Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

AIR-SAP702 WPA Configuration Issues

Hello to everyone!

I've just received a AIR-SAP702 Access point and begun configuring the device via CLI and am experiencing problems trying to configure the AP to work with WPA encryption.

 

I've set the WPA parameters under the SSID section, however the AP fails to allow any client connect with it.

I've setup many access points but this is the first time I am dealing with this model, so I am wondering if I am hitting a bug, or there's something additional required for the 702 access points, which I am not aware of.

 

Below is my configuration:

 

! Last configuration change at 04:22:10 UTC Mon Mar 1 1993 by admin
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP5
!
!
logging rate-limit console 9
no logging console
enable secret 5 $1$EROA$uB8H/g8yjQQPZl8RYBHrH/
!
no aaa new-model
no ip cef
!
!
!
!
dot11 syslog
!
dot11 ssid test
   authentication open
   authentication key-management wpa
   guest-mode
   infrastructure-ssid optional
   wpa-psk ascii 7 00554155500E5D5157
!
!
dot11 guest
!
!
crypto pki trustpoint TP-self-signed-4052737212
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4052737212
 revocation-check none
 rsakeypair TP-self-signed-4052737212
!
!
crypto pki certificate chain TP-self-signed-4052737212
 certificate self-signed 01
  30820240 308201A9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 34303532 37333732 3132301E 170D3032 30333031 30303236
  32305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 30353237
  33373231 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C5C8 3EAD9303 513C34C0 D0AB97FC 8E2E75AB BF5F3D07 0FED5D57 E625003D
  C2F9B9B7 ADB2D10C 6071BD32 C8B2F90B 23E7CF91 15F76A4B 736E6545 1673B13E
  115DDA8F A1ADCBF3 66C3D46F 435411A8 1AEBC651 B66776AC 505A25ED CCAF62FA
  5157B7ED 2D542E9A 37408292 7EA93D63 F4E47558 5E38205A 0047C88A B84CBA91
  7F110203 010001A3 68306630 0F060355 1D130101 FF040530 030101FF 30130603
  551D1104 0C300A82 084B6974 312D4150 31301F06 03551D23 04183016 8014BA0E
  FFFCA980 4A18FDE1 6A61E034 0BD7C4AF C24E301D 0603551D 0E041604 14BA0EFF
  FCA9804A 18FDE16A 61E0340B D7C4AFC2 4E300D06 092A8648 86F70D01 01040500
  03818100 83E745AC 0B917643 6BF1D958 6A5DA8F4 1FE7385B B0863530 132BF892
  40A137BA 1D84B2EA 3BBD1A8B 071C51F0 EDF1DDDF 89E44CDC C191543F 235E17E7
  7E90B469 213E3292 35A06A42 29339FBD 9A9A9CA0 7D9A5859 F8A2A4B2 24C9BA66
  422DB514 A53CB34C A4CCF522 D3E71B7A B71519B3 8279451E A783FBFE 18987DB7 24559631
        quit
!
username admin privilege 15 secret 5 $1$tW2Z$PBO.059FopASBBGXQMk55.
!
!
bridge irb
!
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption mode ciphers tkip
 !
 ssid test
 !
 antenna gain 0
 packet retries 64 drop-packet
 channel 2437
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 shutdown
 antenna gain 0
 peakdetect
 no dfs band block
 packet retries 64 drop-packet
 channel dfs
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface GigabitEthernet0
 no ip address
 duplex auto
 speed auto
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning
!
interface BVI1
 ip address 10.0.0.122 255.255.255.0
!
ip default-gateway 10.0.0.4
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
!
!
bridge 1 route ip
!
!
!
line con 0
 password cisco
 login local
line vty 0 4
 login local
 transport input all
line vty 5 15
 access-class 115 in
 login local
 transport input all
!

 

 

 

1 REPLY
VIP Purple

Hi,Try to configure WPA2 with

Hi,

Try to configure WPA2 with AES as encryption & see. Also remove "infrastructure ssid optional" command under SSID config as well.

Since this is 802.11n capable access point, you only get n data rates if it is Open or WAP2/AES only. With WPA/TKIP you won't get 802.11n speeds.

 

HTH

Rasika

*** Pls rate all useful responses ***

277
Views
5
Helpful
1
Replies
CreatePlease to create content