Revision as of 19:27, 21 April 2022 by Clive (talk | contribs) (→‎Apparently working with VLANs and public ssid)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Empire

Wireless-New

Configuration

Cisco 1600
Hostname BVI IP Location Notes
PDAP-1 10.2.1.1
PDAP-2 10.2.1.2
PDAP-3 10.2.1.3
PDAP-4 10.2.1.4
PDAP-5 10.2.1.5
PDAP-6 10.2.1.6
PDAP-7 10.2.1.7
PDAP-8 10.2.1.8
PDAP-9 10.2.1.9
PDAP-10 10.2.1.10
PDAP-11 10.2.1.11
PDAP-12 10.2.1.12
PDAP-13 10.2.1.13
PDAP-14 10.2.1.14
PDAP-15 10.2.1.15
PDAP-16 10.2.1.16
PDAP-17 10.2.1.17
PDAP-18 10.2.1.18
PDAP-19 10.2.1.19
PDAP-20 10.2.1.20
Cisco 702W
Hostname BVI IP Location Notes
PDAP-30 10.2.1.30
PDAP-31 10.2.1.31
PDAP-32 10.2.1.32
PDAP-33 10.2.1.33
PDAP-34 10.2.1.34
PDAP-35 10.2.1.35
PDAP-36 10.2.1.36
PDAP-37 10.2.1.37
PDAP-38 10.2.1.38
PDAP-39 10.2.1.39

Config file 1600

Dot11 ssid PDCREW
authentication open
authentication key-management wpa
wpa-psk ascii ******
Guest-mode
Exit

Dot11 ssid PD_BACK
authentication open
authentication key-management wpa
wpa-psk ascii ******
infrastructure-ssid optional
Exit

Int dot11 0
world-mode dot11d country-code GB outdoor
speed range
power local maximum
encryption mode ciphers tkip
dot11 extension aironet
ssid PDCREW
Stat root access
No shut
Exit

Int dot11 1
world-mode dot11d country-code GB outdoor
speed range
power local maximum
encryption mode ciphers tkip
dot11 extension aironet
ssid PDCREW
ssid PD_BACK
station-role root access-point fallback repeater
No shut
Exit

Config file 702

Dot11 ssid PDCREW
authentication open
authentication key-management wpa
wpa-psk ascii ******
Guest-mode
Exit


Int dot11 0
world-mode dot11d country-code GB outdoor
speed range
power local maximum
encryption mode ciphers tkip
dot11 extension aironet
ssid PDCREW
Stat root access
No shut
Exit

Int dot11 1
world-mode dot11d country-code GB outdoor
speed range
power local maximum
encryption mode ciphers tkip
dot11 extension aironet
ssid PDCREW
station-role root access-point
No shut
Exit

VLAN attempt to give us PB_PUBLIC (WIP)

hostname PDAP-8

interface BVI 1
ip address 10.2.1.8 255.0.0.0
ex

dot11 vlan-name BACKHAUL vlan 1
dot11 vlan-name CREW vlan 12
dot11 vlan-name PUBLIC vlan 13

bridge irb

dot11 ssid PD_BACK
vlan 1
authentication open
authentication key-management wpa
wpa-psk ascii ********
infrastructure-ssid
ex

dot11 ssid PDCREW
vlan 12
authentication open
authentication key-management wpa
wpa-psk ascii *******
mbssid guest-mode
ex

dot11 ssid PD_PUBLIC
vlan 13
mbssid guest-mode
authentication open
authentication key-management wpa
wpa-psk ascii ********
mbssid guest-mode
ex


interface GigabitEthernet 0
no ip address
no ip route-cache
bridge-group 1
ex

interface dot11Radio 0
world-mode dot11d country-code GB outdoor
speed range
power local maximum
mbssid
encryption vlan 13 mode ciphers tkip
encryption vlan 12 mode ciphers tkip
ssid PDCREW
ssid PD_PUBLIC
station-role root access-point
no shut
ex

int dot11Radio 0.1
encapsulation dot1Q 1 native
bridge-group 1
ex

int dot11Radio 0.12
encapsulation dot1Q 12
bridge-group 1
ex

int dot11Radio 0.13
encapsulation dot1Q 13
bridge-group 1
ex


int dot11Radio 1.1
encapsulation dot1Q 1 native
bridge-group 1
ex

int dot11Radio 1.12
encapsulation dot1Q 12
bridge-group 1
ex

int dot11Radio 1.13
encapsulation dot1Q 13
bridge-group 1
ex

interface dot11Radio 1
world-mode dot11d country-code GB outdoor
speed range
power local maximum
encryption vlan 1 mode ciphers tkip
ssid PD_BACK
station-role root access-point fallback repeater
no shut
ex

bridge 1 protocol ieee
bridge 1 route ip
dot11 network-map

Apparently working with VLANs and public ssid

  1. Process, copy the config below, edit it to replace the AP name and BVI address to match. Set the passwords
  2. Connect to the AP via the console port
  3. `enable` to get control
  4. `write erase` to clear the existing config
  5. `reload` confirm when promted. You do not want to copy any changes if asked
  6. when the AP has restarted, once again `enable`
  7. `conf t` to enter config mode
  8. paste in your config
  9. `write mem` to save the config
  10. wait for about a minute you should see chatter about the radio doing things
hostname PDAP-18
!
!
!
dot11 syslog
dot11 vlan-name BACKHAUL vlan 1
dot11 vlan-name CREW vlan 12
dot11 vlan-name PUBLIC vlan 13
!
dot11 ssid PDCREW
   vlan 12
   authentication open
   authentication key-management wpa
   mbssid guest-mode
   wpa-psk ascii *****
!
dot11 ssid PD_BACK
   authentication open
   authentication key-management wpa
   infrastructure-ssid
   wpa-psk ascii *****
!
dot11 ssid PD_PUBLIC
   vlan 13
   authentication open
   mbssid guest-mode
!
!
dot11 network-map
dot11 guest
!
!
bridge irb
!
!
!
interface Dot11Radio0
 no ip address
 !
 encryption vlan 1 mode ciphers tkip
 !
 encryption vlan 12 mode ciphers tkip
 !
 ssid PDCREW
 !
 ssid PD_PUBLIC
 !
 mbssid
 world-mode dot11d country-code GB outdoor
 speed range
 power local maximum
 station-role root access-point
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.12
 encapsulation dot1Q 12
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio0.13
 encapsulation dot1Q 13
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 !
 encryption mode ciphers tkip
 !
 ssid PD_BACK
 !
 world-mode dot11d country-code GB outdoor
 speed range
 power local maximum

 station-role root access-point fallback repeater
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface BVI1
 ip address 10.2.1.18 255.0.0.0
 no ip route-cache
!
bridge 1 protocol ieee
bridge 1 route ip
!
interface dot11Radio 0
no shut
interface dot11Radio 1
no shut
interface BVI 1
no shut
interface GigabitEthernet0
no shut

end
Retrieved from ‘https://www.profounddecisions.co.uk/mediawiki-crew-pd/index.php?title=Wireless-New&oldid=4852