08-23-2007 09:40 AM - edited 07-03-2021 02:31 PM
I have two AP1232AG and I want to use them to create a backup link between 2 building.
If possible, I don't want to use a external authentication server.
Can someone help me built the configuration ?
08-23-2007 12:00 PM
This is what I did for the Root-Bridge:
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Bclap-ad01
!
enable secret xxx
!
ip subnet-zero
!
!
aaa new-model
!
!
aaa group server radius rad_eap
server 172.30.103.109 auth-port 1812 acct-port 1813
!
aaa authentication login eap_methods group rad_eap
aaa session-id common
!
dot11 ssid Wireless-Bridge
authentication network-eap eap_methods
!
!
!
username Cisco password xxx
!
bridge irb
!
!
interface Dot11Radio0
description 802.11G Radio
no ip address
no ip route-cache
shutdown
!
encryption key 1 size 128bit xxx transmit-key
encryption mode wep mandatory
!
ssid Wireless-Bridge
!
speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
channel 2437
station-role root bridge
rts threshold 2312
distance 2
antenna receive right
antenna transmit right
antenna gain 14
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
dfs band 3 block
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled
!
interface BVI1
ip address dhcp client-id FastEthernet0
no ip route-cache
!
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
radius-server local
no authentication eapfast
no authentication mac
nas 172.30.103.109 key 7 00171B07165E0F391C244F5C0C0D
user Chapais-AP nthash xxx
!
radius-server attribute 32 include-in-access-req format %h
radius-server host 172.30.103.109 auth-port 1812 acct-port 1813 key xxx
radius-server vsa send accounting
!
control-plane
!
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
!
end
Any comments or suggestions ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide