Sample of Cisco 1200 Access Point
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname chicagotech_3
!
!
clock timezone S -6
clock summer-time S recurring
ip subnet-zero
ip domain name chicagtech.net
!
!
aaa new-model
!
!
aaa group server radius rad_eap
server 10.0.0.12 auth-port 1645 acct-port 1646
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
dot11 vlan-name chicagotech vlan 1
dot11 vlan-name PUBLIC vlan 300
dot11 vlan-name STUDENT vlan 200
dot11 vlan-name TEACHER vlan 100
dot11 vlan-name WIRELESSTRUNK vlan 600
!
dot11 ssid Wireless
vlan 1
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
!
dot11 ssid Public
vlan 300
authentication open
guest-mode
!
dot11 ssid Student
vlan 200
authentication open
authentication key-management wpa
wpa-psk ascii 7 xxx
!
dot11 ssid Teacher
vlan 100
authentication open
authentication key-management wpa
wpa-psk ascii 7 xxx
!
dot11 arp-cache
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 100 mode ciphers aes-ccm
!
encryption vlan 200 mode ciphers aes-ccm tkip
!
encryption vlan 1 mode ciphers tkip
!
ssid Wireless
!
ssid Public
!
ssid Student
!
ssid Teacher
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0
48.0 54.0
no power client local
station-role root access-point
no dot11 extension aironet
no cdp enable
!
interface Dot11Radio0.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.100
encapsulation dot1Q 100
no ip route-cache
bridge-group 100
bridge-group 100 subscriber-loop-control
bridge-group 100 block-unknown-source
no bridge-group 100 source-learning
no bridge-group 100 unicast-flooding
bridge-group 100 spanning-disabled
!
interface Dot11Radio0.200
encapsulation dot1Q 200
no ip route-cache
bridge-group 200
bridge-group 200 subscriber-loop-control
bridge-group 200 block-unknown-source
no bridge-group 200 source-learning
no bridge-group 200 unicast-flooding
bridge-group 200 spanning-disabled
!
interface Dot11Radio0.300
encapsulation dot1Q 300
no ip route-cache
bridge-group 255
bridge-group 255 subscriber-loop-control
bridge-group 255 block-unknown-source
no bridge-group 255 source-learning
no bridge-group 255 unicast-flooding
bridge-group 255 spanning-disabled
!
interface Dot11Radio0.600
encapsulation dot1Q 600 native
no ip route-cache
bridge-group 254
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
hold-queue 160 in
!
interface FastEthernet0.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.100
encapsulation dot1Q 100
no ip route-cache
bridge-group 100
no bridge-group 100 source-learning
bridge-group 100 spanning-disabled
!
interface FastEthernet0.200
encapsulation dot1Q 200
no ip route-cache
bridge-group 200
no bridge-group 200 source-learning
bridge-group 200 spanning-disabled
!
interface FastEthernet0.300
encapsulation dot1Q 300
no ip route-cache
bridge-group 255
no bridge-group 255 source-learning
bridge-group 255 spanning-disabled
!
interface FastEthernet0.600
encapsulation dot1Q 600 native
no ip route-cache
bridge-group 254
no bridge-group 254 source-learning
bridge-group 254 spanning-disabled
!
interface BVI1
ip address 10.0.30.53 255.255.0.0
no ip route-cache
!
ip default-gateway 10.0.0.2
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
!
snmp-server view iso iso included
snmp-server community read-write view iso RW
snmp-server community read-only view iso RO
radius-server attribute 32 include-in-access-req format %h
radius-server host 10.0.0.12 auth-port 1645 acct-port 1646 key 7 xxx
radius-server vsa send accounting
!
control-plane
!
bridge 1 route ip
!
!
!
line con 0
terminal-type ansi
line vty 0 3
terminal-type ansi
line vty 4
line vty 5 15
!
sntp server 128.105.39.11
sntp broadcast client
end
Post your questions, comments, feedbacks and suggestions
Related Topics
Cisco
Router/Firewall Configuration Samples
Sample of Cisco 1310 Wireless Root Bridge
Sample of Cisco 1310 Non-Root Bridge
Configuration
|