Help With Multiple WAPs & Multiple SSIDs

Unanswered Question
Dec 5th, 2007

I just inherited a wireless LAN that is using 5 1230 WAP devices, all using a single SSID configured for 1) open authentication, 2) mandatory WPA key mgmt, 3) hex SSID key, and 4) cipher TKIP encryption. Everything works fine, but now I have to add a device to the network that only supports 13-character ASCII SSID and 128bit encryption. So I changed the settings on the 1230 closest to the new device to 1) optional WPA, 2) cipher TKIP + WEP 128bit, and then 3) created a new SSID with a 13-character ASCII key. In the web interface Association list I can see the new SSID and the device listed, but the device has no IP address and I can't ping it across the network. I've tried using a static IP and DHCP on the device (it's a Toshiba projector) and it just can't communicate with the network. Do I need to make the configuration changes to each WAP in the network? What else am I missing? Thanks!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
theo_chimbga Wed, 12/05/2007 - 17:06

Sounds like by creating a new SSID you're effectively creating a separate network. Even if the Toshiba has the same IP address as other devices,it is effectively on another network so it won't communicate without some form of routing. Does the projector need to connect to all APs or it is fixed in one location?

Jasona2112 Wed, 12/05/2007 - 17:15

The projector will be stationary and I have a WAP about 5' away from it. I just need it to be accessible to the other pc's on the LAN for presentations but it won't support the configuration we are using for our WAPs. It's a goofy design - the projector has an ethernet port but it's not networkable, it communicates strictly by wireless or by VGA cable....

theo_chimbga Wed, 12/05/2007 - 18:45

I need to try this out. In the mean time, assuming you can restore AP and it won't cause too much disruption, delete the SSID on the AP nearest the projector. Re-create it using Web interface Express Security, choosing lowest security that projector supports. Set static IP on projector. If you can ping projector from network then you know your projector works on WLAN. Next step is to figure out how to retain TKIP for your clients and WEP for projector without creating VLANs. Will sleep on it....

theo_chimbga Thu, 12/06/2007 - 08:08

I can't figure any way of keeping both TKIP for your wireless clients and using WEP for the projector without setting up 2 SSIDs on the AP, each associated to a different VLAN. Hope this helps. Theo

NorthgateIS Tue, 04/01/2008 - 05:11

Did you find a solution to this problem as I have a similar issue with a Panasonic projector.

Clients cannot be changed and use wep mandatory getting the wep key from the ACS. The projector has got to be static wep so even with different ssid's and vlan's it fails as you cannot seem to put different encryption methods on a single dot1 radio interface.

Any ideas?

Scott Fella Tue, 04/01/2008 - 08:52

You should be able to create another SSID just suing static WEP. What type of AP and what code are you running.

NorthgateIS Tue, 04/01/2008 - 11:10

Hi,

Its a 1231 running c1200-k9w7-mx.123-8.JEC1

Part config is as follows:-

!

dot11 ssid Projectors

vlan 1

authentication open mac-address mac_methods

!

dot11 ssid XXXXXXXXXX

vlan 3

authentication open eap eap_methods

guest-mode

nterface Dot11Radio0

no ip address

no ip route-cache

!

encryption vlan 3 mode wep mandatory mic key-hash

!

encryption vlan 1 key 1 size 128bit 7 06061D688B874859701297485642 transmit-key

encryption vlan 1 mode wep mandatory

2 subinterfaces for the vlans are configured under FA0 and Dot1Radio 0

Error I see when debugging is that although the projector has the correct SSID etc and attempts to auth, fails due to not supporting mic key hash

Actions

This Discussion