Ciao ragazzi, da qualche giorno mi trovo a configurare un nuovo access point air1200 per inserirlo in una struttura WDS.
Questa è la conf del router wds, ! version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname NOMEAP ! enable secret 5 PASSWORDDEFINITA ! ip subnet-zero no ip domain lookup ! ! aaa new-model ! ! aaa group server radius rad_eap server 10.172.4.161 auth-port 1812 acct-port 1813 ! aaa group server radius infrastructure_AP server 10.172.4.161 auth-port 1812 acct-port 1813 ! aaa group server radius mac_auth server 10.172.4.161 auth-port 1812 acct-port 1813 ! aaa authentication login method_infrastructure group infrastructure_AP aaa authentication login mac_methods group mac_auth aaa authentication login method_dual_mode group rad_eap aaa authorization exec default local aaa accounting network acct_methods start-stop group rad_acct aaa session-id common dot11 mbssid dot11 vlan-name dual-mode vlan 110 ! dot11 ssid SSID1 vlan 1 authentication open mac-address mac_method mbssid guest-mode ! dot11 ssid SSID2 vlan 110 authentication network-eap eap_methods authentication key-management wpa cckm mbssid guest-mode ! dot11 network-map ! ! username Cisco password 7 PASSWORDDEFINITA ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache shutdown ! encryption vlan 110 mode ciphers tkip ! ssid SSID1 ! ssid SSID2 ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 no preamble-short channel 2437 station-role root ! interface Dot11Radio0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio0.110 encapsulation dot1Q 110 no ip route-cache bridge-group 110 bridge-group 110 subscriber-loop-control bridge-group 110 block-unknown-source no bridge-group 110 source-learning no bridge-group 110 unicast-flooding bridge-group 110 spanning-disabled ! interface FastEthernet0 no ip address no ip route-cache speed auto full-duplex ! interface FastEthernet0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface FastEthernet0.110 encapsulation dot1Q 110 no ip route-cache bridge-group 110 no bridge-group 110 source-learning bridge-group 110 spanning-disabled ! interface BVI1 ip address 10.172.4.161 255.255.255.0 no ip route-cache ! ip default-gateway 10.172.4.8 ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius source-interface BVI1 ! radius-server local nas 10.172.4.161 key 7 107D20382128312325320B181707 user 00a0f835c509 nthash 7 123A2146312F5B55090F777A15147A4555475524040B0F75055C5241477A7A0700 user 000e84de2f5b nthash 7 096A1E503C50334A5B2F5C0C09757B6A107B3126475B56030D0907065C554E357F user 00a0f84231f4 nthash 7 13244547582A257A0F057A6663044523305254057D0004022A214C4F7C7D767200 user 00a0f8341df5 nthash 7 15405B2E517B78737F1767723651475051060F080A042A534D440A000E04057770 user 00a0f835d1ee nthash 7 106B5E40524E435E2A570B0D057E6613754257455320077B7A040756253E420B7B user 00a0f8446915 nthash 7 072E701B195C4B204E345E285208087679616304415447205204080E7005585048 user 00a0f84465f6 nthash 7 065F2A006D172B4C504F33535A550978770C6364744B5342225901010905725E55 user 001a731f348e nthash 7 101C2B415036302E2927087D700E666C76445747265173007D07015C203C33017D user 001302bdc7a2 nthash 7 096F16593A51324B5A2851080A7D786464753021355522707B0B070C285A4C4600 user 0015de3f34f8 nthash 7 09191D5B4D2632472E2E27720E737E621073412645222073080D70705D5641330E user 0015de3f34ac nthash 7 055C235E74696A2D495D3144282850097E767B6565713125435252020A0870715E user 0017230086a9 nthash 7 047D5E525A7569175C3D233537282D217A09727F6365043621302555737A7A0001 user 00a0f8345fba nthash 7 124B544F445C585D0F7D007C6267014023325A23040A090B772B22414F0A087471 user 00a0f832724c nthash 7 005D4323257F5B222C001C195B3D5D4444292A55080F720A10160143574726240F user test_AP nthash 7 PASSWORDDEFINITA user PLUTO nthash 7 PASSWORDDEFINITA ! radius-server attribute 32 include-in-access-req format %h radius-server host 10.172.4.161 auth-port 1812 acct-port 1813 key 7 PASSWORDDEFINITA radius-server vsa send accounting ! control-plane ! bridge 1 route ip ! ! wlccp authentication-server infrastructure method_infrastructure wlccp authentication-server client mac mac_methods ssid SSID1 wlccp authentication-server client leap method_dual_mode ssid SSID2 wlccp wds priority 200 interface BVI1 ! line con 0 line vty 5 15 ! end I client si collegano alla ssid2, con chiave, però non gli viene distribuito l'ip, mentre se provano da uno degli ap già configurati funziona tutto. Nell'accessPoint "nuovo" ho eseguita questa configurazione, ! version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname NOMEAP2 ! enable secret 5 PASSWORDDEFINITA ! username Cisco password 7 PASSWORDDEFINITA username 00a0f835c509 password 7 1447420A5C027278712B66657B username 00a0f835c509 autocommand exit username 000e84de2f5b password 7 101E5949004F460F09562C7E26 username 000e84de2f5b autocommand exit username 00a0f84231f4 password 7 101E591855114A5F5E577B2D70 username 00a0f84231f4 autocommand exit username 00a0f8341df5 password 7 040B5B075F27141D5D48011147 username 00a0f8341df5 autocommand exit username 00a0f835d1ee password 7 014356050B0D5E5C74481F0C1C username 00a0f835d1ee autocommand exit username 00a0f8446915 password 7 00544307545D53525B77151F5C username 00a0f8446915 autocommand exit username 001a731f348e password 7 075F711D4F5E4A5411415F5401 username 001a731f348e autocommand exit username 001302bdc7a2 password 7 01435655085B540D254F19084B username 001302bdc7a2 autocommand exit username 00a0f84465f6 password 7 1159490447145358507C7E227E username 00a0f84465f6 autocommand exit username 0015de3f34ac password 7 1159495442160E5F02797F252B username 0015de3f34ac autocommand exit username 0015de3f34f8 password 7 091C1E584C0112410D5F502C73 username 0015de3f34f8 autocommand exit username 0019d21144bf password 7 0256540A52025D701D1A5D1B03 username 0019d21144bf autocommand exit username 0013fd43f9fb password 7 01435655080D025B724A170F1B username 0013fd43f9fb autocommand exit username 0017230086a9 password 7 1447425A5B56797B747065347B username 0017230086a9 autocommand exit username 00a0f8345fba password 7 12495516420D54577E7E222A32 username 00a0f8345fba autocommand exit username 00a0f832724c password 7 12495516420D5457787C767C30 username 00a0f832724c autocommand exit username 0015de3f3495 password 7 06565F70194A0C4A0344465259 username 0015de3f3495 autocommand exit username 0015de3f34ee password 7 03540B5A530B241F485A4D0012 username 0015de3f34ee autocommand exit username 0015de3f3522 password 7 03540B5A530B241F485A4C5745 username 0015de3f3522 autocommand exit username 0015de3f34ef password 7 0256540A5E020A724A1D5D1C03 username 0015de3f34ef autocommand exit username 0015de3f34e2 password 7 040B5B575A25491D0F4A511240 username 0015de3f34e2 autocommand exit username 0015de3f3494 password 7 1159495442160E5F02797F7D7C username 0015de3f3494 autocommand exit username 0015de3f3491 password 7 040B5B575A25491D0F4A514E43 username 0015de3f3491 autocommand exit username 004096b587b4 password 7 091C1E5D495C41105E5453287F username 004096b587b4 autocommand exit ip subnet-zero ! ! aaa new-model ! ! aaa group server radius rad_eap ! aaa group server radius rad_mac ! aaa group server radius rad_acct ! aaa group server radius rad_admin ! aaa group server tacacs+ tac_admin ! aaa group server radius rad_pmip ! aaa group server radius dummy ! aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authorization exec default local aaa accounting network acct_methods start-stop group rad_acct aaa session-id common dot11 mbssid dot11 vlan-name voce vlan 110 ! dot11 ssid SSID1 vlan 1 authentication open mac-address mac_methods mbssid guest-mode ! dot11 ssid SSID2 vlan 110 authentication network-eap eap_methods authentication key-management wpa cckm mbssid guest-mode ! dot11 network-map ! ! ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 110 mode ciphers tkip ! ssid SSID1 ! ssid SSID2 ! short-slot-time speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0 no preamble-short channel 2437 station-role root antenna receive right antenna transmit right no dot11 extension aironet ! interface Dot11Radio0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio0.110 encapsulation dot1Q 110 no ip route-cache bridge-group 110 bridge-group 110 subscriber-loop-control bridge-group 110 block-unknown-source no bridge-group 110 source-learning no bridge-group 110 unicast-flooding bridge-group 110 spanning-disabled ! interface FastEthernet0 no ip address no ip route-cache speed auto full-duplex ! interface FastEthernet0.1 encapsulation dot1Q 1 native no ip route-cache bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled ! interface FastEthernet0.110 encapsulation dot1Q 110 no ip route-cache bridge-group 110 no bridge-group 110 source-learning bridge-group 110 spanning-disabled ! interface BVI1 ip address 10.172.4.168 255.255.255.0 no ip route-cache ! ip default-gateway 10.172.4.8 ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius source-interface BVI1 ! logging snmp-trap emergencies logging snmp-trap alerts logging snmp-trap critical logging snmp-trap errors logging snmp-trap warnings radius-server local ! radius-server attribute 32 include-in-access-req format %h radius-server vsa send accounting ! control-plane ! bridge 1 route ip ! ! wlccp ap username test_AP password 7 PASSWORDDEFINITA ! line con 0 transport preferred all transport output all line vty 0 4 transport preferred all transport input all transport output all line vty 5 15 transport preferred all transport input all transport output all ! end Non capisco se dimentico qualcosa ma non mi sembra..... _______________________________________________ Cug mailing list http://www.areanetworking.it/index_docs.php [email protected] http://ml.areanetworking.it/mailman/listinfo/cug
