Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Minimal functionality embedded access point

I would like to know why do my AP is so limited?

It looks like i can't do much with that... Info:

ap(config)#exit

ap#?

        configure                 Configuration method

        debug                     Debugging functions (see also 'undebug')

        no                        Disable debugging functions

        password                  New password (SPACE and TAB are not supported)

        ping                      Send echo messages

        show                      Show running system information

        terminal                  Set terminal line parameters

        undebug                   Disable debugging functions (see also 'debug')

ap#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

ap(config)#?

        do                        To run exec commands in config mode

        dot11                     IEEE 802.11 config commands

        end                       Exit from config mode

        exit                      Exit from config mode

        global-max-clients        Global Max Clients

        interface                 Select an interface to configure

ap(config)#int ?

        BVI                       Bridge-Group Virtual Interface

        Dot11Radio                IEEE 802.11 WLAN Interface

ap(config)#int dot11 ?

        <0-0>                     Dot11Radio interface number

ap(config)#int bvi ?  

        <1-1>                     BVI interface number

ap(config)#dot11 ? 

        guest-ssid                Configure radio Guest service set parameters

        ssid                      Configure radio Main service set parameters

ap(config)#

 

-----------------------------------------

 

Router

#sh ver

Cisco IOS Software, C860 Software (C860VAEW-ADVSECURITYK9-M), Version 15.3(3)M2, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2014 by Cisco Systems, Inc.

Compiled Thu 30-Jan-14 02:21 by prod_rel_team

 

ROM: System Bootstrap, Version 15.3(3r)M, RELEASE SOFTWARE (fc1)

 

Router uptime is 1 day, 1 hour, 10 minutes

System returned to ROM by power-on

System image file is "flash:c860vaew-advsecurityk9-mz.SPA.153-3.M2.bin"

Last reload type: Normal Reload

Last reload reason: power-on

 

 

 

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

          

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

          

If you require further assistance please contact us by sending email to

export@cisco.com.

          

Cisco C866VAE-W-E-K9 (revision 1.0) with 385024K/32768K bytes of memory.

Processor board ID GMK1730008Z

1 DSL controller

1 Ethernet interface

3 FastEthernet interfaces

4 Gigabit Ethernet interfaces

1 ATM interface

1 terminal line

1 Virtual Private Network (VPN) Module

255K bytes of non-volatile configuration memory.

131072K bytes system flash allocated 

          

          

          

Configuration register is 0x2102

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

While checking more details

While checking more details on this series of Router with embedded AP, it seems it is unlike the other models of 8xx series.

The C86xVAE-W router models (C866VAE-W-E-K9, C867VAE-W-E-K9, C867VAE-W-A-K9, C867VAE-POE-W-A-K9) contain an embedded AP called the AP860VAE. Unlike the AP801/AP802 in other 8xx routers, this AP does not run IOS, but is a Broadcom AP running Linux.  It can only run in autonomous mode (does not support CAPWAP).

The AP comes out of the box configured with 4 SSIDs, Cisco860, Cisco860_Guest1, Cisco860_Guest2, Cisco860_Guest3, with the Cisco860 SSID enabled and open.  A client can associate to the AP and will, by default, get an address from 10.10.10.0/29.  The AP's address is, by default, 10.10.10.2.
 
You can telnet to the AP CLI.  You can do this the same as you would with an AP801/AP802, i.e. reverse telnet out the router's line 2, i.e. telnet to the router's IP address, TCP port 2002.  It does not appear that the AP860VAE supports telnet or ssh itself.  It does have an HTTP GUI interface.
 
The default username/password on the AP860VAE is admin/admin.  You will be forced to change the password when you first log in.

Unfortunately, there is no VLAN support for the AP860VAE.  I.e. the Wlan-GigabitEthernet0 interface on the router must be an access port, and whatever VLAN that is in, that's what the AP860VAE - and all of its SSIDs - are in. CSCuo04717 Bug-Preview for CSCuo04717 has been filed as a doc bug, to reflect this clearly in documentation.

Ideally it is recommended to have most of the configuration using GUI which is much easier compared in CLI. 

Configuring steps from GUI are present here, please check :

Configuring WLAN using web-based interface

 -Thanks

Vinod

**Encourage Contributors. RATE Them.*

-Thanks Vinod **Rating Encourages contributors, and its really free. **
6 REPLIES
Cisco Employee

I am sure the 800 router

I am sure the 800 router series embedded AP's have almost all the necessary configuration required for an AP to work properly.

Following is the guide for Basic Wireless Configuration for Cisco 800 Series ISR. You have to be specific, on if you think the AP is missing some features in it:

http://www.cisco.com/c/en/us/td/docs/routers/access/800/software/configuration/guide/SCG800Guide/SCG800_Guide_BookMap_chapter_01001.html#con_1059792

Please check and verify if you think there is something missing as compared to the Cisco Unified Wireless infrastructure AP's.

-Thanks

Vinod

**Encourage Contributors. RATE Them.**

-Thanks Vinod **Rating Encourages contributors, and its really free. **
New Member

Hi, VinodThanks for you reply

Hi, Vinod

Thanks for you reply.

It seems that all docs are referring more to 880 and 890 and since i have a 860vae-w-e-k9 the cli commands are mostly not fitting i'll explain:

First i do not have the interface Wlan-ap0, it's just does not exist.

service-module wlan-ap 0

Interface Wlan-ap0 not producing any result my assumption is that the 860vaew model doesn't even have this interface in the build.

May be that this is my Wlan-gigabitethernet0 who knows??

In addition when i try to configure a Vlan to SSID it's not possible.

Dot11radio is only from 0 to 0.

Please look at my configuration options there not so many.

Can be that i have the unified image loaded?? cause i use autonomous i don't have a WLC.

Going crazy have ben reading almost every 860 docs but it seems that it's all referring to 880 and 890 not 860.

 

Thanks

 

 

Cisco Employee

While checking more details

While checking more details on this series of Router with embedded AP, it seems it is unlike the other models of 8xx series.

The C86xVAE-W router models (C866VAE-W-E-K9, C867VAE-W-E-K9, C867VAE-W-A-K9, C867VAE-POE-W-A-K9) contain an embedded AP called the AP860VAE. Unlike the AP801/AP802 in other 8xx routers, this AP does not run IOS, but is a Broadcom AP running Linux.  It can only run in autonomous mode (does not support CAPWAP).

The AP comes out of the box configured with 4 SSIDs, Cisco860, Cisco860_Guest1, Cisco860_Guest2, Cisco860_Guest3, with the Cisco860 SSID enabled and open.  A client can associate to the AP and will, by default, get an address from 10.10.10.0/29.  The AP's address is, by default, 10.10.10.2.
 
You can telnet to the AP CLI.  You can do this the same as you would with an AP801/AP802, i.e. reverse telnet out the router's line 2, i.e. telnet to the router's IP address, TCP port 2002.  It does not appear that the AP860VAE supports telnet or ssh itself.  It does have an HTTP GUI interface.
 
The default username/password on the AP860VAE is admin/admin.  You will be forced to change the password when you first log in.

Unfortunately, there is no VLAN support for the AP860VAE.  I.e. the Wlan-GigabitEthernet0 interface on the router must be an access port, and whatever VLAN that is in, that's what the AP860VAE - and all of its SSIDs - are in. CSCuo04717 Bug-Preview for CSCuo04717 has been filed as a doc bug, to reflect this clearly in documentation.

Ideally it is recommended to have most of the configuration using GUI which is much easier compared in CLI. 

Configuring steps from GUI are present here, please check :

Configuring WLAN using web-based interface

 -Thanks

Vinod

**Encourage Contributors. RATE Them.*

-Thanks Vinod **Rating Encourages contributors, and its really free. **
New Member

Vinod, Thanks for the quick

Vinod, Thanks for the quick reply.

I did all of the above written before but didn't get confirmation for the true capabilities of the router until now.

So it seems that my biggest fear was to find out that the router is low end product.

I wouldn't call it junk but in terms of access point i'm afraid that's true.

I got all running but now it's all clear.

What i was trying to do is to isolate the guest SSID from the main SSID (ssid isolation doesn't work).

In addition web access doesn't work for me.

interface BVI 1

ip address 10.10.10.2  255.255.255.0

no shutdown

 

 

 

Router#sh int vlan 1

Vlan1 is up, line protocol is up 

  Hardware is EtherSVI, address is xxxxxxxxxxx)

  Description: $FW_INSIDE$

  Internet address is 172.16.0.2/24

  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, 

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive not supported 

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input 00:00:00, output 00:00:08, output hang never

  Last clearing of "show interface" counters never

  Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 2

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 2000 bits/sec, 2 packets/sec

  5 minute output rate 1000 bits/sec, 2 packets/sec

     1610777 packets input, 246605928 bytes, 0 no buffer

     Received 7479 broadcasts (7642 IP multicasts)

     0 runts, 0 giants, 0 throttles 

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

     2203367 packets output, 2602583339 bytes, 0 underruns

     0 output errors, 1 interface resets

     7612 unknown protocol drops

     0 output buffer failures, 0 output buffers swapped out

 

 

Router#ping 10.10.10.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

 

 

Router#trace ip 10.10.10.2

Type escape sequence to abort.

Tracing the route to 10.10.10.2

VRF info: (vrf in name/id, vrf out name/id)

  1 DSL modem (192.168.0.2) 4 msec 4 msec 0 msec

  2  *  *  * 

  3  *  *  * 

  4  *  *  * 

  5  *  *  * 

  6  *  *  * 

  7  *  *  * 

  8  *  *  * 

 

 

access-list 1 permit 10.10.10.0 0.0.0.255 

 

 

interface Wlan-GigabitEthernet0

 description Internal switch interface connecting to the embedded AP

 switchport trunk allowed vlan 1-3,1002-1005

 switchport mode trunk

 no ip address

 

 

What is wrong here?

 

Thanks

Cisco Employee

8xx series was intended as a

8xx series was intended as a router with AP capabilities. This one is unfortunately have very basic wireless functions. 

The default ip address to access the GUI ( via the BVI interface ip address) is 10.10.10.2. Default username/password is admin/admin. Upon initial login, user will be prompted to change the default username/password.

As mentioned, there is no VLAN support for the AP860VAE.  I.e. the Wlan-GigabitEthernet0 interface on the router must be an access port, and whatever VLAN that is in.

Though it mostly seems to be on the routing configuration for reachability, you can try to configure another IP on the BVI interface to see it works properly.

You can later check with show interfaces BVI 1 command for more statistics on this interface, if any drops etc.

 -Thanks

Vinod

**Encourage Contributors. RATE Them.*

-Thanks Vinod **Rating Encourages contributors, and its really free. **
New Member

Vinod, can you confirm

Vinod, can you confirm whether it's possible to disable the web GUI for the AP?

I would prefer for this to be disabled, and it doesn't look like the use of the no ip http server command is valid here.

561
Views
10
Helpful
6
Replies
CreatePlease login to create content