changing the IP address and default gateway of standalone access point

atifali.zaidi1 · ‎07-26-2017

Hello experts,

I would need to change the IP addressing of 11 standalone access points in my network , there is just one plain ssid which is running on all the access points.

the management subnet / ssid subnet is same on all the ap's which is vlan 1

now I would need to change the subnet from vlan 1 to vlan 678 ( it will again be same for ssid and management ) .

the problem that I have is I would not have console access to all the ap's to change the IP address and default gateway , I would need to do it remotely .

in order to do that , can I just change the following in this order on the ap remotely ?

config t

int bvi1

no IP address

ip address <subnet mask>

no shutdown

!

no ip default-gateway x.x.x.x

ip default-gateway <new IP of default gateway>

end

I guess once I do that, I will loose remote access , I would then have to go ahead and change the switchport config of that ap from switchport access vlan 1 to switch access vlan 678 and then would try to do telnet again in order to map the ssid to the new vlan.

also I would need to change the bridge groups from vlan 1 to vlan 678.

in addition to that , there is one command on the ap's which is "bridge 1 route ip" , I need to confirm that I need to do the following as well

no bridge 1 route IP

bridge 678 route IP

end

please advise if I got this correctly .

Rasika Nayanajith · ‎07-26-2017

I would suggest below.

1. First telnet to AP and issue reload in command to take effect in 10min (so if you stuck with your configs, your AP will reload with previous config, so no lock down)

AAP1#reload in 10
System configuration has been modified. Save? [yes/no]: no
Reload scheduled in 10 minutes by CIsco on vty0 (192.168.16.1)
Reload reason: Reload Command
Proceed with reload? [confirm]

2. Then execute default-gateway & BVI IP address, once issue these command, you will not able to access the AP until you change switch side. Modify gateway IP address and BVI address as per your requirement. In my case vlan 1617 is AP mgmt.

ip default-gateway 192.168.17.1
!
int bvi1
 ip address 192.168.17.10 255.255.255.0

3. Then go to the switch and change the native vlan to 1617 of the trunk

ASW3#sh run int g0/1
interface GigabitEthernet0/1
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 1616
 switchport trunk allowed vlan 1616-1630
 switchport mode trunk
end

ASW3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
ASW3(config)#int g0/1
ASW3(config-if)#sw tr na vla 1617

4. Once you do that, you should be able to access AP using new mgt IP (192.168.17.10). Once logged to the AP cancel the reload command.

ASW3#telnet 192.168.17.10
Trying 192.168.17.10 ... Open
User Access Verification
Username: Cisco
Password: 
Reload scheduled in 5 minutes by CIsco on vty0 (192.168.16.1)
Reload reason: Reload Command
AAP1>en
Password: 
AAP1#reload cancel 
*** --- SHUTDOWN ABORTED ---

You do not want to change bridge group number

If all goes well, you can mark this thread as answered.

HTH

Rasika

*** Pls rate all useful responses ***

atifali.zaidi1 · ‎07-27-2017

Rasika Nayanajith · ‎07-27-2017

Before suggesting final configuration, pls clarify the below

1. Do you require your WLAN users to get vlan 678 IP as well as your AP management ?

2. Looks like you using WEP (which is not secure any more), is it mandatory to support it ?

3. What AP model is this (pls provide 'show version' output)

4. What type of switches these AP connect to ? Pls share the switchport configuration if it is Cisco switch.

HTH

Rasika

*** Pls rate all useful responses ***

atifali.zaidi1 · ‎07-27-2017

1. Do you require your WLAN users to get vlan 678 IP as well as your AP management - yes same vlan would be used for management of the ap and the users .

2. Looks like you using WEP (which is not secure any more), is it mandatory to support it ? ----- it will remain like that as , we just have some old handheld devices that connect to these ap's.

Rasika Nayanajith · ‎07-27-2017

Thanks for the input. Here is what you have to do.

Since you are not going to have multiple vlan (mgmt/wlan users), no need to create vlan/sub-interfaces on AP. Only you require is to change the default-gateway and BVI interface IP to match vlan 678 information.

So telnet to AP and execute following 3 commands with required IP modification as per vlan 678 info. If these AP are PoE, then no need to issue reload-in command as you can simply revert config to previous by simply shut/no shut port

ip default-gateway 192.168.17.1
!
int bvi1
 ip address 192.168.17.10 255.255.255.0

Then you can change the switchport config got access vlan 678

interface FastEthernet0/23
 switchport mode access
 switchport access vlan 678

Once you do that, you should have access to your AP using vlan 678 IP you assigned. Once you logged into AP save the configuration.

If any issues let me know

Pls rate our responses (using star system) if those helps you.

HTH

Rasika

atifali.zaidi1 · ‎07-27-2017

thanks for the answer, we have an RFC scheduled for Monday wherein I would need to change all the 11 ap's.

I will come to you if there is an issue.

atifali.zaidi1 · ‎10-11-2017

hi There , i am coming back to you for the same issue :)

Ric Beeching · ‎03-19-2018

Hi,

So you are remotely trying to issue this config, yes? Where is it failing for you? Can you describe the steps you are taking to issue Rasika's config above?

Ric

-----------------------------
Please rate helpful / correct posts