configuracion access point cisco

Configuración básica de access point cisco, maquinas cogiendo dhcp de central. Nada del otro mundo.

Current configuration : 4309 bytes
!
! Last configuration change at 08:19:50 UTC Fri Jul 24 2009
! NVRAM config last updated at 08:19:50 UTC Fri Jul 24 2009
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname elnombredelap
!
!
username 00ff084b81b6 password 7 12495511145B54502873752A65
username 00ff084b81b6 autocommand exit
username 000ff77904e2 password 7 040B5B5609271B195049511240
username 000ff77904e2 autocommand exit
username 0060b369f154 password 7 014356520B095559784A1F5C4D
username 0060b369f154 autocommand exit
username 00c049d54f85 password 7 025654585B525625191A0F4150
username 00c049d54f85 autocommand exit
username 000b46f33744 password 7 075F711C4C5D4F0344415C5850
/* Estos los crea el automaticamente cuando va asociando maquinas */
username login.ap privilege 15 password 7 094B4059145605460C580A
/*Este es el que hay que crear para administracion */
ip subnet-zero
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 network-map
iapp standby mac-address 0040.96a1.a263
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption key 1 size 128bit 7 19DC274E650460EB67A954DE5003 transmit-key
encryption mode wep mandatory <- Ni se te ocurra utilizar wep, en mi caso no quedaban mas cojones porque ni el ap, ni las tarjetas soportaban otra cosa. ! ssid xxxx_048_1 authentication open mac-address mac_methods guest-mode infrastructure-ssid! speed basic-11.0 <- Mas de lo mismo, mi mierda ap no daba para mas rts threshold 2312 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface FastEthernet0 no ip address no ip route-cache speed 100 full-duplex ntp broadcast client bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled! interface BVI1 ip address xx.xx.xx.xx 255.255.255.0 no ip route-cache ! ip default-gateway xx.xx.xx.xx ip http server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag /ivory/1100 ip http authentication aaa ip radius source-interface BVI1 snmp-server community public RO snmp-server enable traps tty radius-server attribute 32 include-in-access-req format %h radius-server authorization permit missing Service-Type radius-server vsa send accounting bridge 1 route ip ! ! line con 0 line vty 5 15 ! ntp clock-period 2852030 ntp server xx.xx.xx.xx!La verdad es que es bastante mas facil configurarlo mediante el interface web, pero bueno, a la hora de mirar problemas los debugs en modo texto siempre te dan mas informacion.Cuando los reseteas se ponen por defecto en la ip 10.0.0.1 (cisco/cisco con ssid tsunami).
http://www.ceenet.org/workshops/lectures2004/Erkki_Kukk/labs/wireless_basic_setup.pdf
http://www.cisco.com/en/US/docs/wireless/access_point/1100/installation/guide/110h_c5.html

One Comment