Configuración básica de access point cisco, maquinas cogiendo dhcp de central. Nada del otro mundo.
Current configuration : 4309 bytes
!
! Last configuration change at 08:19:50 UTC Fri Jul 24 2009
! NVRAM config last updated at 08:19:50 UTC Fri Jul 24 2009
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname elnombredelap
!
!
username 00ff084b81b6 password 7 12495511145B54502873752A65
username 00ff084b81b6 autocommand exit
username 000ff77904e2 password 7 040B5B5609271B195049511240
username 000ff77904e2 autocommand exit
username 0060b369f154 password 7 014356520B095559784A1F5C4D
username 0060b369f154 autocommand exit
username 00c049d54f85 password 7 025654585B525625191A0F4150
username 00c049d54f85 autocommand exit
username 000b46f33744 password 7 075F711C4C5D4F0344415C5850
/* Estos los crea el automaticamente cuando va asociando maquinas */
username login.ap privilege 15 password 7 094B4059145605460C580A
/*Este es el que hay que crear para administracion */
ip subnet-zero
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 network-map
iapp standby mac-address 0040.96a1.a263
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption key 1 size 128bit 7 19DC274E650460EB67A954DE5003 transmit-key
encryption mode wep mandatory <- Ni se te ocurra utilizar wep, en mi caso no quedaban mas cojones porque ni el ap, ni las tarjetas soportaban otra cosa.
!
ssid xxxx_048_1
authentication open mac-address mac_methods
guest-mode
infrastructure-ssid
!
speed basic-11.0 <- Mas de lo mismo, mi mierda ap no daba para mas
rts threshold 2312
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
speed 100
full-duplex
ntp broadcast client
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address xx.xx.xx.xx 255.255.255.0
no ip route-cache
!
ip default-gateway xx.xx.xx.xx
ip http server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
/ivory/1100
ip http authentication aaa
ip radius source-interface BVI1
snmp-server community public RO
snmp-server enable traps tty
radius-server attribute 32 include-in-access-req format %h
radius-server authorization permit missing Service-Type
radius-server vsa send accounting
bridge 1 route ip
!
!
line con 0
line vty 5 15
!
ntp clock-period 2852030
ntp server xx.xx.xx.xx
!
La verdad es que es bastante mas facil configurarlo mediante el interface web, pero bueno, a la hora de mirar problemas los debugs en modo texto siempre te dan mas informacion.
Cuando los reseteas se ponen por defecto en la ip 10.0.0.1 (cisco/cisco con ssid tsunami).
http://www.ceenet.org/workshops/lectures2004/Erkki_Kukk/labs/wireless_basic_setup.pdf
http://www.cisco.com/en/US/docs/wireless/access_point/1100/installation/guide/110h_c5.html
Otro doc
Otro documento con mas informacion …
http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml.