top of page

Autonomous Cisco AP Configuration

ROOT#sh run
Building configuration...

Current configuration : 1987 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ROOT
!
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
!
!
!
dot11 ssid WLAN-G
   authentication open
   authentication key-management wpa version 2
   dot1x credentials test
   wpa-psk ascii 7 075E731F1A5C4F524F4B
!
!
!
username test
username warrensullivan privilege 15 password 7 04750E141D205B1F504E5D
username 00127f00841e password 7 06565F701E190F49554F465A09
username 00127f00841e autocommand exit
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption mode ciphers tkip
 !
 ssid WLAN-G
 !
 speed  basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
 channel 2412
 station-role root bridge wireless-clients
 cca 0
 concatenation
 infrastructure-client
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface BVI1
 ip address 192.168.1.199 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.1.254
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
bridge 1 route ip
!
!
!
line con 0
line vty 5 15
!
end

ROOT#


Upstairs_BR_Access#sh run
Building configuration...

Current configuration : 3631 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Upstairs_BR_Access
!
enable secret 5 $1$1OA2$Oo.BzSUuVqz17Px8XJrUd1
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
ip domain name WLAN
!
!
!
dot11 ssid WLAN-G
   authentication open
   authentication key-management wpa version 2
   infrastructure-ssid
   wpa-psk ascii 7 075E731F1A5C4F524F4B
!
!
crypto pki trustpoint TP-self-signed-2130740254
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2130740254
 revocation-check none
 rsakeypair TP-self-signed-2130740254
!
!
crypto pki certificate chain TP-self-signed-2130740254
 certificate self-signed 01
  3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32313330 37343032 3534301E 170D3032 30333031 30303433
  35365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 31333037
  34303235 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100E2A3 0C2A9D47 83AC6432 6651ECF9 EBDD8346 F697B5F4 35462A4C A59B2954
  83820C75 2EDCC988 DA76370C CE65C033 CBDF056E E15107DA 107B465E 95FC36C5
  46FD3315 C1D56466 A2881C6B 83696213 D91F3DDB 69804B7B F863BE53 B09E2DA6
  20D2E662 79A69C49 4D08C931 39382D7B 4185CDE5 177A8E7A B98B38A4 C414B90D
  537F0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
  551D1104 1B301982 17557073 74616972 735F4252 5F416363 6573732E 574C414E
  301F0603 551D2304 18301680 14E85DE0 8EA33FD2 60AF0F69 153B1732 34D2F865
  C2301D06 03551D0E 04160414 E85DE08E A33FD260 AF0F6915 3B173234 D2F865C2
  300D0609 2A864886 F70D0101 04050003 818100A7 551A8FB1 56D67339 8CB91D88
  5BC265D1 2991D266 1B59862B 2E33033A 05B80EB0 98D890FE D9CCDDE2 9DE3F404
  47D7496F 9C461C35 270CA468 6C0E0C22 FB951BB7 FBB6DC76 B499C7E7 539C1EED
  96961678 8D9C015D 54C92411 CCA90188 6739F890 C2C372DF A720F7E6 60211136
  722E7310 FE8971CC 3B6AADA3 044AC915 EC8CE2
  quit
username warrensullivan privilege 15 secret 5 $1$FTLO$y8yMs.HezEs0sGCQR7p6j/
username 000f90ac344e password 7 0256540B0D5F5F204F1D5D4D00
username 000f90ac344e autocommand exit
!
bridge irb
!
!
interface Dot11Radio0
 ip address 192.168.1.201 255.255.255.0
 no ip route-cache
 !
 encryption mode ciphers tkip
 !
 ssid WLAN-G
 !
 station-role non-root bridge wireless-clients
 mobile station scan 2412
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 bridge-group 1
 bridge-group 1 spanning-disabled
!
interface BVI1
 ip address 192.168.1.149 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.1.254
ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
access-list 111 permit tcp any any neq telnet
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
bridge 1 route ip
!
!
!
line con 0
 access-class 111 in
line vty 0 4
 access-class 111 in
 privilege level 15
!
end

bottom of page