cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1931
Views
5
Helpful
19
Replies

Multiple SSIDs on a single VLAN

wynneit
Level 1
Level 1

I dont think its possible but I vaguely recall seeing a document stating that it is poosible to have two SSIDs on a single VLAN.

If so can they also have two different authentication methods

19 Replies 19

Hi,

Thank you very much. I got it right now. Anyway, I could broadcast only 1 SSID. I have tried “mbssid” but it did not work. I understand VLAN is needed for mbssid. Please let me know if you have any suggestions. The following is my configuration.

ap#sh run

Building configuration...

Current configuration : 1471 bytes

!

version 12.3

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ap

!

no logging console

enable secret 5 xxxxxxxxxx

!

ip subnet-zero

!

!

no aaa new-model

!

dot11 ssid test1

authentication open

authentication key-management wpa

guest-mode

wpa-psk ascii 7 010703174F5A575D7218

!

dot11 ssid test2

authentication open

authentication key-management wpa

wpa-psk ascii 7 120D000406595D56797F

!

!

!

username xxxxx password 7 xxxxxxxxxx

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers tkip

!

ssid test1

!

ssid test2

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

hold-queue 80 in

!

interface BVI1

ip address 192.168.2.171 255.255.255.0

no ip route-cache

!

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

!

!

control-plane

!

bridge 1 route ip

!

!

!

line con 0

line vty 0 4

login local

!

end

Thanks again,

Nitass

Good to know you got yours working!

I ran into a road block with mine because I want to run WEP-128 with one SSID and WPA2-PSK with AES-CCMP on the other SSID. I still have not figured out how to do this exactly. Someone mentioned in an earlier post that they thought it was possible, but I'm not sure how to do it. So, back to the drawing board for me.

I noticed that you're running WPA-PSK on both of your SSIDs.

I have never done WEP with one SSID and WPA2-PSK on the other SSID but I agree with someone you mentioned that it should be possible to do like that. Please let me know if I can do anything for you. Anyway, I am not an expert but I am willing to help if I can. :-)

Have a good day,

Nitass

Hi cdeeds,

I was just running some tests and confirmed that you can run differnet encryption schemes on the same ssid (no vlans)...if that is what your looking to do.

I wanted to run WEP-128 for legacy machines while putting on the newer machines on WPA-PSK with no issues.

Here's the step by step...you may need to remove existing encryption that you have as it may spit out some errors if not done in this order.

Encryption Manager ->select Cipher with TKIP + WEP128 bit

enter 128 bit encryption key (26 digits) in key#2 click o.k.

SSID Manager -->Create SSID ->Select interface to tie ssid to ->Client Authenitcated key management select optional -> enter the WPA key and check WPA...click open authentication ->then apply.

I confirmed i could now log onto the same ssid with either WPA-PSK or TKIP. The only issue i have found so far is that the client WEP key has to be set up as key#2 in the cisco AP. It will spit out an error if you try the same setup in Key#1 with the WEP key. That means the client key for WEP also needs to be sent on key2.

Hope this helps answer your question. I noticed that there are also settings for WPA2-PSK with AES-CCMP for your scenario.

Regards.

That's awesome news! I'm goint to play around with the settings you suggested in our lab. Thanks for posting!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: