Cisco 897 AP config eksempel

From Teknologisk videncenter
Jump to: navigation, search
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname nAP
!
logging rate-limit console 9
enable secret 5 $1$kIJF$fqTTOqqYrXwhii9HKZ2Ws1
!
no aaa new-model
no ip domain lookup
ip host tsmtek3 193.163.24.233
!
!
dot11 syslog
!
dot11 ssid Data
   vlan 1
   authentication open
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 7 104F0B1A0146405858
!
dot11 ssid Guest
   vlan 20
   authentication open
   authentication key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 7 12180714165A5E577E
!
dot11 ssid Voice
   vlan 10
   authentication open
   authenticaqtion key-management wpa version 2
   mbssid guest-mode
   wpa-psk ascii 7 141610080855787870
!
!
crypto pki trustpoint TP-self-signed-3703804506
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3703804506
 revocation-check none
 rsakeypair TP-self-signed-3703804506
!
!
crypto pki certificate chain TP-self-signed-3703804506
 certificate self-signed 01
  3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33373033 38303435 3036301E 170D3032 30333031 30303139
  31315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 37303338
  30343530 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100ACA5 CF861AB6 7A4243F9 EC2BF5CD EA2234AB 80715FAA 76BEDE13 4337C156
  CC3C7979 BC77BB57 7F059FE4 220D6CF6 D02BE7EE 947A27EB 0BEFF642 0B1BCAB4
  2941D380 347A4951 BCA6DCCF BDF7B2A6 EC976C27 8AB683D3 5880F4AC D34052DF
  76DC5A7B AE96AB57 98125B58 FB581E8C B9DB011D 84EB3C85 B4FAA0A4 0C491267
  7EDB0203 010001A3 62306030 0F060355 1D130101 FF040530 030101FF 300D0603
  551D1104 06300482 02617030 1F060355 1D230418 30168014 B035F66A D1DE712B
  8709197C EDA79065 D06AE119 301D0603 551D0E04 160414B0 35F66AD1 DE712B87
  09197CED A79065D0 6AE11930 0D06092A 864886F7 0D010104 05000381 81001950
  EF135F86 525D8524 18872FEE A26DD0D0 7C55D98D 24145996 B1B554FE 14608646
  8224A0C7 3A61A621 74B2E3A0 96CF85DD 2DFE7910 2B09E10F E58BD950 D7ACD2B3
  CFD028FF B53A983A BD98035C 304306BD 1D568851 86EFCFDE EECB35B2 796B7C3C
  62EF1F55 5AF20E04 41AD53AE 17ADCC03 AE9B93F6 7EC2C66A 56C6DE33 0453
  quit
username Cisco password 7 112A1016141D
!
!
bridge irb
!
!
interface Dot11Radio0
 bandwidth inherit
 no ip address
 no ip route-cache
 !
 encryption vlan 1 mode ciphers aes-ccm
 !
 encryption vlan 10 mode ciphers aes-ccm
 !
 encryption vlan 20 mode ciphers aes-ccm
 !
 ssid Data
 !
 ssid Guest
 !
 ssid Voice
 !
 antenna gain 0

 mbssid
 speed ofdm separate
 speed  basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 

basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
 no preamble-short
 station-role root
!
interface Dot11Radio0.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio0.10
 encapsulation dot1Q 10
 no ip route-cache
 bridge-group 10
 bridge-group 10 subscriber-loop-control
 bridge-group 10 block-unknown-source
 no bridge-group 10 source-learning
 no bridge-group 10 unicast-flooding
 bridge-group 10 spanning-disabled
!
interface Dot11Radio0.20
 encapsulation dot1Q 20
 no ip route-cache
 bridge-group 20
 bridge-group 20 subscriber-loop-control
 bridge-group 20 block-unknown-source
 no bridge-group 20 source-learning
 no bridge-group 20 unicast-flooding
 bridge-group 20 spanning-disabled
!
interface Dot11Radio1
 bandwidth inherit
 no ip address
 no ip route-cache
 !
 encryption key 1 size 128bit 7 403EC038BBEA5C207F4663056E3B transmit-key
 encryption mode wep mandatory
 !
 encryption vlan 1 mode ciphers aes-ccm
 !
 encryption vlan 10 mode ciphers aes-ccm
 !
 encryption vlan 20 mode ciphers aes-ccm
 !
 ssid Data
 !
 ssid Guest
 !
 ssid Voice
 !
 antenna gain 0
 no dfs band block
 mbssid
 power local 8
 channel dfs
 station-role root
!
interface Dot11Radio1.1
 encapsulation dot1Q 1 native
 no ip route-cache
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1.10
 encapsulation dot1Q 10
 no ip route-cache
 bridge-group 10
 bridge-group 10 subscriber-loop-control
 bridge-group 10 block-unknown-source
 no bridge-group 10 source-learning
 no bridge-group 10 unicast-flooding
 bridge-group 10 spanning-disabled
!
interface Dot11Radio1.20
 encapsulation dot1Q 20
 no ip route-cache
 bridge-group 20
 bridge-group 20 subscriber-loop-control
 bridge-group 20 block-unknown-source
 no bridge-group 20 source-learning
 no bridge-group 20 unicast-flooding
 bridge-group 20 spanning-disabled
!
interface GigabitEthernet0
 description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host 

router
 no ip address
 no ip route-cache
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.10
 encapsulation dot1Q 10
 no ip route-cache
 bridge-group 10
 no bridge-group 10 source-learning
 bridge-group 10 spanning-disabled
!
interface GigabitEthernet0.20
 encapsulation dot1Q 20
 no ip route-cache
 bridge-group 20
 no bridge-group 20 source-learning
 bridge-group 20 spanning-disabled
!
interface BVI1
 ip address 192.168.10.254 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.10.1
no ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
 login local
!
end