03-15-2006 12:34 PM - edited 07-04-2021 11:47 AM
I have 2 Cisco Airnet 1310 ( outside ) Wireless access-point/Bridges. What I need is the easies way to set these up in a Bridge configuration ( With each other. WE have a remote building that is Cost Prohibitive to run Fiber cable to. I run several Vlan's on my network and the remote building will need to access 3 of the vlans. So I need these Wireless bridges to trunk the link between them. I also need the highest encryption on the Wireless that the 1310 can handle.
Any suggestions
03-15-2006 01:29 PM
You can trunk up to 16 VLANs between two 1310 bridges.
Configure one bridge as root-bridge, the other as non-root.
The "wireless" trunk is configured with a single SSID.
The management IPs of the bridges must be in the native VLAN.
For a simple PtP link I'd suggest using WPA-PSK for key management
with AES-CCMP encryption and a random string as PSK.
Using AES-CCMP doesn't support concatenation. If you need the
additional performance from concatenation use TKIP for encryption.
With the latest IOS version, all this can be configured from the GUI.
Below are the relevant parts for the CLI configuration of the root-bridge
(VLANS 101-103, 999 native)
dot11 ssid BRIDGE-SSID
vlan 999
authentication open
authentication key-management wpa
infrastructure-ssid
wpa-psk hex C0B3F98C9C33B75C298AEFAF865290BE7DDD15D563B0DAF644CC41EFC74CA29A
interface Dot11Radio0
encryption vlan 999 mode ciphers aes-ccm
ssid BRIDGE-SSID
station-role root
interface Dot11Radio0.101
encapsulation dot1Q 101
no ip route-cache
bridge-group 101
bridge-group 101 spanning-disabled
!
interface Dot11Radio0.102
encapsulation dot1Q 102
no ip route-cache
bridge-group 102
bridge-group 102 spanning-disabled
!
interface Dot11Radio0.103
encapsulation dot1Q 103
no ip route-cache
bridge-group 103
bridge-group 103 spanning-disabled
!
interface Dot11Radio0.999
encapsulation dot1Q 999 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
!
interface FastEthernet0.101
encapsulation dot1Q 101
no ip route-cache
bridge-group 101
bridge-group 101 spanning-disabled
!
nterface FastEthernet0.102
encapsulation dot1Q 102
no ip route-cache
bridge-group 102
bridge-group 102 spanning-disabled
!
interface FastEthernet0.103
encapsulation dot1Q 103
no ip route-cache
bridge-group 103
bridge-group 103 spanning-disabled
!
interface FastEthernet0.999
encapsulation dot1Q 999 native
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 172.17.172.17 255.255.255.248
03-16-2006 06:19 AM
So according to your config above I have to set up seperate Radio and Fast Ethernet interfaces for each of the Vlans that I want to pass through the Bridge?
03-16-2006 09:27 AM
In a similar configuration, I need to connect, at the end Switch 2950, in the non-root bridge side, some Acces Point (Linksys). But no work, somebody know why. This AP is conneted through a VLAN port in the end switch.
If I connect this Ap in the other Switch, whitout the bridges (in the main switch), it works properly.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide