Hi guys,

you've probably been asked this before, but im after some advise for my cisco ap, its a 3702i running in autonomous mode.

i believe it has radios 0,1,2 but im a bit clueless as to what or how i configure these, currently i have the below which seems to work partly.

the way i want it is to have 3 ssids, each on different vlans, being routed through a trunk to my 2951 router. it maybe a fluke that this works to be honest, im only using david_and_emma ssid at moment.

just after recommendations on how i can improve this ? changes are welcome to config. id like my wireless configured more appropriately too as the walls in my house are stone.

also, whats Dot11Radio2 used for ? i cannot understand that ....

bigfrost-cisco3702i#show running-config
Building configuration...

Current configuration : 12000 bytes
!
! Last configuration change at 16:25:47 GMT Tue Dec 24 2019 by sivesrutherfordd
! NVRAM config last updated at 16:32:36 GMT Tue Dec 24 2019 by sivesrutherfordd
! NVRAM config last updated at 16:32:36 GMT Tue Dec 24 2019 by sivesrutherfordd
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname bigfrost-cisco3702i
!
!
logging rate-limit console 9
enable secret 5 ###############################
!
no aaa new-model
clock timezone GMT 0 0
no ip source-route
ip routing
ip cef
ip domain name bigfrost.co.uk
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip name-server 193.36.79.101
ip name-server 193.36.79.100
ip dhcp excluded-address 192.168.0.30 192.168.0.39
ip dhcp excluded-address 192.168.1.50 192.168.1.254
ip dhcp excluded-address 192.168.2.50 192.168.2.254
ip dhcp excluded-address 192.168.3.50 192.168.3.254
!
ip dhcp pool bigfrost-dave_and_emma
import all
network 192.168.0.0 255.255.255.0
dns-server 8.8.8.8 8.8.4.4 193.36.79.101 193.36.79.100
domain-name the-bigfrost.co.uk
default-router 192.168.0.100
lease 0 10
!
ip dhcp pool bigfrost-lab
import all
network 192.168.2.0 255.255.255.0
domain-name the-bigfrost.co.uk
dns-server 8.8.8.8 8.8.4.4 193.36.79.101 193.36.79.100
default-router 192.168.2.100
lease 0 10
!
ip dhcp pool visitor
import all
network 192.168.3.0 255.255.255.0
domain-name the-bigfrost.co.uk
dns-server 8.8.8.8 8.8.4.4 193.36.79.101 193.36.79.100
default-router 192.168.3.100
lease 0 10
!
ip dhcp pool Sony-Z5-Premium
host 192.168.0.50 255.255.255.0
client-identifier 0158.4822.79ae.1d
client-name Sony-Z5-Premium
!
ip dhcp pool Sony-xz-Premium
host 192.168.0.51 255.255.255.0
client-identifier 0184.c7ea.942b.f5
client-name Sony-xz-Premium
!
ip dhcp pool Microsoft-SurfacePro
host 192.168.0.60 255.255.255.0
client-identifier 0100.051b.d12f.81
client-name Microsoft-SurfacePro
!
ip dhcp pool Yamaha-RX-777
host 192.168.0.80 255.255.255.0
client-identifier 0100.a0de.b74c.6d
client-name Yamaha-RX-777
!
ip dhcp pool Microsoft-XBOX-One-S
host 192.168.0.81 255.255.255.0
client-identifier 0194.9aa9.5f22.1d
client-name Microsoft-XBOX-One-S
!
ip dhcp pool Amazon-Fire-TV
host 192.168.0.82 255.255.255.0
hardware-address 00bb.3ae6.5b0b
client-name Amazon-Fire-TV
!
ip dhcp pool Lightwave-RF-Hub
host 192.168.0.90 255.255.255.0
hardware-address 740a.bc03.379f
client-name Lightwave-RF-Hub
!
ip dhcp pool AppleMac-Pro-11
host 192.168.0.2 255.255.255.0
client-identifier 0100.17f2.0992.f5
client-name AppleMac-Pro-11
!
ip dhcp pool Samsung-UE55JS8500-Wired
host 192.168.0.83 255.255.255.0
client-identifier 0114.bb6e.6c84.fc
client-name Samsung-UE55JS8500-Wired
!
ip dhcp pool SamsungUE55JS8500-Wireless
host 192.168.0.84 255.255.255.0
client-identifier 01fc.f136.61d7.0c
!
ip dhcp pool UCAM247-NC308W-Living
host 192.168.0.91 255.255.255.0
client-identifier 017c.dd90.710c.88
client-name UCAM247-NC308W-Living
!
ip dhcp pool UCAM247-NC308W-Dining
host 192.168.0.92 255.255.255.0
client-identifier 017c.dd90.7380.14
client-name UCAM247-NC308W-Dining
!
ip dhcp pool OS-Debian10-Freya
host 192.168.0.44 255.255.255.0
hardware-address 000c.2954.646a
client-name OS-Debian10-Freya
!
ip dhcp pool HP-DeskJet-2632
host 192.168.0.70 255.255.255.0
client-identifier 01e4.e749.e0a7.b6
client-name HP-DeskJet-2632
!
ip dhcp pool bigfrost-gaming
import all
network 192.168.1.0 255.255.255.0
domain-name the-bigfrost.co.uk
dns-server 8.8.8.8 8.8.4.4 193.36.79.101 193.36.79.100
default-router 192.168.1.100
lease 0 10
!
ip dhcp pool HP-LaserJet-4050TN
host 192.168.0.71 255.255.255.0
hardware-address 0030.c12d.4fae
client-name HP-LaserJet-4050TN
!
ip dhcp pool HP-OfficeJet-4500
host 192.168.0.72 255.255.255.0
client-name HP-OfficeJet-4500
!
ip dhcp pool OS-Windows98-Frigg
host 192.168.0.4 255.255.255.0
client-identifier 0100.0c29.5f05.dd
client-name OS-Windows98-Frigg
!
ip dhcp pool OS-Windows10-Midgard
host 192.168.0.1 255.255.255.0
client-identifier 0140.167e.add9.84
client-name OS-Windows10-Midgard
!
ip dhcp pool OS-MacOSElCapitan-Hod
host 192.168.0.6 255.255.255.0
client-identifier 0100.17f2.0992.f4
client-name OS-MacOSElCapitan-Hod
!
ip dhcp pool OS-Android-Vale
host 192.168.0.52 255.255.255.0
client-identifier 0100.1dfe.e7c1.2a
client-name OS-Android-Vale
!
ip dhcp pool OS-Android-Vidar
host 192.168.0.53 255.255.255.0
client-identifier 0178.0cb8.e254.87
client-name OS-Android-Vidar
!
ip dhcp pool RING-Doorbell-Backyard
host 192.168.0.93 255.255.255.0
hardware-address 90e2.02a5.75f8
client-name RING-Doorbell-Backyard
!
ip dhcp pool Amazon-FireTVCube-LivingRoom
host 192.168.0.85 255.255.255.0
client-identifier 0160.6d3c.1a2d.2a
client-name Amazon-FireTVCube-LivingRoom
!
!
!
!
dot11 mbssid
dot11 pause-time 100
dot11 syslog
!
dot11 ssid bigfrost-dave_and_emma
vlan 1
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
dot11 ssid bigfrost-gaming
vlan 10
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
dot11 ssid bigfrost-lab
vlan 20
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
dot11 ssid bigfrost-visitor
vlan 30
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
!
!
!
no ipv6 cef
!
!
username Cisco password 7 ###############
username sivesrutherfordd privilege 15 secret ##########################
!
!
bridge irb
!
!
!
interface Dot11Radio0
no ip address
!
encryption vlan 10 mode ciphers aes-ccm tkip
!
encryption vlan 20 mode ciphers aes-ccm tkip
!
encryption vlan 30 mode ciphers aes-ccm tkip
!
encryption vlan 1 mode ciphers aes-ccm tkip
!
ssid bigfrost-dave_and_emma
!
ssid bigfrost-gaming
!
ssid bigfrost-lab
!
ssid bigfrost-visitor
!
antenna gain 0
stbc
channel 2412
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.10
encapsulation dot1Q 10
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 spanning-disabled
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
!
interface Dot11Radio0.20
encapsulation dot1Q 20
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 spanning-disabled
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
!
interface Dot11Radio0.30
encapsulation dot1Q 30
bridge-group 30
bridge-group 30 subscriber-loop-control
bridge-group 30 spanning-disabled
bridge-group 30 block-unknown-source
no bridge-group 30 source-learning
no bridge-group 30 unicast-flooding
!
interface Dot11Radio1
no ip address
!
encryption vlan 10 mode ciphers aes-ccm tkip
!
encryption vlan 20 mode ciphers aes-ccm tkip
!
encryption vlan 30 mode ciphers aes-ccm tkip
!
encryption vlan 1 mode ciphers aes-ccm tkip
!
ssid bigfrost-dave_and_emma
!
ssid bigfrost-lab
!
ssid bigfrost-visitor
!
antenna gain 0
peakdetect
no dfs band block
stbc
channel dfs
station-role root
!
interface Dot11Radio1.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1.10
encapsulation dot1Q 10
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 spanning-disabled
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
!
interface Dot11Radio1.20
encapsulation dot1Q 20
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 spanning-disabled
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
!
interface Dot11Radio1.30
encapsulation dot1Q 30
bridge-group 30
bridge-group 30 subscriber-loop-control
bridge-group 30 spanning-disabled
bridge-group 30 block-unknown-source
no bridge-group 30 source-learning
no bridge-group 30 unicast-flooding
!
interface Dot11Radio2
no ip address
!
encryption vlan 10 mode ciphers aes-ccm tkip
!
encryption vlan 20 mode ciphers aes-ccm tkip
!
encryption vlan 30 mode ciphers aes-ccm tkip
!
encryption vlan 1 mode ciphers aes-ccm tkip
!
ssid bigfrost-dave_and_emma
!
ssid bigfrost-lab
!
ssid bigfrost-visitor
!
antenna gain 0
stbc
no mbssid
station-role root
monitor frames endpoint ip address 0.0.0.1 port 10 truncate 0
!
interface Dot11Radio2.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio2.10
encapsulation dot1Q 10
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 spanning-disabled
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
!
interface Dot11Radio2.20
encapsulation dot1Q 20
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 spanning-disabled
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
!
interface Dot11Radio2.30
encapsulation dot1Q 30
bridge-group 30
bridge-group 30 subscriber-loop-control
bridge-group 30 spanning-disabled
bridge-group 30 block-unknown-source
no bridge-group 30 source-learning
no bridge-group 30 unicast-flooding
!
interface GigabitEthernet0
no ip address
duplex full
speed 1000
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface GigabitEthernet0.10
encapsulation dot1Q 10
bridge-group 10
bridge-group 10 spanning-disabled
no bridge-group 10 source-learning
!
interface GigabitEthernet0.20
encapsulation dot1Q 20
bridge-group 20
bridge-group 20 spanning-disabled
no bridge-group 20 source-learning
!
interface GigabitEthernet0.30
encapsulation dot1Q 30
bridge-group 30
bridge-group 30 spanning-disabled
no bridge-group 30 source-learning
!
interface BVI1
mac-address 5c83.8f03.7dc4
mtu 9014
ip address 192.168.0.102 255.255.255.0
ip virtual-reassembly in
!
interface BVI10
mac-address 5c83.8f03.7dc5
mtu 9014
ip address 192.168.1.102 255.255.255.0
ip virtual-reassembly in
!
interface BVI20
mac-address 5c83.8f03.7dc6
mtu 9014
ip address 192.168.2.102 255.255.255.0
ip virtual-reassembly in
!
interface BVI30
mac-address 5c83.8f03.7dc7
mtu 9014
ip address 192.168.3.102 255.255.255.0
ip virtual-reassembly in
!
ip forward-protocol nd
no ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip route 0.0.0.0 0.0.0.0 192.168.0.100
ip route 192.168.1.0 255.255.255.0 192.168.1.100
ip route 192.168.2.0 255.255.255.0 192.168.2.100
ip route 192.168.3.0 255.255.255.0 192.168.3.100
ip ssh version 2
!
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 10 protocol ieee
bridge 10 route ip
bridge 20 protocol ieee
bridge 20 route ip
bridge 30 protocol ieee
bridge 30 route ip
!
!
banner motd ^CCCCC
******************************************
* Unauthorized access prohibited
*
* You are connected to CISCO 3702i Access Point
* at ip 192.168.0.102
*
******************************************
^C
!
line con 0
line vty 0 4
exec-timeout 0 0
privilege level 15
login local
transport input ssh
!
sntp server 194.35.252.7
end

bigfrost-cisco3702i#