how do you create an open ssid?

Unanswered Question
Apr 11th, 2008

I want to create an open ssid with no authentication. How can I do this? When I use "authentication open" and "guest mode" i pick up the network but it shows it as secure.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
wiluszm Sat, 04/12/2008 - 11:57

I'm assuming this is a question about unified wireless (LWAPP)... sorry if I got it wrong. To make the SSID "open," set the Layer 2 security option under the created SSID as "None." This will leave the WLAN open with no encryption. Also make sure you're broadcasting the SSID (should be a check box under the WLAN). Hope this helps!


bcolvin Sat, 04/12/2008 - 12:27

Sounds like you have some old Security settings in there.

Step 1. With the WEB interface select System software, Config, and reset to defaults except IP address.

Step 2. express setup set your SSID; you AP should be open to ALL.

Step 3. chose guest mode again to broadcat SSID



bcolvin Wed, 04/23/2008 - 14:14


Due to the number of inter related settings in the AP I strongly suggest you use the GUI for the initial setup. once you have the AP configured you can display the saved/runnig config and see the command line. you cna then disable the GUI with the no HTTP server command if you need to for security reasons.

the other method to reset the AP is to hold down the mode button and then apply power and wait for the light to turn yellow and then release the mode button your AP will then be reset to default config.



MZydorczyk2 Thu, 04/24/2008 - 07:58

i have enabled the http server and it already had an ip address but when I go the the address in my browser it doesnt show anything.

MZydorczyk2 Thu, 04/24/2008 - 08:24

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption


hostname extra_ap


enable secret


ip subnet-zero

no ip domain lookup

ip domain name ---

ip name-server ---


aaa new-model



aaa group server radius rad_eap

server ---- auth-port 1812 acct-port 1813


aaa group server radius rad_mac

server --- auth-port 1812 acct-port 1813


aaa group server radius rad_acct

server ---- auth-port 1812 acct-port 1813


aaa group server radius rad_admin


aaa group server radius rad_pimp


aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods group rad_mac

aaa authorization exec default local

aaa authorization ipmobile default group rad_pmip

aaa accounting network acct_methods start-stop group rad_acct

aaa session-id common

dot11 holdoff-time 600


bridge irb



interface Dot11Radio0

no ip address

no ip route-cache


encryption mode ciphers tkip wep128


broadcast-key change 60



ssid ecc

authentication open eap eap_methods

authentication network-eap eap_methods mac-address mac_methods

authentication key-management wpa

accounting acct_methods


ssid test

authentication open



speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

rts threshold 2312

channel 2437

station-role root fallback shutdown

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled


interface Dot11Radio0.1

no ip route-cache



interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled


interface BVI1

ip address ---

no ip route-cache


ip default-gateway ----

ip http server

ip http help-path

ip radius source-interface BVI1

logging trap debugging

logging facility local2

logging ----

access-list 2 permit ---- log

access-list 3 deny any log

snmp-server group eccread v3 auth read internetview access 2

snmp-server group eccwrite v3 auth write internetview access 2

snmp-server view internetview internet included

snmp-server community readonly RO 2

snmp-server community readwrite RW 2

snmp-server community public RO 3

snmp-server community private RW 3

snmp-server location NI1013

snmp-server contact ECC

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps tty

snmp-server enable traps entity

snmp-server enable traps disassociate

snmp-server enable traps authenticate-fail

snmp-server enable traps config

snmp-server enable traps syslog

snmp-server enable traps aaa_server

snmp-server enable traps rogue-ap

snmp-server host ---- version 2c aptrap

radius-server host ------ auth-port 1812 acct-port 1813 key 7 ---

radius-server attribute 32 include-in-access-req format %h

radius-server authorization permit missing Service-Type

radius-server vsa send accounting

bridge 1 route ip



line con 0

line vty 0 4

transport input ssh

line vty 5 15

transport input ssh


ntp clock-period 2860636

ntp server -----


MZydorczyk2 Fri, 04/25/2008 - 07:23

What I am trying to do is create an SSID with complete open access and another SSID that goes to a radius (which is already set up on the access points). I want both of these ssid's to be on the same access point. Is it possible to do this? I was told you have to have 2 separate dot11 interfaces but this access point only has one dot11 interface, as you can see in the above config.


This Discussion



Trending Topics - Security & Network