[c-nsp] Access Point & 2 SSID's Trunked to Vlan's
Tom Storey
tom at snnap.net
Wed Dec 5 19:23:37 EST 2007
> Hello,
>
> I'm new to using access points and what I would like to do is setup an
> 1131ag with a trunk to a 2960 switch, then have two different ssid's which
> would be mapped to two different vlan's on the 2960. Does anyone have an
> example config for something like this?
>
> Thanks,
> Dan.
This is the config Im currently using between a 3524XL and 1242AG, the
config should be fairly similar if not exactly the same for a 1131AG.
Switch port:
interface FastEthernet0/4
description ** Trunk to Fa0 on ap1 **
duplex full
speed 100
switchport trunk encapsulation dot1q
switchport multi vlan 3,5
switchport mode trunk
!
AP specifics:
dot11 vlan-name open-vlan vlan 5
dot11 vlan-name closed-vlan vlan 3
!
dot11 ssid open-wlan
vlan open-vlan
authentication open
mbssid guest-mode
!
dot11 ssid closed-wlan
vlan closed-vlan
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii xxxxxxxxxx
!
bridge irb
!
interface Dot11Radio0
description ** 802.11b/g Radio **
no ip address
no ip route-cache
load-interval 30
!
encryption vlan closed-vlan mode ciphers aes-ccm
!
ssid open-wlan
!
ssid closed-wlan
!
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0
36.0 48.0 54.0
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.3
encapsulation dot1Q 3
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
!
interface Dot11Radio0.5
encapsulation dot1Q 5
no ip route-cache
bridge-group 5
bridge-group 5 subscriber-loop-control
bridge-group 5 block-unknown-source
no bridge-group 5 source-learning
no bridge-group 5 unicast-flooding
bridge-group 5 spanning-disabled
!
interface Dot11Radio1
description ** 802.11a Radio **
no ip address
no ip route-cache
load-interval 30
!
encryption vlan closed-vlan mode ciphers aes-ccm
!
ssid open-wlan
!
ssid closed-wlan
!
no dfs band block
mbssid
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
channel dfs
station-role root
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.3
encapsulation dot1Q 3
no ip route-cache
bridge-group 3
bridge-group 3 subscriber-loop-control
bridge-group 3 block-unknown-source
no bridge-group 3 source-learning
no bridge-group 3 unicast-flooding
bridge-group 3 spanning-disabled
!
interface Dot11Radio1.5
encapsulation dot1Q 5
no ip route-cache
bridge-group 5
bridge-group 5 subscriber-loop-control
bridge-group 5 block-unknown-source
no bridge-group 5 source-learning
no bridge-group 5 unicast-flooding
bridge-group 5 spanning-disabled
!
interface FastEthernet0
description ** Trunk to Fa0/4 on sw1 **
no ip address
no ip route-cache
load-interval 30
speed 100
full-duplex
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
hold-queue 160 in
!
interface FastEthernet0.3
encapsulation dot1Q 3
no ip route-cache
bridge-group 3
no bridge-group 3 source-learning
bridge-group 3 spanning-disabled
!
interface FastEthernet0.5
encapsulation dot1Q 5
no ip route-cache
bridge-group 5
no bridge-group 5 source-learning
bridge-group 5 spanning-disabled
!
interface BVI1
description ** Management Interface **
ip address 172.25.84.8 255.255.255.240
no ip route-cache
!
bridge 1 route ip
!
More information about the cisco-nsp
mailing list