NIgdy nie konfigurowalem ap-ka cisco, poczytalem troszke na grupie i mniej wiecej stworzylem konfig, na podstawie paru postów z sekcji wireless. AP zasilany jest z jakiegos Gigabit Injector Model PSE-1000D. Nie wiem czy to nie jest problemem ale interfejsy sa w stanie reset - caly czas.
Kod: Zaznacz cały
apek#sh ip int brief
Interface IP-Address OK? Method Status Protocol
BVI1 192.168.250.254 YES NVRAM up up
Dot11Radio0 unassigned YES NVRAM reset down
Dot11Radio0.7 unassigned YES unset reset down
Dot11Radio0.40 unassigned YES unset reset down
Dot11Radio0.50 unassigned YES unset reset down
Dot11Radio0.60 unassigned YES unset reset down
Dot11Radio1 unassigned YES NVRAM reset down
Dot11Radio1.7 unassigned YES unset reset down
GigabitEthernet0 unassigned YES NVRAM up up
GigabitEthernet0.7 unassigned YES unset up up
GigabitEthernet0.40 unassigned YES unset up up
GigabitEthernet0.50 unassigned YES unset up up
GigabitEthernet0.60 unassigned YES unset up up
apek#
apek#
apek#sh run
Building configuration...
Current configuration : 9344 bytes
!
! Last configuration change at 10:26:29 Warsaw Wed Mar 3 1993 by pavkoo
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname apek
!
!
logging rate-limit console 9
enable secret 5 XXX
!
aaa new-model
!
!
aaa authentication login default local group tacacs+
aaa authorization exec default local group tacacs+
aaa authorization network default local group tacacs+
!
!
!
!
!
aaa session-id common
clock timezone Warsaw 1 0
clock summer-time Warsaw recurring last Sun Mar 2:00 last Sun Oct 3:00
no ip routing
no ip cef
ip domain name edu.pl
ip name-server 194.204.152.34
ip name-server 8.8.8.8
ip name-server 77.223.243.28
ip name-server 194.204.159.1
ip name-server 4.2.2.2
!
!
!
dot11 syslog
dot11 vlan-name admin vlan 100
dot11 vlan-name dyrekcja vlan 40
dot11 vlan-name nauczyciele vlan 50
dot11 vlan-name pedagodzy vlan 60
!
dot11 ssid belfry
vlan 50
authentication open
authentication key-management wpa
guest-mode
mbssid guest-mode
infrastructure-ssid optional
wpa-psk ascii 7 XXX
!
dot11 ssid dyrekcja
vlan 40
authentication open
authentication key-management wpa
guest-mode
mbssid guest-mode
infrastructure-ssid optional
wpa-psk ascii 7 XXX
!
dot11 ssid mastah
vlan 100
authentication client username pavko password 7 XXX
mbssid guest-mode
!
dot11 ssid pedagodzy
vlan 60
authentication open
authentication key-management wpa
guest-mode
mbssid guest-mode
infrastructure-ssid optional
wpa-psk ascii 7 XXX
!
!
dot11 ids mfp distributor
dot11 ids mfp detector
dot11 ids mfp generator
power inline negotiation injector 0015.62e8.208c
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3009887632
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3009887632
revocation-check none
rsakeypair TP-self-signed-3009887632
!
!
crypto pki certificate chain TP-self-signed-3009887632
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33303039 38383736 3332301E 170D3933 30333031 30303034
34305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 30303938
38373633 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100AC5E 3E202E0F 895E0150 1DE640CE E3A8430A 75D3A79A 03461444 D3F6DA26
B445AB38 D93E782B 0D39FBCE 0B719C41 731D4898 D9D4C5F6 5CE5BF7F 165D9D8D
F8EDF1DF 570F8DCA 65BF8D22 5EFB47A8 64FA56DA DB27173C 8107B057 C511CB42
E81BE148 6DB69219 2957D582 5BE9E8EA F4170204 14578C3D 3407CDB1 24BA1354
7D750203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 148C008F 9E700D0F AD5255CA 9D89D9C8 6B577372 0B301D06
03551D0E 04160414 8C008F9E 700D0FAD 5255CA9D 89D9C86B 5773720B 300D0609
2A864886 F70D0101 05050003 8181005C 7BB9D41B 2637DBA4 63C8AB4B E1C42C98
7F5E8A5C 2AA3A82E 9BDBF707 64277FB3 A7836327 12473B49 EF8C5595 B2F77B05
929961BC CCB1F503 22A675AC 49806CDF B726234C 71B3212A 44C6F873 2F1DF98F
B29C8F0F DBD36433 239E9FC2 2D1D6310 BB2C90CB CB3855DA E0489C27 5422F1FB
E0D1F7EF 16FC2418 57BFA1AD 12035D
quit
username Cisco password 7 XXX
username pavkoo privilege 15 secret 5 XXX
!
!
ip ftp username ciskacz
ip ftp password 7 XXX
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh port 8642 rotary 1
ip ssh logging events
ip ssh version 2
bridge irb
!
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
antenna gain 0
mbssid
station-role root
!
interface Dot11Radio0.7
encapsulation dot1Q 7 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 40
bridge-group 40 subscriber-loop-control
bridge-group 40 spanning-disabled
bridge-group 40 block-unknown-source
no bridge-group 40 source-learning
no bridge-group 40 unicast-flooding
!
interface Dot11Radio0.50
encapsulation dot1Q 50
no ip route-cache
bridge-group 50
bridge-group 50 subscriber-loop-control
bridge-group 50 spanning-disabled
bridge-group 50 block-unknown-source
no bridge-group 50 source-learning
no bridge-group 50 unicast-flooding
!
interface Dot11Radio0.60
encapsulation dot1Q 60
no ip route-cache
bridge-group 60
bridge-group 60 subscriber-loop-control
bridge-group 60 spanning-disabled
bridge-group 60 block-unknown-source
no bridge-group 60 source-learning
no bridge-group 60 unicast-flooding
!
interface Dot11Radio1
no ip address
no ip route-cache
!
encryption vlan 100 mode ciphers aes-ccm
!
encryption mode ciphers aes-ccm
!
ssid mastah
!
antenna gain 0
no dfs band block
mbssid
channel dfs
station-role root
!
interface Dot11Radio1.7
encapsulation dot1Q 7 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
!
interface GigabitEthernet0.7
encapsulation dot1Q 7 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface GigabitEthernet0.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 40
bridge-group 40 spanning-disabled
no bridge-group 40 source-learning
!
interface GigabitEthernet0.50
encapsulation dot1Q 50
no ip route-cache
bridge-group 50
bridge-group 50 spanning-disabled
no bridge-group 50 source-learning
!
interface GigabitEthernet0.60
encapsulation dot1Q 60
no ip route-cache
bridge-group 60
bridge-group 60 spanning-disabled
no bridge-group 60 source-learning
!
interface BVI1
ip address 192.168.250.254 255.255.255.0 **(ip zarzadzajace dla vlan 250 nie wiem czy nie powinno byc dla int gi0.250)**
no ip route-cache
!
ip default-gateway 192.168.250.1
ip forward-protocol nd
ip http server
ip http authentication aaa
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
logging trap debugging
logging facility local6
snmp-server community public RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps entity
snmp-server enable traps disassociate
snmp-server enable traps deauthenticate
snmp-server enable traps authenticate-fail
snmp-server enable traps dot11-qos
snmp-server enable traps switch-over
snmp-server enable traps rogue-ap
snmp-server enable traps wlan-wep
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps syslog
snmp-server enable traps cpu threshold
snmp-server enable traps aaa_server
snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down
snmp-server host 10.2.6.2 public
tacacs-server host 10.2.6.2
tacacs-server key 7 XX
!
bridge 1 route ip
!
!
banner login ^C
--=========================================================--
bzzz
--=========================================================--
^C
banner motd ^C
--=========================================================--
bzzz
--=========================================================--
^C
!
line con 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
privilege level 15
logging synchronous
transport input ssh
transport output all
flowcontrol software out
!
end
Kod: Zaznacz cały
*Mar 1 00:00:19.659: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:20.043: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:00:20.043: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:00:36.827: %CDP_PD-4-POWER_OK: Full power - INJECTOR_CONFIGURED_ON_CURRENT_PORT inline power source
*Mar 1 00:00:37.827: %DOT11-4-NO_SSID_VLAN: No SSID with VLAN configured. Dot11Radio0 not started.
*Mar 1 00:00:38.827: %DOT11-4-NO_SSID_VLAN: No SSID with VLAN configured. Dot11Radio1 not started.
Http mnie przerazilo i nie chce konfigurowac tego via www.
Kod: Zaznacz cały
apek#sh inv
NAME: "AP1600", DESCR: "Cisco Aironet 1600 Series (IEEE 802.11n) Access Point"
PID: AIR-SAP1602E-E-K9 , VID: V01, SN: FGL1801X3E0