Cisco 897 AP config eksempel
From Teknologisk videncenter
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname nAP
!
logging rate-limit console 9
enable secret 5 $1$kIJF$fqTTOqqYrXwhii9HKZ2Ws1
!
no aaa new-model
no ip domain lookup
ip host tsmtek3 193.163.24.233
!
!
dot11 syslog
!
dot11 ssid Data
vlan 1
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 104F0B1A0146405858
!
dot11 ssid Guest
vlan 20
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 12180714165A5E577E
!
dot11 ssid Voice
vlan 10
authentication open
authenticaqtion key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 7 141610080855787870
!
!
crypto pki trustpoint TP-self-signed-3703804506
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3703804506
revocation-check none
rsakeypair TP-self-signed-3703804506
!
!
crypto pki certificate chain TP-self-signed-3703804506
certificate self-signed 01
3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33373033 38303435 3036301E 170D3032 30333031 30303139
31315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 37303338
30343530 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100ACA5 CF861AB6 7A4243F9 EC2BF5CD EA2234AB 80715FAA 76BEDE13 4337C156
CC3C7979 BC77BB57 7F059FE4 220D6CF6 D02BE7EE 947A27EB 0BEFF642 0B1BCAB4
2941D380 347A4951 BCA6DCCF BDF7B2A6 EC976C27 8AB683D3 5880F4AC D34052DF
76DC5A7B AE96AB57 98125B58 FB581E8C B9DB011D 84EB3C85 B4FAA0A4 0C491267
7EDB0203 010001A3 62306030 0F060355 1D130101 FF040530 030101FF 300D0603
551D1104 06300482 02617030 1F060355 1D230418 30168014 B035F66A D1DE712B
8709197C EDA79065 D06AE119 301D0603 551D0E04 160414B0 35F66AD1 DE712B87
09197CED A79065D0 6AE11930 0D06092A 864886F7 0D010104 05000381 81001950
EF135F86 525D8524 18872FEE A26DD0D0 7C55D98D 24145996 B1B554FE 14608646
8224A0C7 3A61A621 74B2E3A0 96CF85DD 2DFE7910 2B09E10F E58BD950 D7ACD2B3
CFD028FF B53A983A BD98035C 304306BD 1D568851 86EFCFDE EECB35B2 796B7C3C
62EF1F55 5AF20E04 41AD53AE 17ADCC03 AE9B93F6 7EC2C66A 56C6DE33 0453
quit
username Cisco password 7 112A1016141D
!
!
bridge irb
!
!
interface Dot11Radio0
bandwidth inherit
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers aes-ccm
!
encryption vlan 10 mode ciphers aes-ccm
!
encryption vlan 20 mode ciphers aes-ccm
!
ssid Data
!
ssid Guest
!
ssid Voice
!
antenna gain 0
mbssid
speed ofdm separate
speed basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0
basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
no preamble-short
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.10
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
!
interface Dot11Radio0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
!
interface Dot11Radio1
bandwidth inherit
no ip address
no ip route-cache
!
encryption key 1 size 128bit 7 403EC038BBEA5C207F4663056E3B transmit-key
encryption mode wep mandatory
!
encryption vlan 1 mode ciphers aes-ccm
!
encryption vlan 10 mode ciphers aes-ccm
!
encryption vlan 20 mode ciphers aes-ccm
!
ssid Data
!
ssid Guest
!
ssid Voice
!
antenna gain 0
no dfs band block
mbssid
power local 8
channel dfs
station-role root
!
interface Dot11Radio1.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.10
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
!
interface Dot11Radio1.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
!
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecting AP with the host
router
no ip address
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.10
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
no bridge-group 10 source-learning
bridge-group 10 spanning-disabled
!
interface GigabitEthernet0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
!
interface BVI1
ip address 192.168.10.254 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.10.1
no ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
end