Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Aironet 2600 Series Standalone WPA+PSK

Is there a way to enable WPA/WPA2 PSK on these devices using the web configuration utility? This is a rather basic wireless task that seems impossible without going deep into the IOS CLI. All I need to do is set up a SSID to run on both radios (5G and 2.4G) with WPA+PSK (preferably AES, but I'll take TKIP only if need be).

If it can not be done via the web config is there a basic CLI reference to set up the device? I'm not doing anything advanced on it.

-Brian

Everyone's tags (3)
3 REPLIES
New Member

Aironet 2600 Series Standalone WPA+PSK

CLI is the way to go.

A basic setup would go like this.

From config mode:

dot11 ssid My SSID

authentication open

authentication key-management wpa version 2

mbssid guest-mode

wpa-psk ascii PreSharedKey

information-element ssidl

interface Dot11Radio0

encryption vlan 1 mode ciphers aes-ccm

ssid My SSID

interface Dot11Radio1

encryption vlan 1 mode ciphers aes-ccm

ssid My SSID

New Member

Aironet 2600 Series Standalone WPA+PSK

I don't have an issue using the GUI but I am having an issue to assign a VLAN to the radio 5GHZ.

This is what I have done:

Under SERVICES/VLAN I have created 3 VLANS: 10,30,60. I have checked both radios 2.4 and 5GHZ with VLAN 60 being the NATIVE.

Then under SECURITY\SSID MANAGER I created 3 SSID's. All SSID's should be on both radios but I am having a error mesage when I try to save:

VLAN (all VLANS) doesn't exist on RADIO1-802.11N 5Ghz (See services>VLAN)

Again, all VLANS have been set up with both radios.

Can you help?

Thank you

New Member

Aironet 2600 Series Standalone WPA+PSK

Use the CLI.

The web interface is full of bugs.

From Config mode

In my example VLAN 1 is native

Create & Assign VLANs:

dot11 vlan-name VLAN1 vlan 1

dot11 vlan-name VLAN10 vlan 10

dot11 vlan-name VLAN30 vlan 30

dot11 vlan-name VLAN60 vlan 60

dot11 ssid Network Secure

vlan 10

band-select

authentication open

authentication key-management wpa version 2

mbssid guest-mode

wpa-psk ascii PRE-SHARED-KEY

information-element ssidl

dot11 ssid Network Guest

vlan 30

band-select

authentication open

mbssid guest-mode

information-element ssidl

interface Dot11Radio0

encryption vlan 1 mode ciphers aes-ccm

encryption vlan 10 mode ciphers aes-ccm

encryption vlan 30 mode ciphers aes-ccm

encryption vlan 60 mode ciphers aes-ccm

ssid Network Secure

ssid Network Guest

interface Dot11Radio0.1

encapsulation dot1Q 1 native

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

interface Dot11Radio0.10

encapsulation dot1Q 10

bridge-group 10

bridge-group 10 subscriber-loop-control

bridge-group 10 spanning-disabled

bridge-group 10 block-unknown-source

no bridge-group 10 source-learning

no bridge-group 10 unicast-flooding

interface Dot11Radio0.30

encapsulation dot1Q 30

bridge-group 30

bridge-group 30 subscriber-loop-control

bridge-group 30 spanning-disabled

bridge-group 30 block-unknown-source

no bridge-group 30 source-learning

no bridge-group 30 unicast-flooding

interface Dot11Radio0.60

encapsulation dot1Q 60

bridge-group 60

bridge-group 60 subscriber-loop-control

bridge-group 60 spanning-disabled

bridge-group 60 block-unknown-source

no bridge-group 60 source-learning

no bridge-group 60 unicast-flooding

interface Dot11Radio1

encryption vlan 1 mode ciphers aes-ccm

encryption vlan 10 mode ciphers aes-ccm

encryption vlan 30 mode ciphers aes-ccm

encryption vlan 60 mode ciphers aes-ccm

ssid Network Secure

ssid Network Guest

interface Dot11Radio1.1

encapsulation dot1Q 1 native

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

interface Dot11Radio1.10

encapsulation dot1Q 10

bridge-group 10

bridge-group 10 subscriber-loop-control

bridge-group 10 spanning-disabled

bridge-group 10 block-unknown-source

no bridge-group 10 source-learning

no bridge-group 10 unicast-flooding

interface Dot11Radio1.30

encapsulation dot1Q 30

bridge-group 30

bridge-group 30 subscriber-loop-control

bridge-group 30 spanning-disabled

bridge-group 30 block-unknown-source

no bridge-group 30 source-learning

no bridge-group 30 unicast-flooding

interface Dot11Radio1.60

encapsulation dot1Q 60

bridge-group 60

bridge-group 60 subscriber-loop-control

bridge-group 60 spanning-disabled

bridge-group 60 block-unknown-source

no bridge-group 60 source-learning

no bridge-group 60 unicast-flooding

interface GigabitEthernet0.1

encapsulation dot1Q 1 native

bridge-group 1

bridge-group 1 spanning-disabled

no bridge-group 1 source-learning

!

interface GigabitEthernet0.10

encapsulation dot1Q 10

bridge-group 10

bridge-group 10 spanning-disabled

no bridge-group 10 source-learning

!

interface GigabitEthernet0.30

encapsulation dot1Q 30

bridge-group 30

bridge-group 30 spanning-disabled

no bridge-group 30 source-learning

!

interface GigabitEthernet0.60

encapsulation dot1Q 60

bridge-group 60

bridge-group 60 spanning-disabled

no bridge-group 60 source-learning

802
Views
4
Helpful
3
Replies
CreatePlease to create content