Field Verified. Configuration Guide. Cisco. 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM)

Similar documents
Approved APs: AP 1121, 1131, 1231, 1232, 1242, BR 1310

VIEW Configuration Guide. Cisco. 1131, 1232 and 1242 Autonomous APs. June 2010 Edition Version D

VIEW Certified Configuration Guide. Cisco

VIEW Certified Configuration Guide. Colubris Networks Series MultiService Controllers with MAP-320/330 MultiService Access Points

Configuring the WMIC for the First Time

VIEW Certified Configuration Guide. Hewlett-Packard. HP ProCurve Wireless Edge Services zl Module. January 2008 Edition Version C

Field Verified. Configuration Guide. Extricom. Interference-Free Wireless LAN System. January 2008 Edition Version B

VIEW Certified Configuration Guide. Extreme Networks. Summit WM 100, 1000 Wireless Controllers with Altitude AP

VIEW Certified Configuration Guide. BelAir Networks. BelAir50, BelAir100, BelAir200. January 2008 Edition Version D

Integration Guide. Trakker Antares 2400 Family and Cisco Aironet 123X

Configuring the Access Point/Bridge for the First Time

VIEW Certified Configuration Guide. Motorola. WS 2000 with AP 300. January 2008 Edition Version C

VIEW Certified Configuration Guide. Nortel. WLAN Security Switch 2300 Series with AP January 2008 Edition Version F

Field Verified. Configuration Guide. Proxim ORiNOCO. AP-600b, AP-600g, AP-700, AP-2000, AP January 2008 Edition Version H

Cisco Aironet 350 (DS) AP IOS Software

EAP FAST with the Internal RADIUS Server on the Autonomous Access Point Configuration Example

Integration Guide. CK30/CK31 and Cisco Aironet 1231/1242

TACACS+ on an Aironet Access Point for Login Authentication Configuration Example

Enterasys Networks. VIEW Certified Configuration Guide. Enterasys C20, C20N, C2400, C4110, C5110 with AP 3605, 3610, 3620, 3630, 3640

Configuring a Wireless LAN Connection

VIEW Certified Configuration Guide. Trapeze Networks. Mobility System for MP-422 Access Points. June 2008 Edition Version D

Cisco Unified Communications Manager Express 7921 Push-to-talk

NetLink Components NetLink Telephony Gateway NetLink SVP Server NetLink Wireless Telephones

Numerics INDEX. 2.4-GHz WMIC, contrasted with 4.9-GHz WMIC g 3-6, x authentication 4-13

Cisco Meraki. Spectralink VIEW Certified Configuration Guide

CONFIGURATION DU SWITCH

AP firmware version tested: NetLink Wireless Telephone software version tested: Maximum telephone calls per AP: 8

Siemens HiPath Wireless: Configuration and Deployment Guide

Siemens HiPath Wireless: Configuration and Deployment Guide

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

3Com Wireless LAN Mobility System Configuration and Deployment Guide

Cisco Systems, Inc , 1200, 1300 Series AP (Autonomous mode) Product sw version 12.3(11)JA4 I75 Handset sw version 1.4.

MSM320, MSM410, MSM422, MSM430,

Extreme Networks Summit WM-Series Wireless Controller and Altitude APs Configuration and Deployment Guide

Cisco Catalyst 6500 Series Wireless LAN Services Module: Detailed Design and Implementation Guide

Lab 8.5.2: Troubleshooting Enterprise Networks 2

Console Server. Con. Cisco Aironet Port Figure 1: Aironet configuration

LEAP Authentication on a Local RADIUS Server

Configuring Hybrid REAP

Configuring WDS, Fast Secure Roaming, Radio Management, and Wireless Intrusion Detection Services

Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide

Configuring Catalyst Switches for Polycom Conference Phones

Securing a Wireless LAN

Configuring VLANs CHAPTER

Chapter 10 Lab 10-2, Securing VLANs INSTRUCTOR VERSION

Configuring Spanning Tree Protocol

INTRODUCTION...2 SOLUTION DETAILS...3 NOTES...3 HOW IT WORKS...4

Lab - Troubleshooting VLAN Configurations (Instructor Version Optional Lab)

Converged Access CT 5760 AVC Deployment Guide, Cisco IOS XE Release 3.3

Configuring a Basic Wireless LAN Connection

Wireless Domain Services FAQ

Spectralink VIEW Certified Configuration Guide. Aruba Networks. Aruba Instant APs IAP-11x, 20x, 21x, 22x

3. What could you use if you wanted to reduce unnecessary broadcast, multicast, and flooded unicast packets?

Introduction to PTT. Multicast

LinkPlus Interface Guide

Device Interface IP Address Subnet Mask Default Gateway. Ports Assignment Network

1 of :22

Wireless LAN Controller Module Configuration Examples

PePWave Mesh Connector User Manual

LinkPlus Interface Guide

Configuring Multiple SSIDs

2100/2500/4400/5500/7500/8500 Series WLC (Wireless LAN Controller),

Catalyst 4500 Series IOS Commands

Configure Devices Using Converged Access Deployment Templates for Campus and Branch Networks

PowerStation2 LiteStation2 LiteStation5 User s Guide

Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.1

2100/2500/4400/5500/7500/8500 Series WLC (Wireless LAN Controller),

LinkPlus Interface Guide

Catalyst 4500 Series IOS Commands

accounting (SSID configuration mode) through encryption mode wep

Cisco Press CCIE Practical Studies CCIE Practice Lab: Enchilada Solutions

Exam : Cisco Title : Update : Demo. Composite Exam

Table of Contents. isco Configuring 802.1q Trunking Between a Catalyst 3550 and Catalyst Switches Running Integrated Cisco IOS (Nativ

Configuring VLANs CHAPTER

CERIO Corporation OW-310N2

Quality of Service WMM, U-APSD, DSCP, CoS (802.1p/q), TSPEC Other IEEE Standards d

Contents. Introduction

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Configuring VLANs. Finding Feature Information. Prerequisites for VLANs

WISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac

Spectralink Quick Network Connect. Release Notes. Spectralink QNC Software 2.0 January 2017, v2

Catalyst Switches for Microsoft Network Load Balancing Configuration Example

FlexConnect. Information About FlexConnect

IEEE a/ac/n/b/g Outdoor Stand-Alone Access Point. Management Guide. ECWO Series. Software Release v1.0.1.

accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through

Configuring Authentication Types

ISR Wireless Configuration Example

when interoperating with a Cisco Layer 3 Switch Situation: VLAN 1 shutdown, no IP on default VLAN on Cisco switch

Switches running the LAN Base feature set support only static routing on SVIs.

LinkPlus Interface Guide

Configuring VLANs. Finding Feature Information. Prerequisites for VLANs

!! Last configuration change at 16:04:19 UTC Tue Feb by zdrillin! NVRAM config last updated at 21:07:18 UTC Thu Feb ! version 12.

Lab Configuring 802.1Q Trunk-Based Inter-VLAN Routing (Instructor Version Optional Lab)

Oct 2007 Version 1.01

PrepKing. PrepKing

QNC Best Practices. System Affected. Description. QNC Configuration Procedure. Technical Bulletin CS-18-04

WH-9200AP a/b/g Dual Radio Wireless Base Station. User s Manual

IEEE 802.1Q Tunneling (QnQ) and L2PT on L2 Ports

Configuring Repeater and Standby Access Points and Workgroup Bridge Mode

Chapter 5 Lab 5-1 Inter-VLAN Routing INSTRUCTOR VERSION

Transcription:

Cisco 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) January 2008 Edition 1725-36045-001 Version E

Trademark Information Polycom and the logo designs SpectraLink LinkPlus Link NetLink SVP Are trademarks and registered trademarks of Polycom, Inc. in the United States of America and various countries. All other trademarks used herein are the property of their respective owners. Patent Information The accompanying product is protected by one or more US and foreign patents and/or pending patent applications held by Polycom, Inc. Copyright Notice Copyright 2005 to 2008 Polycom, Inc. All rights reserved under the International and pan-american copyright Conventions. No part of this manual, or the software described herein, may be reproduced or transmitted in any form or by any means, or translated into another language or format, in whole or in part, without the express written permission of Polycom, Inc. Do not remove (or allow any third party to remove) any product identification, copyright or other notices. Every effort has been made to ensure that the information in this document is accurate. Polycom, Inc. is not responsible for printing or clerical errors. Information in this document is subject to change without notice and does not represent a commitment on the part of Polycom, Inc. Notice Polycom, Inc. has prepared this document for use by Polycom personnel and customers. The drawings and specifications contained herein are the property of Polycom and shall be neither reproduced in whole or in part without the prior written approval of Polycom, nor be implied to grant any license to make, use, or sell equipment manufactured in accordance herewith. Polycom reserves the right to make changes in specifications and other information contained in this document without prior notice, and the reader should in all cases consult Polycom to determine whether any such changes have been made. No representation or other affirmation of fact contained in this document including but not limited to statements regarding capacity, response-time performance, suitability for use, or performance of products described herein shall be deemed to be a warranty by Polycom for any purpose, or give rise to any liability of Polycom whatsoever. Contact Information Please contact your Polycom Authorized Reseller for assistance. Polycom, Inc. 4750 Willow Road, Pleasanton, CA 94588 http://www.polycom.com 2 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Introduction This document describes the required settings and configuration for Cisco 1100, 1200 and 1300 Series access points (APs) using the Wireless LAN Services Module (WLSM) to support SpectraLink 8000 Wireless Telephones. Product Summary Manufacturer: Cisco: www.cisco.com Approved APs: AP 1121, 1131, 1231, 1232, 1242, BR 1310 WLSM framework: Catalyst 6503-E Switch, Supervisor Engine 720, WLSM Module External network components: RADIUS Server * Cisco 2940 1g Switch RF technology: 802.11b/g Radio: 2.4 2.484 GHz QoS SpectraLink Voice Priority (SVP) Security: WPA-PSK, WPA2-PSK AP firmware version tested: 12.3.7(JA4) SpectraLink handset models: e340/h340/i640 8020/8030 SpectraLink radio mode: 802.11b 802.11b Maximum telephone calls per AP: 8 8 Recommended network topology: Switched Ethernet (recommended) Denotes products directly used in testing * RADIUS Server used in place of a WLSE Module Known Limitations WMM must be disabled in this configuration (default is on ). WMM is a global setting, therefore WMM may not be used for any Wi-Fi devices on this network. SpectraLink's Push-to-talk (PTT) functionality, available in SpectraLink i640 Wireless Telephones, does not work in this configuration because of limitations with the way that multicast traffic is passed through the WLSM. Cisco Fast Secure Roaming (FSR) has limited functionality in this configuration, therefore it is not recommended. SpectraLink recommends WPA-PSK and WPA2-PSK for this configuration. PN: 1725-36045-001_E.doc 3

Network Topology The following topology was tested during lab testing. It is important to note that these do not necessarily represent all tested configurations. SpectraLink 8000 Wireless Telephones SpectraLink 8000 Wireless Telephones 4 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Configuration Setup Notes on configuration The AP must support SpectraLink Voice Priority (SVP). Contact your AP vendor if you need to upgrade the AP software. Initial setup Go to the Cisco download site at www.cisco.com and download the latest version of firmware for the access point (AP) and WLSM modules. If you encounter difficulties or have questions regarding the configuration process, please contact your local Cisco's customer service at www.cisco.com. WLSM setup For an introduction and set up guide for Cisco s Catalyst 6500 Switch, go to the following links: http://www.cisco.com/univercd/cc/td/doc/product/wireless/ wlsmdig.htm and http://www.cisco.com/en/us/products/sw/cscowork/ps3915/ products_white_paper09186a00801d8630.shtml The minimum components required are a Catalyst 6500 chassis, Supervisory 720 module and a Wireless LAN Services Module (WLSM). Either a Wireless LAN Solution Engine (WLSE ) or a RADIUS server are required for AAA Authentication. The 6500 chassis has only one Ethernet port connection, which is a gigabit port. An Ethernet Module can be added to the 6500 chassis or an external switch used. An external switch must support 802.1Q VLANs and have at least one Gigabit port. Two 20-amp wall circuits are required for powering the unit. Sample configuration files for the Sup 720 and WLSM modules are shown at the end of this document. PN: 1725-36045-001_E.doc 5

AP setup The APs have to be configured to work within the WLSM environment. The settings shown in the examples in this document correspond to the settings in the configuration files for the WLSM setup. Mapping The table below shows how the different modules map to each other. Assigning an IP address to a new AP 1. Connect the PC s serial port to the AP via the CLI Interface cable. Run a terminal program set to 9600 baud. 2. At the prompt, type enable. 3. Type the password, default password is Cisco. 4. Type the command configure terminal. 5. Type the command interface BVI 1. 6 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) 6. Type ip address <ip address> <net mask>. 7. Type end and then type write mem to save configuration. Connecting to the AP Connect to the AP via Netscape or Internet Explorer by navigating to the URL: http://<ip_addr> (where <IP_Addr> is the IP address of the AP). Installing software on the AP 1. Download the appropriate firmware for your model AP from the Cisco IOS Software Downloads website. 2. Connect to the AP via a Web browser, preferably IE. Turn off popup blocking. 3. Click SYSTEM SOFTWARE. 4. Click Software Upgrade 5. Click the HTTP UPGRADE tab. 6. Use the Browse button to select the target image. 7. Click the Upgrade button. 8. Allow for at least five minutes for the upgrade to complete. The progress of the upgrade can be tracked via the AP s LEDs. Center LED RED means the image is being downloaded. All LEDs ON means the AP is decompressing the image, rebooting, etc. Top LED GREEN, radio and status LEDs blinking means Ethernet connectivity OK, normal operation. 9. The Web browser opens a window indicating the amount of time since the upgrade started. After the upgrade is completed, this window may stay open. The user will need to close these window(s) and refresh the Web browser s connection to the AP. The rest of the configuration can easily be done through the browser interface. Log into the AP via a Web browser using the IP address assigned in the above step. PN: 1725-36045-001_E.doc 7

AP Configuration Configuring Security Main Security screen The Security Summary screen below shows configurations of 3 VLANs. VLANs are set up to work with different encryptions and SSIDs. Network IDs are assigned to the corresponding tunnel ID on the SUP 720. Note that the configurations shown below depict the configuration of three different SSIDs with three different encryption types. For example: BBK VLAN 1 WPA-PSK/AES ADG VLAN2 WPA-PSK/TKIP FSR VLAN3 CCKM/TKIP (not used during this testing). 8 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Configuring VLANs The following screen shows the set-up for creating a VLAN. Note that if your deployment uses only a single encryption type, it is not necessary to configure VLANs. Click Security in the navigation pane, and select Encryption Manager to configure a single encryption type. See the Configuring Encryption section below for an example of the Encryption Manager screen. 1. In the navigation pane, click SERVICES. 2. Select VLAN from the sub-menu. 3. Under Current VLAN List, select the proper VLAN from the list box, or create a new one if necessary. 4. Assign a VLAN ID number to the VLAN. 5. Make sure Radio0-802.11G is selected. 6. One VLAN has to be set as the Native VLAN. 7. Click the Apply button. PN: 1725-36045-001_E.doc 9

Configuring Encryption Set Security: Encryption manager 1. In the navigation pane, click SECURITY. 2. Select Encryption Manager from the sub-menu. 3. For Set Encryption Mode and Keys for VLAN, select the proper VLAN that corresponds to the SSID. 4. Under Encryption Modes, click the Cipher option. 5. For WPA-PSK, select TKIP from the drop-down list. For WPA2-PSK, select AES CCMP from the drop-down list. 6. Under Encryption Keys, clear all Encryption Key fields. 7. Under Global Properties, click the Disable Rotation option. 8. Click the Apply button. The following example shows the SECURITY screen with WPA2-PSK settings. 10 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Configuring SSIDs The following screens show the set-up for WPA2-PSK and VLAN1. 1. In the navigation pane, click SECURITY. 2. Select SSID Manager from the sub-menu. 3. Under SSID Properties, select the proper SSID from the list box, or create a new one if necessary. Make sure Radio0-802.11G is selected. 4. Select the proper VLAN and Network ID number. The Network ID number matches a Mobility Network ID of a Tunnel Interface on the Sup720. 5. Under Authentication Settings, select the Open Authentication check box and select No Addition from the drop-down list. PN: 1725-36045-001_E.doc 11

6. Use default settings for Server Priorities. 7. Under Authenticated Key Management: 8. Select Mandatory from the Key Management drop-down list. 9. Select the WPA check box. 10. In the WPA Pre-shared Key field, type in the key code used in the handsets. Characters are case sensitive. 11. Select the ASCII option. 12. Click the Apply button. 13. At the bottom of the page, under Guest Mode/Infrastructure SSID Settings, select the Single BSSID option and select the SSID that was used in step 5. 14. Click the Apply button. 12 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Configuring QoS Quality of service policies must be set up to enable voice packets to be prioritized properly. Two policies are created, one for downstream traffic and one for upstream traffic. PN: 1725-36045-001_E.doc 13

Configuring SRP for downstream traffic 1. In the navigation pane, click SERVICES. 2. Select QoS from the sub-menu. 3. Create the downstream QoS policy: 4. Under Create/Edit Policy, select the proper Policy Name from the drop-down list, or create a new one if necessary. 5. Select Voice <10ms Latency (6) from the third drop-down list under Apply Class of Service. 6. Click the Add button to add this classification to your new QoS policy. 7. Click the Apply button. 14 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Configuring SRP for upstream traffic 1. Create the upstream QoS policy: 2. Under Create/Edit Policy, select the proper Policy Name from the drop-down list, or create a new one if necessary. 3. Select Video <100ms Latency (5) from the third drop-down list under Apply Class of Service. 4. Click the Add button to add this classification to your new QoS policy. 5. Click the Apply button. PN: 1725-36045-001_E.doc 15

Apply policies to interfaces 1. Scroll down to Apply Policies to Interface/ VLANs. 2. Apply the new QoS policies to Incoming and Outgoing Radio0-802.11G for the appropriate interfaces for each VLAN by selecting them from the applicable drop-down lists: 3. Apply the downstream policy to the Incoming traffic for Radio0-802.11G. 4. Apply the upstream policy to the Outgoing traffic for Radio0-802.11G. 5. No policies are applied to the Fast Ethernet interface. 6. Click the Apply button. 16 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Radio0-802.11g access categories 1. Click the RADIO0 802.11G ACCESS CATEGORIES tab. 2. At Voice (CoS 6-7): 3. Set the Min Contention Window and Max Contention Window fields to 0. 4. Set the Fixed Slot Time field to 2. 5. Set the Transmit Opportunity field to 0. 6. Click the Apply button. PN: 1725-36045-001_E.doc 17

QoS advanced settings 1. Click the Advanced tab. 2. At QoS Element for Wireless Phones, click the Enable option. 3. Under IGMP Snooping, click the Enable option. 4. At Map Ethernet Packets with Cos5 to Cos6, click the Yes option. 5. Important Under WMM, under Enable on Radio Interfaces, make sure the check boxes are cleared. 6. Click the Apply button. 18 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Radio Settings 1. In the navigation pane, click NETWORK INTERFACES. 2. Select Radio0-802.11G from the sub-menu. 3. Click the SETTINGS tab. 4. Set Enable Radio to Enable. 5. For setting up the Data Rates there are two options, Best Range or Best Throughput. 6. For Best Throughput select Enable for 1.0, 2.0 and 5.5 Mb/sec, and select Require for 11.0 Mb/sec. To support this data rate set, signal strength of -60 dbm or stronger is required wherever the handsets are to be used. The screen shot below shows the settings for Best Throughput. 7. For Best Range select Require for 1.0 Mb/sec, and select Enable for 2.0, 5.5 and 11.0 Mb/sec. To support this data rate set, signal strength of -70 dbm or stronger is required wherever the handsets are to be used. PN: 1725-36045-001_E.doc 19

8. Power level and Channel selection will vary according to the environment. 20 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) 9. At Aironet Extensions, select the Disable option. 10. Set the Data Beacon Rate (DTIM) field to 3. 11. Set the Max. Data Retries and RTS Max. Retries fields to 20. 12. Click the Apply button. PN: 1725-36045-001_E.doc 21

Wireless Services The AP needs to be configured to access the WDS service on the WLSM module. The IP address is assigned to the WLSM module (under wlan vlan configuration) in its configuration file. 1. In the navigation pane, click WIRELESS SERVICES. 2. Select AP from the sub-menu. 22 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) 3. At Participate in SWAN Infrastructure, click the Enable option. 4. At WDS Discovery, click the Specified Discovery option, and enter the IP Address assigned to the WLSM module. 5. Enter the Username assigned to the RADIUS server and WDS. 6. Enter the Password assigned to the RADIUS server and WDS. 7. Click the Apply button. PN: 1725-36045-001_E.doc 23

Assigning a Different IP Address to a Configured AP 1. In the navigation pane, click NETWORK INTERFACES. 2. Select IP Address from the sub-menu. 3. Enter the new IP Address and IP Subnet Mask as required. 4. Enter a Default Gateway IP Address if required. 5. Click the Apply button. 24 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) Example Configuration File for SUP720 Building configuration... Current configuration : 3940 bytes version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption service counters max age 10 hostname Cat6503-E boot system flash sup-bootflash:s72033-pk9sv-mz.122-18.sxd5.bin logging snmp-authfail enable password cisco no aaa new-model wlan module 3 allowed-vlan 100 vtp mode transparent ip subnet-zero no ip domain-lookup ip dhcp excluded-address 192.168.115.1 ip dhcp excluded-address 192.168.116.1 ip dhcp excluded-address 192.168.112.1 192.168.112.6 ip dhcp excluded-address 192.168.114.1 192.168.114.2 ip dhcp pool mobilnet1 ip dhcp pool mobilenet1 network 192.168.114.0 255.255.255.0 default-router 192.168.114.1 option 151 ip 192.168.110.5 option 66 ip 192.168.110.6 ip dhcp pool mobilenet2 network 192.168.115.0 255.255.255.0 option 66 ip 192.168.110.6 PN: 1725-36045-001_E.doc 25

option 151 ip 192.168.110.5 default-router 192.168.115.1 ip dhcp pool mobilenet3 network 192.168.116.0 255.255.255.0 option 151 ip 192.168.110.5 option 66 ip 192.168.110.6 default-router 192.168.116.1 ip dhcp pool aironet-vlan2 network 192.168.112.0 255.255.255.0 default-router 192.168.112.1 ip dhcp snooping ip multicast-routing mls ip multicast flow-stat-timer 9 no mls flow ip no mls flow ipv6 mls qos mls cef error action freeze power redundancy-mode combined spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id diagnostic cns publish cisco.cns.device.diag_results diagnostic cns subscribe cisco.cns.device.diag_commands redundancy mode sso main-cpu auto-sync running-config auto-sync standard vlan internal allocation policy ascending vlan access-log ratelimit 2000 vlan 2-3,100 class-map match-all DSCP 26 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) match any policy-map upstream class DSCP trust cos interface Loopback10 ip address 192.168.117.2 255.255.255.255 interface Loopback11 ip address 192.168.117.1 255.255.255.255 interface Loopback12 ip address 192.168.117.0 255.255.255.255 interface Loopback33 ip address 33.33.33.33 255.255.255.255 ip pim sparse-dense-mode interface Tunnel10 description WPA-PSK WPA2 ip address 192.168.114.1 255.255.255.0 no ip redirects ip mtu 1476 ip dhcp snooping packets ip pim sparse-dense-mode tunnel source Loopback10 tunnel mode gre multipoint mobility network-id 10 mobility trust mobility broadcast service-policy input upstream interface Tunnel11 description WPA-LEAP_EAP ip address 192.168.115.1 255.255.255.0 no ip redirects ip mtu 1476 ip dhcp snooping packets ip pim sparse-dense-mode tunnel source Loopback11 PN: 1725-36045-001_E.doc 27

tunnel mode gre multipoint mobility network-id 11 mobility trust mobility broadcast service-policy input upstream interface Tunnel12 description CCKM-TKIP-FSR ip address 192.168.116.1 255.255.255.0 no ip redirects ip mtu 1476 ip pim dense-mode tunnel source Loopback12 tunnel mode gre multipoint mobility network-id 12 mobility trust mobility broadcast service-policy input upstream interface GigabitEthernet1/1 ip address 192.168.104.1 255.255.255.0 interface GigabitEthernet1/2 no ip address media-type rj45 switchport switchport trunk encapsulation dot1q switchport mode trunk service-policy input upstream interface Vlan1 ip address 192.168.110.1 255.255.255.0 ip pim dense-mode ip igmp join-group 224.0.1.116 ip igmp static-group 224.0.1.116 interface Vlan2 description AP group 1 ip address 192.168.112.1 255.255.255.0 ip pim dense-mode ip igmp static-group 224.0.1.116 interface Vlan3 description AP group 2 28 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) ip address 192.168.113.1 255.255.255.0 ip pim dense-mode ip igmp static-group 224.0.1.116 interface Vlan100 ip address 192.168.111.1 255.255.255.0 ip pim dense-mode ip igmp static-group 224.0.1.116 ip classless no ip http server ip pim rp-address 33.33.33.33 control-plane line con 0 line vty 0 4 password cisco login end Cat6503-E# PN: 1725-36045-001_E.doc 29

Example Configuration File for WLSM version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption hostname wlsm enable password cisco username cisco password 0 cisco spd headroom 512 aaa new-model aaa authentication login leap-devices group radius aaa authentication login client-auth group radius aaa session-id common ip subnet-zero ip tftp source-interface Ethernet0/0.100 no ip domain lookup wlan vlan 100 ipaddr 192.168.111.2 255.255.255.0 gateway 192.168.111.1 admin ip classless ip route 0.0.0.0 0.0.0.0 192.168.111.1 ip http server no ip http secure-server logging snmp-trap emergencies 30 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) logging snmp-trap alerts logging snmp-trap critical logging snmp-trap errors logging snmp-trap warnings no cdp run radius-server host 192.168.110.7 auth-port 1645 acctport 1646 radius-server key spectralink wlccp authentication-server infrastructure leap-devices wlccp authentication-server client any client-auth line con 0 password cisco transport preferred all transport output all line 1 3 no exec transport preferred all transport input all transport output all flowcontrol software line vty 0 4 password cisco transport preferred all transport input all transport output all end PN: 1725-36045-001_E.doc 31

Example Configuration File for 2940 Switch version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption hostname Switch enable secret 5 $1$nJJr$yba1.cqtPZvuk91xKLuQ01 ip subnet-zero vtp mode transparent spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id vlan 2-3 interface FastEthernet0/1 switchport access vlan 2 switchport mode access interface FastEthernet0/2 switchport access vlan 2 switchport mode access interface FastEthernet0/3 interface FastEthernet0/4 interface FastEthernet0/5 interface FastEthernet0/6 32 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) interface FastEthernet0/7 switchport access vlan 3 switchport mode access interface FastEthernet0/8 switchport access vlan 3 switchport mode access interface GigabitEthernet0/1 switchport mode trunk interface Vlan1 ip address 192.168.110.2 255.255.255.0 no ip route-cache ip default-gateway 192.168.110.1 ip http server line con 0 password cisco login line vty 0 4 password cisco login line vty 5 15 login end PN: 1725-36045-001_E.doc 33

Example Configuration File for 1130 AP Building configuration... Current configuration : 5525 bytes version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption hostname ap enable secret 5 $1$HhzS$AETmoXfrVtIvD6SqHanZi. ip subnet-zero aaa new-model aaa group server radius rad_eap server 192.168.110.7 auth-port 1645 acct-port 1646 aaa group server radius rad_mac aaa group server radius rad_acct aaa group server radius rad_admin server 192.168.110.7 auth-port 1645 acct-port 1646 cache expiry 1 cache authorization profile admin_cache cache authentication profile admin_cache aaa group server tacacs+ tac_admin cache expiry 1 cache authorization profile admin_cache cache authentication profile admin_cache aaa group server radius rad_pmip 34 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) aaa group server radius dummy aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authorization exec default local aaa accounting network acct_methods start-stop group rad_acct aaa cache profile admin_cache all aaa session-id common dot11 ssid ADG vlan 2 authentication open authentication key-management wpa mobility network-id 11 wpa-psk ascii 7 03267E28575D72181B5F4E dot11 ssid BBK vlan 1 authentication open authentication key-management wpa mobility network-id 10 wpa-psk ascii 7 0529232C701E1D5D4C5340 dot11 ssid FSR vlan 3 authentication open eap eap_methods authentication network-eap eap_methods authentication key-management cckm mbssid guest-mode dtim-period 3 mobility network-id 12 information-element ssidl dot11 priority-map avvid dot11 phone power inline negotiation prestandard source username Cisco password 7 0802455D0A16 class-map match-all _class_srp0 PN: 1725-36045-001_E.doc 35

match ip protocol 119 class-map match-all _class_srp-up0 match ip protocol 119 policy-map SRP class _class_srp0 set cos 6 policy-map SRP-UP class _class_srp-up0 set cos 5 bridge irb interface Dot11Radio0 no ip address no ip route-cache encryption mode ciphers aes-ccm encryption vlan 1 mode ciphers aes-ccm encryption vlan 3 mode ciphers tkip encryption vlan 2 mode ciphers tkip ssid ADG ssid BBK ssid FSR no short-slot-time traffic-class background cw-min 5 cw-max 10 fixed-slot 7 traffic-class best-effort cw-min 5 cw-max 10 fixed-slot 3 traffic-class video cw-min 4 cw-max 5 fixed-slot 3 traffic-class voice cw-min 0 cw-max 0 fixed-slot 2 speed 1.0 2.0 5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 power local cck -1 power local ofdm -1 36 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) power client -1 packet retries 20 no preamble-short channel 2417 station-role root rts retries 20 beacon dtim-period 3 no dot11 qos mode dot11 qos class video transmit-op 0 dot11 qos class voice transmit-op 0 no dot11 extension aironet interface Dot11Radio0.1 encapsulation dot1q 1 native service-policy input SRP service-policy output SRP-UP no ip route-cache bridge-group 1 bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled interface Dot11Radio0.2 encapsulation dot1q 2 service-policy input SRP service-policy output SRP-UP no ip route-cache bridge-group 2 bridge-group 2 block-unknown-source no bridge-group 2 source-learning no bridge-group 2 unicast-flooding bridge-group 2 spanning-disabled interface Dot11Radio0.3 encapsulation dot1q 3 service-policy input SRP service-policy output SRP-UP no ip route-cache bridge-group 3 PN: 1725-36045-001_E.doc 37

bridge-group 3 block-unknown-source no bridge-group 3 source-learning no bridge-group 3 unicast-flooding bridge-group 3 spanning-disabled interface Dot11Radio1 no ip address no ip route-cache shutdown traffic-class voice cw-min 0 cw-max 0 fixed-slot 2 speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 station-role root no dot11 qos mode dot11 qos class voice transmit-op 1504 bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled interface FastEthernet0 no ip address no ip route-cache duplex auto speed auto interface FastEthernet0.1 encapsulation dot1q 1 native no ip route-cache bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled interface FastEthernet0.2 encapsulation dot1q 2 no ip route-cache bridge-group 2 no bridge-group 2 source-learning bridge-group 2 spanning-disabled 38 PN: 1725-36045-001_E.doc

Cisco: 1100, 1200 and 1300 Series APs using the Wireless LAN Services Module (WLSM) interface FastEthernet0.3 encapsulation dot1q 3 no ip route-cache bridge-group 3 no bridge-group 3 source-learning bridge-group 3 spanning-disabled interface BVI1 ip address 192.168.113.2 255.255.255.0 no ip route-cache ip default-gateway 192.168.113.1 ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/he lp/eag ip radius source-interface BVI1 radius-server attribute 32 include-in-access-req format %h radius-server host 192.168.110.7 auth-port 1645 acctport 1646 key 7 13160717081 8162B272D2638 radius-server vsa send accounting control-plane bridge 1 route ip wlccp ap username spectralink password 7 071C31494D1D0B041B1B0507 wlccp ap wds ip address 192.168.111.2 line con 0 transport preferred all transport output all line vty 0 4 transport preferred all transport input all transport output all line vty 5 15 transport preferred all transport input all PN: 1725-36045-001_E.doc 39

transport output all end 40 PN: 1725-36045-001_E.doc

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback