:00 PM
I was working with you last Friday. I was the engineer who analyzed the debugs.
I talked to the SR owner. He is reproducing the problem in our lab.
10-20-2004 11:17 PM
Thanks for all your help. Hopefully we get a resolution.
:-) Ed
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide