04-11-2008 12:10 PM - edited 07-03-2021 03:42 PM
I want to create an open ssid with no authentication. How can I do this? When I use "authentication open" and "guest mode" i pick up the network but it shows it as secure.
04-12-2008 11:57 AM
I'm assuming this is a question about unified wireless (LWAPP)... sorry if I got it wrong. To make the SSID "open," set the Layer 2 security option under the created SSID as "None." This will leave the WLAN open with no encryption. Also make sure you're broadcasting the SSID (should be a check box under the WLAN). Hope this helps!
-Mike
04-12-2008 12:27 PM
Sounds like you have some old Security settings in there.
Step 1. With the WEB interface select System software, Config, and reset to defaults except IP address.
Step 2. express setup set your SSID; you AP should be open to ALL.
Step 3. chose guest mode again to broadcat SSID
Enjoy
Bill
04-23-2008 12:52 PM
how do you do this through command line?
04-23-2008 02:14 PM
Hi
Due to the number of inter related settings in the AP I strongly suggest you use the GUI for the initial setup. once you have the AP configured you can display the saved/runnig config and see the command line. you cna then disable the GUI with the no HTTP server command if you need to for security reasons.
the other method to reset the AP is to hold down the mode button and then apply power and wait for the light to turn yellow and then release the mode button your AP will then be reset to default config.
HTH
Bill
04-24-2008 07:58 AM
i have enabled the http server and it already had an ip address but when I go the the address in my browser it doesnt show anything.
04-24-2008 08:11 AM
Can you post your sanitized config
Bill
04-24-2008 08:24 AM
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname extra_ap
!
enable secret
!
ip subnet-zero
no ip domain lookup
ip domain name ---
ip name-server ---
!
aaa new-model
!
!
aaa group server radius rad_eap
server ---- auth-port 1812 acct-port 1813
!
aaa group server radius rad_mac
server --- auth-port 1812 acct-port 1813
!
aaa group server radius rad_acct
server ---- auth-port 1812 acct-port 1813
!
aaa group server radius rad_admin
!
aaa group server radius rad_pimp
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods group rad_mac
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 holdoff-time 600
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers tkip wep128
!
broadcast-key change 60
!
!
ssid ecc
authentication open eap eap_methods
authentication network-eap eap_methods mac-address mac_methods
authentication key-management wpa
accounting acct_methods
!
ssid test
authentication open
guest-mode
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
rts threshold 2312
channel 2437
station-role root fallback shutdown
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.1
no ip route-cache
shutdown
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address ---
no ip route-cache
!
ip default-gateway ----
ip http server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100
ip radius source-interface BVI1
logging trap debugging
logging facility local2
logging ----
access-list 2 permit ---- log
access-list 3 deny any log
snmp-server group eccread v3 auth read internetview access 2
snmp-server group eccwrite v3 auth write internetview access 2
snmp-server view internetview internet included
snmp-server community readonly RO 2
snmp-server community readwrite RW 2
snmp-server community public RO 3
snmp-server community private RW 3
snmp-server location NI1013
snmp-server contact ECC
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server enable traps entity
snmp-server enable traps disassociate
snmp-server enable traps authenticate-fail
snmp-server enable traps config
snmp-server enable traps syslog
snmp-server enable traps aaa_server
snmp-server enable traps rogue-ap
snmp-server host ---- version 2c aptrap
radius-server host ------ auth-port 1812 acct-port 1813 key 7 ---
radius-server attribute 32 include-in-access-req format %h
radius-server authorization permit missing Service-Type
radius-server vsa send accounting
bridge 1 route ip
!
!
line con 0
line vty 0 4
transport input ssh
line vty 5 15
transport input ssh
!
ntp clock-period 2860636
ntp server -----
end
04-25-2008 07:23 AM
What I am trying to do is create an SSID with complete open access and another SSID that goes to a radius (which is already set up on the access points). I want both of these ssid's to be on the same access point. Is it possible to do this? I was told you have to have 2 separate dot11 interfaces but this access point only has one dot11 interface, as you can see in the above config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide