how do you create an open ssid?

Unanswered Question
Apr 11th, 2008

I want to create an open ssid with no authentication. How can I do this? When I use "authentication open" and "guest mode" i pick up the network but it shows it as secure.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
wiluszm Sat, 04/12/2008 - 11:57

I'm assuming this is a question about unified wireless (LWAPP)... sorry if I got it wrong. To make the SSID "open," set the Layer 2 security option under the created SSID as "None." This will leave the WLAN open with no encryption. Also make sure you're broadcasting the SSID (should be a check box under the WLAN). Hope this helps!

-Mike

http://cs-mars.blogspot.com

bcolvin Sat, 04/12/2008 - 12:27

Sounds like you have some old Security settings in there.

Step 1. With the WEB interface select System software, Config, and reset to defaults except IP address.

Step 2. express setup set your SSID; you AP should be open to ALL.

Step 3. chose guest mode again to broadcat SSID

Enjoy

Bill

bcolvin Wed, 04/23/2008 - 14:14

Hi

Due to the number of inter related settings in the AP I strongly suggest you use the GUI for the initial setup. once you have the AP configured you can display the saved/runnig config and see the command line. you cna then disable the GUI with the no HTTP server command if you need to for security reasons.

the other method to reset the AP is to hold down the mode button and then apply power and wait for the light to turn yellow and then release the mode button your AP will then be reset to default config.

HTH

Bill

MZydorczyk2 Thu, 04/24/2008 - 07:58

i have enabled the http server and it already had an ip address but when I go the the address in my browser it doesnt show anything.

MZydorczyk2 Thu, 04/24/2008 - 08:24

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname extra_ap

!

enable secret

!

ip subnet-zero

no ip domain lookup

ip domain name ---

ip name-server ---

!

aaa new-model

!

!

aaa group server radius rad_eap

server ---- auth-port 1812 acct-port 1813

!

aaa group server radius rad_mac

server --- auth-port 1812 acct-port 1813

!

aaa group server radius rad_acct

server ---- auth-port 1812 acct-port 1813

!

aaa group server radius rad_admin

!

aaa group server radius rad_pimp

!

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods group rad_mac

aaa authorization exec default local

aaa authorization ipmobile default group rad_pmip

aaa accounting network acct_methods start-stop group rad_acct

aaa session-id common

dot11 holdoff-time 600

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers tkip wep128

!

broadcast-key change 60

!

!

ssid ecc

authentication open eap eap_methods

authentication network-eap eap_methods mac-address mac_methods

authentication key-management wpa

accounting acct_methods

!

ssid test

authentication open

guest-mode

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

rts threshold 2312

channel 2437

station-role root fallback shutdown

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio0.1

no ip route-cache

shutdown

!

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface BVI1

ip address ---

no ip route-cache

!

ip default-gateway ----

ip http server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100

ip radius source-interface BVI1

logging trap debugging

logging facility local2

logging ----

access-list 2 permit ---- log

access-list 3 deny any log

snmp-server group eccread v3 auth read internetview access 2

snmp-server group eccwrite v3 auth write internetview access 2

snmp-server view internetview internet included

snmp-server community readonly RO 2

snmp-server community readwrite RW 2

snmp-server community public RO 3

snmp-server community private RW 3

snmp-server location NI1013

snmp-server contact ECC

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps tty

snmp-server enable traps entity

snmp-server enable traps disassociate

snmp-server enable traps authenticate-fail

snmp-server enable traps config

snmp-server enable traps syslog

snmp-server enable traps aaa_server

snmp-server enable traps rogue-ap

snmp-server host ---- version 2c aptrap

radius-server host ------ auth-port 1812 acct-port 1813 key 7 ---

radius-server attribute 32 include-in-access-req format %h

radius-server authorization permit missing Service-Type

radius-server vsa send accounting

bridge 1 route ip

!

!

line con 0

line vty 0 4

transport input ssh

line vty 5 15

transport input ssh

!

ntp clock-period 2860636

ntp server -----

end

MZydorczyk2 Fri, 04/25/2008 - 07:23

What I am trying to do is create an SSID with complete open access and another SSID that goes to a radius (which is already set up on the access points). I want both of these ssid's to be on the same access point. Is it possible to do this? I was told you have to have 2 separate dot11 interfaces but this access point only has one dot11 interface, as you can see in the above config.

Actions

This Discussion

 

 

Trending Topics - Security & Network